Sourcefire VRT Rules Update

Date: 2013-10-15

This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 2946.

The format of the file is:

gid:sid <-> Default rule state <-> Message (rule group)

New Rules:


 * 1:28219 <-> DISABLED <-> BLACKLIST DNS request for known malware domain emupojyto.de - kazy (blacklist.rules)
 * 1:28216 <-> ENABLED <-> MALWARE-CNC Win.Trojan.BankerSpy variant connection (malware-cnc.rules)
 * 1:28232 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer javascript call method type confusion attempt (browser-ie.rules)
 * 1:28239 <-> ENABLED <-> MALWARE-CNC WIN.Trojan.Tuxido outbound commincation attempt (malware-cnc.rules)
 * 1:28235 <-> ENABLED <-> EXPLOIT-KIT Magnitude/Nuclear exploit kit landing page request (exploit-kit.rules)
 * 1:28224 <-> DISABLED <-> BLACKLIST DNS request for known malware domain uxocukahi.de - kazy (blacklist.rules)
 * 1:28222 <-> DISABLED <-> BLACKLIST DNS request for known malware domain okujytoce.de - kazy (blacklist.rules)
 * 1:28240 <-> ENABLED <-> OS-OTHER DLink DIR-100 User-Agent backdoor access attempt (os-other.rules)
 * 1:28220 <-> DISABLED <-> BLACKLIST DNS request for known malware domain iryseleba.de - kazy (blacklist.rules)
 * 1:28223 <-> DISABLED <-> BLACKLIST DNS request for known malware domain umyniloqa.de - kazy (blacklist.rules)
 * 1:28218 <-> DISABLED <-> BLACKLIST DNS request for known malware domain ehaqagaxa.de - kazy (blacklist.rules)
 * 1:28226 <-> DISABLED <-> BLACKLIST DNS request for known malware domain yqaqysuxo.de - kazy (blacklist.rules)
 * 1:28229 <-> ENABLED <-> BLACKLIST DNS request for known malware domain top01.aaablog.biz (blacklist.rules)
 * 1:28230 <-> ENABLED <-> MALWARE-CNC Boot.Bootroot Variant data upload (malware-cnc.rules)
 * 1:28238 <-> ENABLED <-> EXPLOIT-KIT Multiple exploit kits malicious pdf download (exploit-kit.rules)
 * 1:28231 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer javascript call method type confusion attempt (browser-ie.rules)
 * 1:28237 <-> ENABLED <-> EXPLOIT-KIT Magnitude/Nuclear exploit kit outbound pdf download attempt (exploit-kit.rules)
 * 1:28234 <-> ENABLED <-> MALWARE-CNC WIN.Trojan.Hdslogger outbound communication (malware-cnc.rules)
 * 1:28225 <-> DISABLED <-> BLACKLIST DNS request for known malware domain yjeqoxuce.de - kazy (blacklist.rules)
 * 1:28217 <-> DISABLED <-> BLACKLIST DNS request for known malware domain azureraca.de - kazy (blacklist.rules)
 * 1:28227 <-> ENABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 211 buffer overflow attempt (server-other.rules)
 * 1:28221 <-> DISABLED <-> BLACKLIST DNS request for known malware domain itejoxoto.de - kazy (blacklist.rules)
 * 1:28236 <-> ENABLED <-> EXPLOIT-KIT Magnitude/Nuclear exploit kit landing page (exploit-kit.rules)
 * 1:28228 <-> DISABLED <-> SERVER-WEBAPP Microsoft Interactive Training buffer overflow attempt (server-webapp.rules)
 * 1:28233 <-> ENABLED <-> EXPLOIT-KIT Blackholev2/Cool exploit kit payload download attempt (exploit-kit.rules)

Modified Rules:


 * 1:9798 <-> DISABLED <-> BROWSER-PLUGINS Panda ActiveScan PAVPZ.SOS.1 ActiveX clsid access (browser-plugins.rules)
 * 1:7601 <-> DISABLED <-> PUA-ADWARE Snoopware big brother v3.5.1 outbound connection - connect to keyserver (pua-adware.rules)
 * 1:27277 <-> DISABLED <-> FILE-IDENTIFY Trimble SketchUp file download request (file-identify.rules)
 * 1:28162 <-> DISABLED <-> FILE-OTHER Microsoft .NET XML digital signature denial of service attempt (file-other.rules)
 * 1:6379 <-> DISABLED <-> PUA-TOOLBARS Hijacker adbars runtime detection - search in toolbar (pua-toolbars.rules)
 * 1:6264 <-> DISABLED <-> PUA-ADWARE Hijacker gigatech superbar outbound connection - self update - movie (pua-adware.rules)
 * 1:6350 <-> DISABLED <-> PUA-ADWARE Hijacker richfind auto search redirect detection (pua-adware.rules)
 * 1:28084 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Hupigon variant connection (malware-cnc.rules)
 * 1:27637 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Syhcmd variant connection (malware-cnc.rules)
 * 1:5980 <-> DISABLED <-> PUA-TOOLBARS Trackware anwb toolbar runtime detection - display advertisement (pua-toolbars.rules)
 * 1:7906 <-> DISABLED <-> BROWSER-PLUGINS CDO.KnowledgeSearchFolder ActiveX clsid access (browser-plugins.rules)
 * 1:26386 <-> DISABLED <-> SERVER-OTHER Polycom HDX authorization bypass attempt (server-other.rules)
 * 1:6191 <-> DISABLED <-> PUA-TOOLBARS Trackware onetoolbar runtime detection (pua-toolbars.rules)
 * 1:28075 <-> ENABLED <-> MALWARE-CNC Win.Trojan.gzfw connection (malware-cnc.rules)
 * 1:4911 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Repository Type Library ActiveX object access (browser-plugins.rules)
 * 1:7210 <-> DISABLED <-> OS-WINDOWS DCERPC NCADG-IP-UDP srvsvc NetrPathCanonicalize overflow attempt (os-windows.rules)
 * 1:27941 <-> ENABLED <-> SERVER-OTHER HP ProCurve Manager SNAC UpdateDomainControllerServlet directory traversal attempt (server-other.rules)
 * 1:8066 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Scripting Host Shell ActiveX clsid access (browser-plugins.rules)
 * 1:6351 <-> DISABLED <-> PUA-ADWARE Hijacker adblock update detection (pua-adware.rules)
 * 1:27193 <-> DISABLED <-> SERVER-OTHER Kerberos KDC null pointer dereference denial of service attempt (server-other.rules)
 * 1:27646 <-> ENABLED <-> SERVER-OTHER HP LeftHand Virtual SAN hydra login request buffer overflow attempt (server-other.rules)
 * 1:27194 <-> DISABLED <-> SERVER-OTHER Kerberos KDC null pointer dereference denial of service attempt (server-other.rules)
 * 1:4982 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Adodb.Stream ActiveX object access (browser-plugins.rules)
 * 1:8783 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DAString.1 ActiveX clsid access (browser-plugins.rules)
 * 1:26553 <-> DISABLED <-> PUA-ADWARE Win.Adware.BProtector browser hijacker dll list download attempt (pua-adware.rules)
 * 1:7989 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WIA FileSystem USD ActiveX clsid access (browser-plugins.rules)
 * 1:6254 <-> DISABLED <-> PUA-TOOLBARS Trackware quicksearch toolbar runtime detection - redirect (pua-toolbars.rules)
 * 1:26994 <-> DISABLED <-> BROWSER-PLUGINS Oracle Javadoc generated frame replacement attempt (browser-plugins.rules)
 * 1:28039 <-> DISABLED <-> INDICATOR-COMPROMISE Suspicious .pw dns query (indicator-compromise.rules)
 * 1:7823 <-> DISABLED <-> PUA-ADWARE Adware whenu runtime detection - datachunksgz (pua-adware.rules)
 * 1:8797 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DAPath2.1 ActiveX function call access (browser-plugins.rules)
 * 1:26979 <-> DISABLED <-> FILE-IMAGE Oracle Outside In FlashPix image processing overflow attempt (file-image.rules)
 * 1:26764 <-> DISABLED <-> BROWSER-PLUGINS Oracle Java Web Start control launchapp ActiveX clsid access (browser-plugins.rules)
 * 1:5968 <-> DISABLED <-> PUA-ADWARE trackware searchinweb detection - redirect (pua-adware.rules)
 * 1:27022 <-> ENABLED <-> MALWARE-CNC Trojan.Netweird.A outbound communication (malware-cnc.rules)
 * 1:8005 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DiskManagement.Connection ActiveX clsid access (browser-plugins.rules)
 * 1:7488 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WMT Screen capture Filter ActiveX clsid access (browser-plugins.rules)
 * 1:3027 <-> DISABLED <-> NETBIOS SMB NT Trans NT CREATE andx SACL overflow attempt (netbios.rules)
 * 1:27797 <-> ENABLED <-> SERVER-WEBAPP CA Total Defense Suite UNCWS UnassignFunctionalRoles stored procedure SQL injection attempt (server-webapp.rules)
 * 1:7920 <-> DISABLED <-> BROWSER-PLUGINS DsPropertyPages.OU ActiveX clsid access (browser-plugins.rules)
 * 1:7486 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WMT Screen Capture Filter Task Page ActiveX clsid access (browser-plugins.rules)
 * 1:26488 <-> ENABLED <-> PROTOCOL-SCADA CODESYS Gateway-Server directory traversal attempt (protocol-scada.rules)
 * 1:6199 <-> DISABLED <-> PUA-ADWARE Hijacker smart search outbound connection - hijack/ads (pua-adware.rules)
 * 1:8397 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Office List 11.0 ActiveX clsid access (browser-plugins.rules)
 * 1:7589 <-> DISABLED <-> PUA-ADWARE Trickler urlblaze outbound connection - irc notification (pua-adware.rules)
 * 1:26795 <-> DISABLED <-> OS-MOBILE Android ANDR.Trojan.ZertSecurity apk download (os-mobile.rules)
 * 1:6377 <-> DISABLED <-> PUA-TOOLBARS Hijacker girafa toolbar - browser hijack (pua-toolbars.rules)
 * 1:6241 <-> DISABLED <-> PUA-ADWARE Adware lop runtime detection - ie autosearch hijack (pua-adware.rules)
 * 1:4226 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DocHost User Interface Handler ActiveX object access (browser-plugins.rules)
 * 1:5319 <-> DISABLED <-> OS-WINDOWS Microsoft Windows picture and fax viewer wmf arbitrary code execution attempt (os-windows.rules)
 * 1:27161 <-> DISABLED <-> SERVER-WEBAPP Dasdec unauthenticated information disclosure vulnerability (server-webapp.rules)
 * 1:27196 <-> DISABLED <-> SERVER-WEBAPP OpenEngine filepool.php remote file include attempt (server-webapp.rules)
 * 1:26443 <-> DISABLED <-> OS-MOBILE Android MDK encrypted information leak (os-mobile.rules)
 * 1:27686 <-> DISABLED <-> SERVER-WEBAPP ASPMForum SQL injection attempt (server-webapp.rules)
 * 1:8071 <-> DISABLED <-> PUA-ADWARE Hijacker findthewebsiteyouneed outbound connection - search hijack (pua-adware.rules)
 * 1:27948 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel rtMergeCells heap overflow attempt (file-office.rules)
 * 1:7535 <-> DISABLED <-> PUA-ADWARE Hijacker clearsearch variant outbound connection - pass information (pua-adware.rules)
 * 1:7138 <-> DISABLED <-> PUA-ADWARE Other-Technologies clicktrojan outbound connection - version check (pua-adware.rules)
 * 1:27841 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer 9 MutationEvent use after free attempt (browser-ie.rules)
 * 1:8800 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DAPair.1 ActiveX function call access (browser-plugins.rules)
 * 1:27265 <-> ENABLED <-> FILE-FLASH Adobe SWF heap buffer overflow attempt (file-flash.rules)
 * 1:7478 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WMT Interlacer ActiveX clsid access (browser-plugins.rules)
 * 1:28046 <-> DISABLED <-> OS-MOBILE Android fake iMessage app download (os-mobile.rules)
 * 1:6280 <-> DISABLED <-> PUA-ADWARE Hijacker sidefind outbound connection - cookie (pua-adware.rules)
 * 1:5959 <-> DISABLED <-> PUA-ADWARE Hijacker raxsearch detection - send search keywords to raxsearch (pua-adware.rules)
 * 1:26566 <-> DISABLED <-> INDICATOR-OBFUSCATION base64-encoded nop sled detected (indicator-obfuscation.rules)
 * 1:9643 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Media Player ASF marker object parsing buffer overflow attempt (os-windows.rules)
 * 1:26491 <-> DISABLED <-> SERVER-OTHER Nagios NRPE command execution attempt (server-other.rules)
 * 1:27725 <-> DISABLED <-> OS-MOBILE Android SMSAgent.C outbound SMTP communication (os-mobile.rules)
 * 1:8792 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DAPoint2.1 ActiveX clsid access (browser-plugins.rules)
 * 1:26559 <-> DISABLED <-> OS-OTHER DLink IP camera remote command execution vulnerability - access to vulnerable rtpd.cgi (os-other.rules)
 * 1:3025 <-> DISABLED <-> NETBIOS SMB-DS NT Trans NT CREATE unicode andx oversized Security Descriptor attempt (netbios.rules)
 * 1:8369 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WMIScriptUtils.WMIObjectBroker2.1 ActiveX clsid access (browser-plugins.rules)
 * 1:7016 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Object.Microsoft.DXTFilter ActiveX function call access (browser-plugins.rules)
 * 1:8027 <-> DISABLED <-> BROWSER-PLUGINS Microsoft WBEM Event Subsystem ActiveX clsid access (browser-plugins.rules)
 * 1:5761 <-> DISABLED <-> PUA-ADWARE Trickler bearshare outbound connection - ads popup (pua-adware.rules)
 * 1:27664 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Castov variant connection (malware-cnc.rules)
 * 1:7876 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Office Data Source Control 10.0 ActiveX clsid access (browser-plugins.rules)
 * 1:26595 <-> DISABLED <-> INDICATOR-OBFUSCATION javascript hex character extraction routine detected (indicator-obfuscation.rules)
 * 1:6004 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DT DDS Circular Auto Layout Logic 2 ActiveX object access (browser-plugins.rules)
 * 1:27798 <-> ENABLED <-> BROWSER-PLUGINS GE Intelligent Platforms Proficy HTML help ActiveX clsid access attempt (browser-plugins.rules)
 * 1:27623 <-> DISABLED <-> SERVER-OTHER Joomla media.php arbitrary file upload attempt (server-other.rules)
 * 1:5682 <-> DISABLED <-> NETBIOS SMB Session Setup unicode andx username overflow attempt (netbios.rules)
 * 1:3534 <-> DISABLED <-> FILE-IMAGE Mozilla GIF single packet heap overflow - NETSCAPE2.0 (file-image.rules)
 * 1:4156 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Media Player 7+ ActiveX object access (browser-plugins.rules)
 * 1:8037 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Swedish_Default Stemmer ActiveX clsid access (browser-plugins.rules)
 * 1:26552 <-> DISABLED <-> FILE-JAVA Oracle Java JRE reflection types public final field overwrite attempt (file-java.rules)
 * 1:4236 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WMI ASDI Extension ActiveX object access (browser-plugins.rules)
 * 1:8804 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DAMontage.1 ActiveX clsid access (browser-plugins.rules)
 * 1:8405 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer ActiveX clsid access (browser-plugins.rules)
 * 1:7437 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Frame Eater ActiveX clsid access (browser-plugins.rules)
 * 1:8846 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Agent Character Custom Proxy Class ActiveX clsid access (browser-plugins.rules)
 * 1:8810 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DAMatte.1 ActiveX clsid access (browser-plugins.rules)
 * 1:26485 <-> DISABLED <-> FILE-JAVA Oracle Java JRE reflection types public final field overwrite attempt (file-java.rules)
 * 1:27819 <-> DISABLED <-> SERVER-OTHER Microsoft SharePoint denial of service attempt (server-other.rules)
 * 1:7900 <-> DISABLED <-> BROWSER-PLUGINS AOL.UPFCtrl ActiveX clsid access (browser-plugins.rules)
 * 1:26393 <-> ENABLED <-> BROWSER-PLUGINS Microsoft Windows Messenger ActiveX function call access (browser-plugins.rules)
 * 1:7878 <-> DISABLED <-> BROWSER-PLUGINS AxMetaStream.MetaStreamCtl ActiveX clsid access (browser-plugins.rules)
 * 1:6482 <-> DISABLED <-> PUA-TOOLBARS Hijacker makemesearch toolbar runtime detection - get info (pua-toolbars.rules)
 * 1:6494 <-> DISABLED <-> PUA-ADWARE Adware yourenhancement runtime detection (pua-adware.rules)
 * 1:26849 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer superscript use after free attempt (browser-ie.rules)
 * 1:4181 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Smartcard Enrollment ActiveX object access (browser-plugins.rules)
 * 1:8836 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DABoolean.1 ActiveX function call access (browser-plugins.rules)
 * 1:27744 <-> DISABLED <-> BROWSER-PLUGINS BaoFeng Storm ActiveX control OnBeforeVideoDownload method buffer overflow attempt (browser-plugins.rules)
 * 1:27103 <-> ENABLED <-> FILE-MULTIMEDIA Apple QuickTime enof atom parsing heap buffer overflow attempt (file-multimedia.rules)
 * 1:6391 <-> DISABLED <-> PUA-ADWARE Adware esyndicate runtime detection - ads popup (pua-adware.rules)
 * 1:9651 <-> DISABLED <-> PUA-ADWARE Hijacker ricercadoppia outbound connection (pua-adware.rules)
 * 1:3159 <-> DISABLED <-> OS-WINDOWS DCERPC NCADG-IP-UDP ISystemActivator CoGetInstanceFromFile attempt (os-windows.rules)
 * 1:7890 <-> DISABLED <-> BROWSER-PLUGINS AOL.MemExpWz ActiveX clsid access (browser-plugins.rules)
 * 1:26515 <-> DISABLED <-> FILE-IDENTIFY maplet file attachment detected (file-identify.rules)
 * 1:27075 <-> DISABLED <-> SERVER-OTHER Novell NetIQ User Manager ldapagnt_eval remote code execution attempt (server-other.rules)
 * 1:26648 <-> DISABLED <-> FILE-OTHER Microsoft Windows uniscribe fonts parsing memory corruption attempt (file-other.rules)
 * 1:28024 <-> DISABLED <-> INDICATOR-OBFUSCATION Javascript obfuscation - seen in iframe injection (indicator-obfuscation.rules)
 * 1:7012 <-> DISABLED <-> BROWSER-PLUGINS Internet.PopupMenu.1 ActiveX function call access (browser-plugins.rules)
 * 1:26574 <-> DISABLED <-> BROWSER-PLUGINS Honeywell HscRemoteDeploy ActiveX control arbitrary HTA execution attempt (browser-plugins.rules)
 * 1:5694 <-> DISABLED <-> PUA-P2P Skype client setup get newest version attempt (pua-p2p.rules)
 * 1:8756 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.SpriteControl ActiveX clsid access (browser-plugins.rules)
 * 1:6686 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DXImageTransform.Microsoft.MMSpecialEffect2Inputs ActiveX clsid access (browser-plugins.rules)
 * 1:3026 <-> DISABLED <-> NETBIOS SMB NT Trans NT CREATE SACL overflow attempt (netbios.rules)
 * 1:8795 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DAPath2.1 ActiveX clsid access (browser-plugins.rules)
 * 1:28146 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Salgorea variant connection (malware-cnc.rules)
 * 1:26492 <-> ENABLED <-> FILE-IDENTIFY KingView KingMessage log file download request (file-identify.rules)
 * 1:5939 <-> DISABLED <-> PUA-TOOLBARS Trackware supreme toolbar runtime detection - get cfg (pua-toolbars.rules)
 * 1:7852 <-> DISABLED <-> PUA-ADWARE Trickler maxsearch outbound connection - advertisement (pua-adware.rules)
 * 1:4913 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Repository Workspace ActiveX object access (browser-plugins.rules)
 * 1:28099 <-> DISABLED <-> SERVER-OTHER CA Total Defense Suite UNCWS reGenerateReports/DeleteReports SQL injection attempt (server-other.rules)
 * 1:27687 <-> DISABLED <-> SERVER-WEBAPP ASPMForum SQL injection attempt (server-webapp.rules)
 * 1:27671 <-> DISABLED <-> FILE-FLASH Adobe Flash Player embedded JPG image height overflow attempt (file-flash.rules)
 * 1:8765 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DAView.1 ActiveX clsid access (browser-plugins.rules)
 * 1:9642 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Media Player ASF codec list object parsing buffer overflow attempt (os-windows.rules)
 * 1:27090 <-> DISABLED <-> FILE-OFFICE Microsoft Office eps filters memory corruption attempt (file-office.rules)
 * 1:8359 <-> DISABLED <-> PUA-ADWARE Hijacker yok supersearch outbound connection - target website display (pua-adware.rules)
 * 1:7190 <-> DISABLED <-> PUA-ADWARE Adware trustyfiles v3.1.0.1 runtime detection - host retrieval (pua-adware.rules)
 * 1:6374 <-> DISABLED <-> PUA-ADWARE Trickler spyblocs eblocs detection - get spyblpat.dat/spyblini.ini (pua-adware.rules)
 * 1:7144 <-> DISABLED <-> PUA-ADWARE Hijacker cool search outbound connection (pua-adware.rules)
 * 1:8827 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DADashStyle.1 ActiveX function call access (browser-plugins.rules)
 * 1:27119 <-> DISABLED <-> INDICATOR-OBFUSCATION multiple plugin version detection attempt (indicator-obfuscation.rules)
 * 1:27661 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Reabfrus variant connection (malware-cnc.rules)
 * 1:5943 <-> DISABLED <-> PUA-TOOLBARS Trackware supreme toolbar runtime detection - third party information collection (pua-toolbars.rules)
 * 1:26424 <-> DISABLED <-> FILE-IDENTIFY Metalink File file download request (file-identify.rules)
 * 1:4147 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer ActiveLabel ActiveX object access (browser-plugins.rules)
 * 1:5914 <-> DISABLED <-> PUA-TOOLBARS Hijacker locatorstoolbar runtime detection - configuration download (pua-toolbars.rules)
 * 1:26709 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint Viewer memory allocation code execution attempt (file-office.rules)
 * 1:27032 <-> DISABLED <-> OS-MOBILE Android Walkinwat / Wandt information leakage generic (os-mobile.rules)
 * 1:6344 <-> DISABLED <-> PUA-ADWARE Adware excite search bar runtime detection - config (pua-adware.rules)
 * 1:26800 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel style handling overflow attempt (file-office.rules)
 * 1:5974 <-> DISABLED <-> PUA-ADWARE hijacker smart finder detection - pop-up ads (pua-adware.rules)
 * 1:27816 <-> ENABLED <-> EXPLOIT-KIT Multiple exploit kit jar file download attempt (exploit-kit.rules)
 * 1:8055 <-> DISABLED <-> BROWSER-PLUGINS DirectAnimation.PathControl ActiveX function call access (browser-plugins.rules)
 * 1:27091 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Weavun variant outbound connection (malware-cnc.rules)
 * 1:8830 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DAColor.1 ActiveX function call access (browser-plugins.rules)
 * 1:27114 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agent.xii variant outbound connection (malware-cnc.rules)
 * 1:26500 <-> DISABLED <-> FILE-JAVA Oracle Java JRE reflection types public final field overwrite attempt (file-java.rules)
 * 1:7571 <-> DISABLED <-> PUA-TOOLBARS Hijacker linkspider search bar runtime detection - toolbar search (pua-toolbars.rules)
 * 1:4153 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Eyedog ActiveX object access (browser-plugins.rules)
 * 1:9793 <-> DISABLED <-> BROWSER-PLUGINS YMMAPI.YMailAttach ActiveX clsid access (browser-plugins.rules)
 * 1:5981 <-> DISABLED <-> PUA-TOOLBARS Hijacker seeqtoolbar runtime detection - autosearch hijack or search in toolbar (pua-toolbars.rules)
 * 1:27185 <-> DISABLED <-> FILE-FLASH Adobe Flash Player malicious swf file download attempt (file-flash.rules)
 * 1:8377 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer Download Handler ActiveX clsid access (browser-plugins.rules)
 * 1:26497 <-> DISABLED <-> BROWSER-PLUGINS Siemens SIMATIC WinCC RegReader ActiveX vulnerable function access attempt (browser-plugins.rules)
 * 1:26908 <-> DISABLED <-> SERVER-WEBAPP TWiki search function remote code execution attempt (server-webapp.rules)
 * 1:26716 <-> ENABLED <-> FILE-JAVA Oracle Java font rendering remote code execution attempt (file-java.rules)
 * 1:27909 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CPhraseElement use after free attempt (browser-ie.rules)
 * 1:4146 <-> DISABLED <-> BROWSER-PLUGINS Share Point Portal Services Log Sink ActiveX object access (browser-plugins.rules)
 * 1:27212 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel style handling overflow attempt (file-office.rules)
 * 1:3018 <-> DISABLED <-> NETBIOS SMB NT Trans NT CREATE oversized Security Descriptor attempt (netbios.rules)
 * 1:27618 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer 6 usp10.dll Bengali font stack overrun attempt (browser-ie.rules)
 * 1:5883 <-> DISABLED <-> PUA-ADWARE Other-Technologies saria 1.0 outbound connection - send user information (pua-adware.rules)
 * 1:27527 <-> ENABLED <-> FILE-IMAGE Directshow GIF logical height overflow attempt (file-image.rules)
 * 1:6257 <-> DISABLED <-> PUA-ADWARE Adware searchsquire runtime detection - testgeonew query (pua-adware.rules)
 * 1:27029 <-> DISABLED <-> SERVER-WEBAPP Novell ZENworks Mobile Management mdm.php directory traversal attempt (server-webapp.rules)
 * 1:8746 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DAEvent.1 ActiveX function call access (browser-plugins.rules)
 * 1:4223 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer OpenCable Class ActiveX object access (browser-plugins.rules)
 * 1:27278 <-> DISABLED <-> FILE-OTHER Trimble SketchUp PICT color entries buffer overflow attempt (file-other.rules)
 * 1:26593 <-> DISABLED <-> SERVER-WEBAPP PHP htmlspecialchars htmlentities function buffer overflow attempt (server-webapp.rules)
 * 1:27919 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Zeus encrypted POST Data exfiltration (malware-cnc.rules)
 * 1:6256 <-> DISABLED <-> PUA-ADWARE Adware searchsquire installtime/auto-update (pua-adware.rules)
 * 1:7203 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word information string overflow attempt (file-office.rules)
 * 1:4643 <-> DISABLED <-> OS-WINDOWS Microsoft Windows malformed shortcut file buffer overflow attempt (os-windows.rules)
 * 1:2705 <-> DISABLED <-> FILE-IMAGE Microsoft Multiple Products JPEG parser heap overflow attempt (file-image.rules)
 * 1:27260 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Java.Agent.NFK variant connection (malware-cnc.rules)
 * 1:7864 <-> DISABLED <-> BROWSER-PLUGINS McSubMgr ActiveX CLSID access (browser-plugins.rules)
 * 1:8019 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Address Bar ActiveX clsid access (browser-plugins.rules)
 * 1:28161 <-> DISABLED <-> FILE-OTHER Microsoft .NET XML digital signature denial of service attempt (file-other.rules)
 * 1:26946 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Uptime RAT beacon (malware-cnc.rules)
 * 1:5747 <-> DISABLED <-> PUA-ADWARE Hijacker adultlinks outbound connection - log hits (pua-adware.rules)
 * 1:27736 <-> DISABLED <-> INDICATOR-OBFUSCATION Javascript obfuscation - split - seen in IFRAMEr Tool attack (indicator-obfuscation.rules)
 * 1:27529 <-> ENABLED <-> FILE-IMAGE Directshow GIF logical height overflow attempt (file-image.rules)
 * 1:7484 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WMT Sample Info Filter ActiveX clsid access (browser-plugins.rules)
 * 1:4908 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Repository Method Definition ActiveX object access (browser-plugins.rules)
 * 1:26592 <-> DISABLED <-> BROWSER-WEBKIT Apple Safari Webkit libxslt arbitrary file creation attempt (browser-webkit.rules)
 * 1:7566 <-> DISABLED <-> PUA-ADWARE Hijacker adshooter.searchforit outbound connection - redirector (pua-adware.rules)
 * 1:28132 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word remote code execution attempt (file-office.rules)
 * 1:27681 <-> DISABLED <-> SERVER-WEBAPP ASPMForum SQL injection attempt (server-webapp.rules)
 * 1:27731 <-> DISABLED <-> INDICATOR-COMPROMISE request for potential web shell - /inback.jsp (indicator-compromise.rules)
 * 1:7918 <-> DISABLED <-> BROWSER-PLUGINS CoAxTrackVideo Class ActiveX clsid access (browser-plugins.rules)
 * 1:27872 <-> ENABLED <-> BROWSER-PLUGINS HP LoadRunner WriteFileString ActiveX function call attempt (browser-plugins.rules)
 * 1:27920 <-> DISABLED <-> INDICATOR-OBFUSCATION Javascript obfuscation - split - seen in IFRAMEr Tool attack (indicator-obfuscation.rules)
 * 1:8424 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Forms 2.0 ListBox ActiveX function call access (browser-plugins.rules)
 * 1:5888 <-> DISABLED <-> PUA-ADWARE Hijacker shopnav outbound connection - ie auto search hijack (pua-adware.rules)
 * 1:27164 <-> DISABLED <-> SERVER-WEBAPP Dasdec unauthenticated information disclosure vulnerability (server-webapp.rules)
 * 1:26760 <-> DISABLED <-> OS-MOBILE Android Fakeinst device information leakage (os-mobile.rules)
 * 1:27836 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer AddOption use after free attempt (browser-ie.rules)
 * 1:4217 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Office Services on the Web Free/Busy ActiveX object access (browser-plugins.rules)
 * 1:27676 <-> ENABLED <-> FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption attempt (file-java.rules)
 * 1:28157 <-> DISABLED <-> BROWSER-PLUGINS Oracle Java XML digital signature spoofing attempt (browser-plugins.rules)
 * 1:5825 <-> DISABLED <-> PUA-ADWARE Adware broadcasturban tuner runtime detection - start tuner (pua-adware.rules)
 * 1:8812 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DAMatte.1 ActiveX function call access (browser-plugins.rules)
 * 1:8770 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DAVector3.1 ActiveX function call access (browser-plugins.rules)
 * 1:5917 <-> DISABLED <-> PUA-TOOLBARS Hijacker locatorstoolbar runtime detection - toolbar search (pua-toolbars.rules)
 * 1:9631 <-> DISABLED <-> BROWSER-PLUGINS Citrix.ICAClient ActiveX function call access (browser-plugins.rules)
 * 1:4141 <-> DISABLED <-> SERVER-OTHER tcpdump udp LDP print zero length message denial of service attempt (server-other.rules)
 * 1:27231 <-> DISABLED <-> OS-WINDOWS Microsoft Windows FlattenPath paged memory consumption privilege escalation attempt (os-windows.rules)
 * 1:7018 <-> DISABLED <-> BROWSER-PLUGINS Sysmon ActiveX function call access (browser-plugins.rules)
 * 1:3681 <-> DISABLED <-> PUA-P2P AOL Instant Messenger file receive attempt (pua-p2p.rules)
 * 1:8768 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DAVector3.1 ActiveX clsid access (browser-plugins.rules)
 * 1:7510 <-> DISABLED <-> PUA-ADWARE Trickler edonkey2000 outbound connection - version verification (pua-adware.rules)
 * 1:26418 <-> DISABLED <-> SERVER-WEBAPP HP System Management iprange parameter buffer overflow attempt (server-webapp.rules)
 * 1:5930 <-> DISABLED <-> PUA-ADWARE Adware cashbar runtime detection - pop-up ad 2 (pua-adware.rules)
 * 1:3073 <-> DISABLED <-> PROTOCOL-IMAP SUBSCRIBE literal overflow attempt (protocol-imap.rules)
 * 1:8767 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DAView.1 ActiveX function call access (browser-plugins.rules)
 * 1:3144 <-> DISABLED <-> OS-WINDOWS SMB Trans2 FIND_FIRST2 response andx overflow attempt (os-windows.rules)
 * 1:4903 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer VMR ImageSync 9 ActiveX object access (browser-plugins.rules)
 * 1:26711 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel malformed ftCMO record remote code execution attempt (file-office.rules)
 * 1:7888 <-> DISABLED <-> BROWSER-PLUGINS AOLFlash.AOLFlash ActiveX clsid access (browser-plugins.rules)
 * 1:27192 <-> DISABLED <-> SERVER-WEBAPP DM Albums album.php remote file include attempt (server-webapp.rules)
 * 1:8379 <-> DISABLED <-> BROWSER-PLUGINS Xml2Dex ActiveX clsid access (browser-plugins.rules)
 * 1:26664 <-> ENABLED <-> FILE-IMAGE BMP extremely large xpos opcodes (file-image.rules)
 * 1:7055 <-> DISABLED <-> PUA-ADWARE Hijacker vip01 biz outbound connection - adv (pua-adware.rules)
 * 1:26827 <-> DISABLED <-> OS-MOBILE Android ANDR.Trojan.Opfake device information disclosure attempt (os-mobile.rules)
 * 1:7581 <-> DISABLED <-> PUA-TOOLBARS Hijacker flashbar runtime detection - user-agent (pua-toolbars.rules)
 * 1:8419 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Explorer WebViewFolderIcon.WebViewFolderIcon.1 ActiveX function call (browser-plugins.rules)
 * 1:7051 <-> DISABLED <-> PUA-ADWARE Trickler generic downloader.g outbound connection - spyware injection (pua-adware.rules)
 * 1:6222 <-> DISABLED <-> PUA-ADWARE Adware delfin media viewer runtime detection - contact server (pua-adware.rules)
 * 1:26628 <-> DISABLED <-> FILE-OFFICE Microsoft Office Visio SVG external entity local file disclosure attempt (file-office.rules)
 * 1:8418 <-> DISABLED <-> BROWSER-PLUGINS DXImageTransform.Microsoft.RevealTrans ActiveX function call access (browser-plugins.rules)
 * 1:26706 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint Viewer memory allocation code execution attempt (file-office.rules)
 * 1:27097 <-> DISABLED <-> OS-MOBILE Android ANDR.Trojan.SMSSilence APK file download attempt (os-mobile.rules)
 * 1:4190 <-> DISABLED <-> BROWSER-PLUGINS Kodak Thumbnail Image ActiveX object access (browser-plugins.rules)
 * 1:3409 <-> DISABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP IActivation remoteactivation overflow attempt (os-windows.rules)
 * 1:459 <-> DISABLED <-> PROTOCOL-ICMP unassigned type 1 undefined code (protocol-icmp.rules)
 * 1:27094 <-> DISABLED <-> OS-MOBILE Android ANDR.Trojan.FakeToken information disclosure attempt (os-mobile.rules)
 * 1:27638 <-> DISABLED <-> SERVER-WEBAPP Hedgehog-CMS Directory traversal attempt (server-webapp.rules)
 * 1:5746 <-> DISABLED <-> PUA-ADWARE Hijacker adultlinks outbound connection - load url (pua-adware.rules)
 * 1:5971 <-> DISABLED <-> PUA-ADWARE hijacker smart finder detection - track hits (pua-adware.rules)
 * 1:7863 <-> DISABLED <-> BROWSER-PLUGINS Mcafee Security Center McSubMgr.IsOldAppInstalled ActiveX function call access (browser-plugins.rules)
 * 1:27168 <-> DISABLED <-> FILE-OTHER Microsoft Windows HLP File Handling heap overflow attempt (file-other.rules)
 * 1:8749 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DAEndStyle.1 ActiveX function call access (browser-plugins.rules)
 * 1:4647 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer javascript onload overflow attempt (browser-ie.rules)
 * 1:26499 <-> DISABLED <-> FILE-JAVA Oracle Java JRE reflection types public final field overwrite attempt (file-java.rules)
 * 1:9325 <-> DISABLED <-> SERVER-OTHER Citrix IMA DOS event data length denial of service attempt (server-other.rules)
 * 1:7569 <-> DISABLED <-> PUA-ADWARE Adware lordofsearch runtime detection (pua-adware.rules)
 * 1:7564 <-> DISABLED <-> PUA-ADWARE Hijacker startnow outbound connection (pua-adware.rules)
 * 1:8417 <-> DISABLED <-> BROWSER-PLUGINS TriEditDocument.TriEditDocument ActiveX function call access (browser-plugins.rules)
 * 1:4232 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer SysTray Invoker ActiveX object access (browser-plugins.rules)
 * 1:4151 <-> DISABLED <-> BROWSER-PLUGINS System Monitor Source Properties ActiveX object access (browser-plugins.rules)
 * 1:27571 <-> ENABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 235 buffer overflow attempt (server-other.rules)
 * 1:5975 <-> DISABLED <-> PUA-ADWARE hijacker topfive searchassistant detection - search request (pua-adware.rules)
 * 1:26389 <-> DISABLED <-> SERVER-OTHER BigAnt Document Service DUPF command arbitrary file upload attempt (server-other.rules)
 * 1:28131 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word remote code execution attempt (file-office.rules)
 * 1:6353 <-> DISABLED <-> PUA-ADWARE Hijacker adblock ie search assistant redirect detection (pua-adware.rules)
 * 1:26498 <-> DISABLED <-> BROWSER-PLUGINS Siemens SIMATIC WinCC RegReader ActiveX vulnerable function access attempt (browser-plugins.rules)
 * 1:27122 <-> ENABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 305 buffer overflow attempt (server-other.rules)
 * 1:7431 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectFrame.DirectControl.1 ActiveX clsid access (browser-plugins.rules)
 * 1:8794 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DAPoint2.1 ActiveX function call access (browser-plugins.rules)
 * 1:7448 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer ShotDetect ActiveX clsid access (browser-plugins.rules)
 * 1:28023 <-> DISABLED <-> INDICATOR-OBFUSCATION Javascript obfuscation - document - seen in IFRAMEr Tool attack (indicator-obfuscation.rules)
 * 1:7956 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Forms 2.0 ListBox ActiveX clsid access (browser-plugins.rules)
 * 1:3686 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer Content Advisor memory corruption attempt (browser-ie.rules)
 * 1:26421 <-> DISABLED <-> BROWSER-PLUGINS Metalink file download parameter buffer overflow attempt (browser-plugins.rules)
 * 1:6245 <-> DISABLED <-> PUA-ADWARE Hijacker coolwebsearch startpage outbound connection (pua-adware.rules)
 * 1:26928 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader X XML forms specially crafted RLE8 format BMP integer overflow attempt (file-pdf.rules)
 * 1:6376 <-> DISABLED <-> PUA-TOOLBARS Hijacker girafa toolbar - toolbar update (pua-toolbars.rules)
 * 1:8762 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.Sequence ActiveX clsid access (browser-plugins.rules)
 * 1:5762 <-> DISABLED <-> PUA-ADWARE Trickler bearshare outbound connection - p2p information request (pua-adware.rules)
 * 1:7123 <-> DISABLED <-> PUA-ADWARE Other-Technologies alfacleaner outbound connection - update (pua-adware.rules)
 * 1:27937 <-> ENABLED <-> SERVER-OTHER HP ProCurve Manager SNAC UpdateCertificatesServlet directory traversal attempt (server-other.rules)
 * 1:3074 <-> DISABLED <-> PROTOCOL-IMAP SUBSCRIBE overflow attempt (protocol-imap.rules)
 * 1:4208 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer LexRefStEsObject Class ActiveX object access (browser-plugins.rules)
 * 1:27158 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Eliseantry variant outbound connection (malware-cnc.rules)
 * 1:27683 <-> DISABLED <-> SERVER-WEBAPP ASPMForum SQL injection attempt (server-webapp.rules)
 * 1:7576 <-> DISABLED <-> PUA-TOOLBARS Hijacker starware toolbar runtime detection - hijack ie browser (pua-toolbars.rules)
 * 1:6009 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows RDS.Dataspace ActiveX object access (browser-plugins.rules)
 * 1:7578 <-> DISABLED <-> PUA-TOOLBARS Hijacker starware toolbar runtime detection - reference (pua-toolbars.rules)
 * 1:5925 <-> DISABLED <-> PUA-ADWARE Adware active shopper runtime detection - check (pua-adware.rules)
 * 1:27281 <-> DISABLED <-> FILE-OTHER Trimble SketchUp PICT color entries buffer overflow attempt (file-other.rules)
 * 1:4644 <-> DISABLED <-> OS-WINDOWS Microsoft Windows malformed shortcut file with comment buffer overflow attempt (os-windows.rules)
 * 1:8407 <-> DISABLED <-> BROWSER-PLUGINS VisualExec Control ActiveX clsid access (browser-plugins.rules)
 * 1:27530 <-> ENABLED <-> FILE-IMAGE Directshow GIF logical height overflow attempt (file-image.rules)
 * 1:28045 <-> ENABLED <-> MALWARE-CNC Win.Trojan.VBKrypt variant connection (malware-cnc.rules)
 * 1:26616 <-> DISABLED <-> INDICATOR-OBFUSCATION Javascript indexOf rename attempt (indicator-obfuscation.rules)
 * 1:6243 <-> DISABLED <-> PUA-ADWARE Hijacker coolwebsearch cameup outbound connection - home page hijack (pua-adware.rules)
 * 1:7880 <-> DISABLED <-> BROWSER-PLUGINS AxMetaStream.MetaStreamCtlSecondary ActiveX clsid access (browser-plugins.rules)
 * 1:28103 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel Workspace file FontCount record memory corruption attempt (file-office.rules)
 * 1:26794 <-> DISABLED <-> SERVER-WEBAPP HP Intelligent Management Center UAM acmServletDownload information disclosure attempt (server-webapp.rules)
 * 1:27970 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Zeus dropper variant connection (malware-cnc.rules)
 * 1:5835 <-> DISABLED <-> PUA-ADWARE Adware gamespy_arcade runtime detection (pua-adware.rules)
 * 1:8822 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DAGeometry.1 ActiveX clsid access (browser-plugins.rules)
 * 1:27014 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Epipenwa variant outbound connection (malware-cnc.rules)
 * 1:7004 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Internet.HHCtrl.1 ActiveX function call access (browser-plugins.rules)
 * 1:8090 <-> DISABLED <-> SERVER-WEBAPP HP Openview NNM freeIPaddrs.ovpl Unix command execution attempt (server-webapp.rules)
 * 1:27799 <-> ENABLED <-> BROWSER-PLUGINS GE Intelligent Platforms Proficy HTML help ActiveX function call attempt (browser-plugins.rules)
 * 1:26623 <-> DISABLED <-> BROWSER-IE Microsoft Windows Live Writer wlw protocol handler information disclosure attempt (browser-ie.rules)
 * 1:6212 <-> DISABLED <-> PUA-ADWARE Adware commonname runtime detection (pua-adware.rules)
 * 1:27575 <-> ENABLED <-> SERVER-APACHE Apache Struts arbitrary OGNL remote code execution attempt (server-apache.rules)
 * 1:6238 <-> DISABLED <-> PUA-ADWARE Adware lop runtime detection - collect info request 1 (pua-adware.rules)
 * 1:28202 <-> ENABLED <-> FILE-OTHER ATMFD Adobe font driver reserved command denial of service attempt (file-other.rules)
 * 1:8401 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Media Services DRM Storage ActiveX clsid access (browser-plugins.rules)
 * 1:27183 <-> DISABLED <-> FILE-FLASH Adobe Flash Player malicious swf file download attempt (file-flash.rules)
 * 1:5786 <-> DISABLED <-> PUA-ADWARE Adware hithopper runtime detection - redirect (pua-adware.rules)
 * 1:5758 <-> DISABLED <-> PUA-ADWARE Hijacker ezcybersearch outbound connection - download fastclick pop-under code (pua-adware.rules)
 * 1:7556 <-> DISABLED <-> PUA-ADWARE Hijacker blazefind outbound connection - search bar (pua-adware.rules)
 * 1:26801 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel style handling overflow attempt (file-office.rules)
 * 1:458 <-> DISABLED <-> PROTOCOL-ICMP unassigned type 1 (protocol-icmp.rules)
 * 1:3632 <-> DISABLED <-> FILE-IMAGE Microsoft Windows Bitmap width integer overflow attempt (file-image.rules)
 * 1:7825 <-> DISABLED <-> PUA-ADWARE Adware whenu.savenow runtime detection (pua-adware.rules)
 * 1:8782 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DATransform2.1 ActiveX function call access (browser-plugins.rules)
 * 1:9635 <-> DISABLED <-> SERVER-OTHER Computer Associates Product Discovery Service type 9B remote buffer overflow attempt UDP (server-other.rules)
 * 1:7600 <-> DISABLED <-> PUA-ADWARE Hijacker adtraffic outbound connection - notfound website search hijack and redirection (pua-adware.rules)
 * 1:27095 <-> DISABLED <-> OS-MOBILE Android ANDR.Trojan.FakeToken APK file download attempt (os-mobile.rules)
 * 1:7563 <-> DISABLED <-> PUA-ADWARE Adware morpheus runtime detection - ad 2 (pua-adware.rules)
 * 1:7435 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Dynamic Casts ActiveX clsid access (browser-plugins.rules)
 * 1:6246 <-> DISABLED <-> PUA-ADWARE Hijacker exact navisearch outbound connection - search hijack (pua-adware.rules)
 * 1:27966 <-> ENABLED <-> MALWARE-CNC Win.Backdoor.Chopper web shell connection (malware-cnc.rules)
 * 1:540 <-> DISABLED <-> POLICY-SOCIAL Microsoft MSN message (policy-social.rules)
 * 1:6006 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DT Icon Control ActiveX object access (browser-plugins.rules)
 * 1:27264 <-> ENABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 227 buffer overflow attempt (server-other.rules)
 * 1:4204 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DT PolyLine Control 2 ActiveX object access (browser-plugins.rules)
 * 1:7525 <-> DISABLED <-> PUA-TOOLBARS Trackware hotblox toolbar runtime detection - barad.asp request (pua-toolbars.rules)
 * 1:7833 <-> DISABLED <-> PUA-ADWARE Hijacker navexcel helper outbound connection - search (pua-adware.rules)
 * 1:28082 <-> DISABLED <-> OS-MOBILE Android ANDR.Trojan.Malapp APK file download attempt (os-mobile.rules)
 * 1:6252 <-> DISABLED <-> PUA-TOOLBARS Trackware quicksearch toolbar runtime detection - search request (pua-toolbars.rules)
 * 1:5982 <-> DISABLED <-> PUA-TOOLBARS Hijacker seeqtoolbar runtime detection - email login page (pua-toolbars.rules)
 * 1:8737 <-> DISABLED <-> BROWSER-PLUGINS BOWebAgent.Webagent.1 ActiveX function call access (browser-plugins.rules)
 * 1:5769 <-> DISABLED <-> PUA-ADWARE Hijacker begin2search outbound connection - play bingo ads (pua-adware.rules)
 * 1:5756 <-> DISABLED <-> PUA-ADWARE Hijacker ezcybersearch outbound connection - add coolsites to ie favorites (pua-adware.rules)
 * 1:7450 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Stetch ActiveX clsid access (browser-plugins.rules)
 * 1:27270 <-> DISABLED <-> SERVER-OTHER GuildFTPd CWD command heap overflow attempt (server-other.rules)
 * 1:28054 <-> DISABLED <-> FILE-OTHER VBScript potential executable write attempt (file-other.rules)
 * 1:5887 <-> DISABLED <-> PUA-ADWARE Hijacker shopnav outbound connection - ie search assistant hijack (pua-adware.rules)
 * 1:6359 <-> DISABLED <-> PUA-ADWARE Adware altnet runtime detection - initial retrieval (pua-adware.rules)
 * 1:5764 <-> DISABLED <-> PUA-ADWARE Hijacker begin2search outbound connection - fcgi query (pua-adware.rules)
 * 1:27921 <-> DISABLED <-> SERVER-ORACLE Oracle Endeca Server createDataStore remote command injection attempt (server-oracle.rules)
 * 1:26415 <-> ENABLED <-> PROTOCOL-SCADA CODESYS Gateway-Server directory traversal attempt (protocol-scada.rules)
 * 1:8011 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer English_US Stemmer ActiveX clsid access (browser-plugins.rules)
 * 1:5829 <-> DISABLED <-> PUA-ADWARE Trickler clipgenie outbound connection (pua-adware.rules)
 * 1:7439 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer HTML Help ActiveX clsid access (browser-plugins.rules)
 * 1:27280 <-> DISABLED <-> FILE-OTHER Trimble SketchUp PICT color entries buffer overflow attempt (file-other.rules)
 * 1:6184 <-> DISABLED <-> PUA-ADWARE Adware 180Search assistant runtime detection - config upload (pua-adware.rules)
 * 1:7995 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer clbcatq.dll ActiveX clsid access (browser-plugins.rules)
 * 1:6259 <-> DISABLED <-> PUA-ADWARE Adware searchsquire runtime detection - search forward (pua-adware.rules)
 * 1:7427 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Allocator Fix ActiveX clsid access (browser-plugins.rules)
 * 1:7129 <-> DISABLED <-> PUA-ADWARE Hijacker wowok mp3 bar outbound connection - advertising 2 (pua-adware.rules)
 * 1:7048 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel object record overflow attempt (file-office.rules)
 * 1:27214 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel style handling overflow attempt (file-office.rules)
 * 1:7824 <-> DISABLED <-> PUA-ADWARE Trickler whenu.clocksync outbound connection (pua-adware.rules)
 * 1:8709 <-> DISABLED <-> OS-WINDOWS Microsoft Windows NAT helper components tcp denial of service attempt (os-windows.rules)
 * 1:26662 <-> DISABLED <-> FILE-PDF PDF with click-to-launch executable (file-pdf.rules)
 * 1:7826 <-> DISABLED <-> PUA-ADWARE Trickler whenu.weathercast outbound connection - check (pua-adware.rules)
 * 1:26826 <-> DISABLED <-> OS-MOBILE Android ANDR.Trojan.Opfake credential theft attempt (os-mobile.rules)
 * 1:3032 <-> DISABLED <-> NETBIOS SMB-DS NT Trans NT CREATE unicode SACL overflow attempt (netbios.rules)
 * 1:5841 <-> DISABLED <-> PUA-ADWARE Trickler minibug outbound connection - retrieve weather information (pua-adware.rules)
 * 1:3683 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer spoofed MIME-Type auto-execution attempt (browser-ie.rules)
 * 1:8039 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer syncui.dll ActiveX clsid access (browser-plugins.rules)
 * 1:26688 <-> ENABLED <-> FILE-FLASH Adobe SWF malformed HTML text null dereference attempt (file-flash.rules)
 * 1:8013 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer French_French Stemmer ActiveX clsid access (browser-plugins.rules)
 * 1:6444 <-> DISABLED <-> OS-WINDOWS DCERPC NCADG-IP-UDP msdtc BuildContextW heap overflow attempt (os-windows.rules)
 * 1:5713 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Metafile invalid header size integer overflow (os-windows.rules)
 * 1:27283 <-> DISABLED <-> BROWSER-PLUGINS PPMate PPMPlayer.dll ActiveX clsid access (browser-plugins.rules)
 * 1:26783 <-> DISABLED <-> OS-MOBILE Android ANDR.Trojan.Opfake APK file download (os-mobile.rules)
 * 1:3038 <-> DISABLED <-> NETBIOS SMB-DS NT Trans NT CREATE DACL overflow attempt (netbios.rules)
 * 1:27036 <-> DISABLED <-> SERVER-OTHER Novell NetIQ User Manager modifyAccounts policy bypass attempt (server-other.rules)
 * 1:6216 <-> DISABLED <-> PUA-ADWARE Adware aornum/iwon copilot runtime detection - config (pua-adware.rules)
 * 1:26486 <-> DISABLED <-> FILE-JAVA Oracle Java JRE reflection types public final field overwrite attempt (file-java.rules)
 * 1:8833 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DACamera.1 ActiveX function call access (browser-plugins.rules)
 * 1:6388 <-> DISABLED <-> PUA-ADWARE Hijacker internet optimizer outbound connection - error page hijack (pua-adware.rules)
 * 1:7130 <-> DISABLED <-> PUA-ADWARE Hijacker wowok mp3 bar outbound connection - search assissant hijacking (pua-adware.rules)
 * 1:6232 <-> DISABLED <-> PUA-ADWARE Adware mirar runtime detection - thumbnail (pua-adware.rules)
 * 1:7976 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer ShellFolder for CD Burning ActiveX clsid access (browser-plugins.rules)
 * 1:7436 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Dynamic Casts ActiveX function call (browser-plugins.rules)
 * 1:5921 <-> DISABLED <-> PUA-TOOLBARS Trackware fftoolbar toolbar runtime detection - send user url request (pua-toolbars.rules)
 * 1:26989 <-> DISABLED <-> FILE-OTHER Multiple products ZIP archive virus detection bypass attempt (file-other.rules)
 * 1:6481 <-> DISABLED <-> PUA-ADWARE Hijacker cws.cameup outbound connection - search (pua-adware.rules)
 * 1:6345 <-> DISABLED <-> PUA-ADWARE Adware excite search bar runtime detection - search (pua-adware.rules)
 * 1:4213 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DDS Picture Shape Control ActiveX object access (browser-plugins.rules)
 * 1:4171 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Registration Wizard ActiveX object access (browser-plugins.rules)
 * 1:28127 <-> DISABLED <-> BROWSER-PLUGINS WibuKey Runtime ActiveX function call access (browser-plugins.rules)
 * 1:4173 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows MsnPUpld ActiveX object access (browser-plugins.rules)
 * 1:7444 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Mmedia.AsyncMHandler.1 ActiveX clsid access (browser-plugins.rules)
 * 1:27160 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Zeus variant outbound connection (malware-cnc.rules)
 * 1:27643 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Betabot variant connection (malware-cnc.rules)
 * 1:26710 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint Viewer memory allocation code execution attempt (file-office.rules)
 * 1:27272 <-> DISABLED <-> INDICATOR-OBFUSCATION Javascript obfuscation - fromCharCode (indicator-obfuscation.rules)
 * 1:6234 <-> DISABLED <-> PUA-ADWARE Adware mirar runtime detection - ads (pua-adware.rules)
 * 1:5843 <-> DISABLED <-> PUA-ADWARE Hijacker surfsidekick outbound connection - hijack ie auto search (pua-adware.rules)
 * 1:5861 <-> DISABLED <-> PUA-TOOLBARS Hijacker isearch runtime detection - toolbar information request (pua-toolbars.rules)
 * 1:6255 <-> DISABLED <-> PUA-TOOLBARS Trackware quicksearch toolbar runtime detection - update (pua-toolbars.rules)
 * 1:7029 <-> DISABLED <-> SERVER-IIS Microsoft Office FrontPage server extensions 2002 cross site scripting attempt (server-iis.rules)
 * 1:8821 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DAImage.1 ActiveX function call access (browser-plugins.rules)
 * 1:28083 <-> DISABLED <-> SERVER-WEBAPP Netgear DGN1000B setup.cgi cross site scripting attempt (server-webapp.rules)
 * 1:4178 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Office 2000 and 2002 Web Components Record Navigation Control ActiveX object access (browser-plugins.rules)
 * 1:5979 <-> DISABLED <-> PUA-TOOLBARS Trackware anwb toolbar runtime detection - track user ip address (pua-toolbars.rules)
 * 1:7841 <-> DISABLED <-> PUA-ADWARE Hijacker instafinder error redirect detection (pua-adware.rules)
 * 1:7950 <-> DISABLED <-> BROWSER-PLUGINS Microsoft DirectAnimation Control ActiveX clsid access (browser-plugins.rules)
 * 1:6349 <-> DISABLED <-> PUA-ADWARE Hijacker richfind update detection (pua-adware.rules)
 * 1:8017 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer ICM Class Manager ActiveX clsid access (browser-plugins.rules)
 * 1:4900 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Outlook Progress Ctl ActiveX object access (browser-plugins.rules)
 * 1:7575 <-> DISABLED <-> PUA-TOOLBARS Hijacker starware toolbar runtime detection - weather request (pua-toolbars.rules)
 * 1:6233 <-> DISABLED <-> PUA-ADWARE Adware mirar runtime detection - delayed (pua-adware.rules)
 * 1:5941 <-> DISABLED <-> PUA-TOOLBARS Trackware supreme toolbar runtime detection - track (pua-toolbars.rules)
 * 1:26650 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader javascript regex embedded sandbox escape attempt (file-pdf.rules)
 * 1:4230 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Search Assistant UI ActiveX object access (browser-plugins.rules)
 * 1:7143 <-> DISABLED <-> PUA-ADWARE Adware digink.com runtime detection (pua-adware.rules)
 * 1:5936 <-> DISABLED <-> PUA-ADWARE Hijacker dropspam outbound connection - side search (pua-adware.rules)
 * 1:8023 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Italian_Italian Stemmer ActiveX clsid access (browser-plugins.rules)
 * 1:26672 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word TextBox sub-document memory corruption attempt (file-office.rules)
 * 1:7456 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Wmm2fxa.dll ActiveX clsid access (browser-plugins.rules)
 * 1:4896 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer PSTypeLib ActiveX object access (browser-plugins.rules)
 * 1:4901 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer VMR Allocator Presenter 9 ActiveX object access (browser-plugins.rules)
 * 1:6420 <-> DISABLED <-> OS-WINDOWS DCERPC NCADG-IP-UDP msdtc BuildContextW invalid uuid size attempt (os-windows.rules)
 * 1:7978 <-> DISABLED <-> BROWSER-PLUGINS ShockwaveFlash.ShockwaveFlash ActiveX clsid access (browser-plugins.rules)
 * 1:7010 <-> DISABLED <-> BROWSER-PLUGINS HtmlDlgSafeHelper.HtmlDlgSafeHelper.1 ActiveX function call access (browser-plugins.rules)
 * 1:26904 <-> DISABLED <-> FILE-IDENTIFY Android APK download file attachment detected (file-identify.rules)
 * 1:9027 <-> DISABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP wkssvc NetrJoinDomain2 overflow attempt (os-windows.rules)
 * 1:7991 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer ACM Class Manager ActiveX clsid access (browser-plugins.rules)
 * 1:27636 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Likseput variant connection (malware-cnc.rules)
 * 1:7142 <-> DISABLED <-> PUA-ADWARE Adware ares flash downloader 2.04 runtime detection (pua-adware.rules)
 * 1:26594 <-> DISABLED <-> PROTOCOL-VOIP Digium Asterisk Management Interface HTTP digest authentication stack buffer overflow attempt (protocol-voip.rules)
 * 1:27558 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Bezigate variant outbound connection (malware-cnc.rules)
 * 1:6005 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DT DDS Straight Line Routing Logic 2 ActiveX object access (browser-plugins.rules)
 * 1:7017 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer RDS.DataControl ActiveX function call access (browser-plugins.rules)
 * 1:8789 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DAPoint3.1 ActiveX clsid access (browser-plugins.rules)
 * 1:28093 <-> DISABLED <-> SERVER-WEBAPP Western Digital Arkeia Appliance directory traversal attempt (server-webapp.rules)
 * 1:463 <-> DISABLED <-> PROTOCOL-ICMP unassigned type 7 undefined code (protocol-icmp.rules)
 * 1:7517 <-> DISABLED <-> PUA-ADWARE Hijacker chinese keywords outbound connection (pua-adware.rules)
 * 1:26978 <-> DISABLED <-> FILE-IMAGE Oracle Outside In FlashPix image processing overflow attempt (file-image.rules)
 * 1:4679 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime movie file component name integer overflow multipacket attempt (file-multimedia.rules)
 * 1:5766 <-> DISABLED <-> PUA-ADWARE Hijacker begin2search outbound connection - install spyware trafficsector (pua-adware.rules)
 * 1:8464 <-> DISABLED <-> PUA-ADWARE Adware henbang runtime detection (pua-adware.rules)
 * 1:26633 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer html reload loop attempt (browser-ie.rules)
 * 1:8358 <-> DISABLED <-> PUA-ADWARE Hijacker yok supersearch outbound connection - addressbar keyword search hijack (pua-adware.rules)
 * 1:26496 <-> ENABLED <-> FILE-OTHER WellinTech KingView KingMessage log file parsing buffer overflow attempt (file-other.rules)
 * 1:7987 <-> DISABLED <-> BROWSER-PLUGINS WebViewFolderIcon.WebViewFolderIcon.2 ActiveX clsid access (browser-plugins.rules)
 * 1:4917 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer javascript onload prompt obfuscation overflow attempt (browser-ie.rules)
 * 1:7015 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer NMSA.MediaDescription ActiveX function call access (browser-plugins.rules)
 * 1:4211 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DDS Library Shape Control ActiveX object access (browser-plugins.rules)
 * 1:27552 <-> DISABLED <-> OS-MOBILE Android Exploit Extra_Field APK file download (os-mobile.rules)
 * 1:6483 <-> DISABLED <-> PUA-TOOLBARS Hijacker makemesearch toolbar runtime detection - home page hijacker (pua-toolbars.rules)
 * 1:3820 <-> DISABLED <-> FILE-IDENTIFY Microsoft Windows CHM file magic detected (file-identify.rules)
 * 1:7050 <-> DISABLED <-> PUA-TOOLBARS Hijacker freecruise toolbar runtime detection (pua-toolbars.rules)
 * 1:8363 <-> DISABLED <-> BROWSER-PLUGINS Business Object Factory ActiveX clsid access (browser-plugins.rules)
 * 1:26651 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader X XML forms specially crafted RLE8 format BMP integer overflow attempt (file-pdf.rules)
 * 1:5990 <-> DISABLED <-> PUA-ADWARE Adware broadcastpc runtime detection - get up-to-date movie/tv/ad information (pua-adware.rules)
 * 1:27233 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader util.printf buffer overflow attempt (file-pdf.rules)
 * 1:3148 <-> DISABLED <-> OS-WINDOWS Microsoft Windows winhelp clsid attempt (os-windows.rules)
 * 1:5960 <-> DISABLED <-> PUA-ADWARE Hijacker raxsearch detection - pop-up raxsearch window (pua-adware.rules)
 * 1:6211 <-> DISABLED <-> PUA-ADWARE Adware deskwizz runtime detection - pop-up ad request (pua-adware.rules)
 * 1:6209 <-> DISABLED <-> PUA-ADWARE Adware deskwizz/zquest runtime detection - get config information / ad banner (pua-adware.rules)
 * 1:26615 <-> DISABLED <-> INDICATOR-OBFUSCATION Javascript substr rename attempt (indicator-obfuscation.rules)
 * 1:26586 <-> DISABLED <-> SERVER-OTHER PostgreSQL database name command line injection attempt (server-other.rules)
 * 1:6380 <-> DISABLED <-> PUA-TOOLBARS Hijacker dotcomtoolbar runtime detection - toolbar information retrieve (pua-toolbars.rules)
 * 1:8848 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Agent Notify Sink Custom Proxy Class ActiveX clsid access (browser-plugins.rules)
 * 1:6355 <-> DISABLED <-> PUA-ADWARE Trickler wsearch outbound connection - mp3 search (pua-adware.rules)
 * 1:3039 <-> DISABLED <-> NETBIOS SMB-DS NT Trans NT CREATE andx DACL overflow attempt (netbios.rules)
 * 1:26997 <-> ENABLED <-> MALWARE-CNC OSX.Trojan.Morcut outbound connection (malware-cnc.rules)
 * 1:27844 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer CTreePos object use-after-free attempt (browser-ie.rules)
 * 1:27232 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader util.printf buffer overflow attempt (file-pdf.rules)
 * 1:27116 <-> DISABLED <-> OS-MOBILE Android Androrat device information leakage (os-mobile.rules)
 * 1:28102 <-> DISABLED <-> SERVER-OTHER CA Total Defense Suite UNCWS ReportFilterID/reportTemplateID SQL injection attempt (server-other.rules)
 * 1:26927 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader X XML forms specially crafted RLE8 format BMP integer overflow attempt (file-pdf.rules)
 * 1:4222 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Outllib.dll ActiveX object access (browser-plugins.rules)
 * 1:5963 <-> DISABLED <-> PUA-ADWARE Hijacker searchfast detection - search request (pua-adware.rules)
 * 1:26976 <-> DISABLED <-> FILE-IMAGE Oracle Outside In FlashPix image processing overflow attempt (file-image.rules)
 * 1:26436 <-> DISABLED <-> SERVER-WEBAPP HP Intelligent Management Center FaultDownloadServlet information disclosure attempt (server-webapp.rules)
 * 1:5874 <-> DISABLED <-> PUA-ADWARE Snoopware pc acme pro outbound connection (pua-adware.rules)
 * 1:7127 <-> DISABLED <-> PUA-ADWARE Hijacker wowok mp3 bar outbound connection - tracking (pua-adware.rules)
 * 1:7009 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows DirectAnimation.StructuredGraphicsControl ActiveX function call access (browser-plugins.rules)
 * 1:4182 <-> DISABLED <-> BROWSER-PLUGINS Microsoft MSN Chat v4.5, 4.6 ActiveX object access (browser-plugins.rules)
 * 1:27189 <-> ENABLED <-> FILE-JAVA Oracle Java Applet ProviderSkeleton sandbox bypass attempt (file-java.rules)
 * 1:27099 <-> DISABLED <-> OS-MOBILE Android ANDR.Trojan.SMSSilence device information disclosure attempt (os-mobile.rules)
 * 1:27796 <-> ENABLED <-> SERVER-WEBAPP CA Total Defense Suite UNCWS UnassignFunctionalRoles stored procedure POST SQL injection attempt (server-webapp.rules)
 * 1:8809 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DAMicrophone.1 ActiveX function call access (browser-plugins.rules)
 * 1:5755 <-> DISABLED <-> PUA-ADWARE Hijacker ezcybersearch outbound connection - check update (pua-adware.rules)
 * 1:6283 <-> DISABLED <-> PUA-ADWARE Hijacker websearch outbound connection - sitereview (pua-adware.rules)
 * 1:8755 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer LM.AutoEffectBvr.1 ActiveX function call access (browser-plugins.rules)
 * 1:7524 <-> DISABLED <-> PUA-ADWARE Hijacker moneybar outbound connection - cgispy counter (pua-adware.rules)
 * 1:28056 <-> DISABLED <-> OS-MOBILE Android ANDR.Trojan.FakeAV APK file download attempt (os-mobile.rules)
 * 1:27761 <-> DISABLED <-> BROWSER-PLUGINS Ultra Shareware Office Control ActiveX function call access (browser-plugins.rules)
 * 1:26483 <-> DISABLED <-> SERVER-WEBAPP JavaScript tag in User-Agent field possible XSS attempt (server-webapp.rules)
 * 1:8727 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer XMLHTTP 4.0 ActiveX clsid access (browser-plugins.rules)
 * 1:8546 <-> DISABLED <-> PUA-ADWARE Adware roogoo runtime detection - show ads (pua-adware.rules)
 * 1:27619 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer 6 usp10.dll Bengali font stack overrun attempt (browser-ie.rules)
 * 1:541 <-> DISABLED <-> POLICY-SOCIAL ICQ access (policy-social.rules)
 * 1:4133 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer devenum clsid attempt (browser-ie.rules)
 * 1:26557 <-> DISABLED <-> SERVER-WEBAPP Wordpress brute-force login attempt (server-webapp.rules)
 * 1:26882 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer onscroll use after free attempt (browser-ie.rules)
 * 1:6387 <-> DISABLED <-> PUA-ADWARE Hijacker internet optimizer outbound connection - autosearch hijack (pua-adware.rules)
 * 1:8803 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DANumber.1 ActiveX function call access (browser-plugins.rules)
 * 1:26708 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint Viewer memory allocation code execution attempt (file-office.rules)
 * 1:7520 <-> DISABLED <-> PUA-TOOLBARS Trackware earthlink toolbar runtime detection - ie autosearch hijack (pua-toolbars.rules)
 * 1:5794 <-> DISABLED <-> PUA-ADWARE Hijacker coolwebsearch.aboutblank variant outbound connection (pua-adware.rules)
 * 1:4224 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer VideoPort ActiveX object access (browser-plugins.rules)
 * 1:6347 <-> DISABLED <-> PUA-ADWARE Adware stationripper ad display detection (pua-adware.rules)
 * 1:27908 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CPhraseElement use after free attempt (browser-ie.rules)
 * 1:27178 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Wergimog variant outbound connection (malware-cnc.rules)
 * 1:5773 <-> DISABLED <-> PUA-ADWARE Adware forbes runtime detection (pua-adware.rules)
 * 1:5998 <-> DISABLED <-> PUA-P2P Skype client login startup (pua-p2p.rules)
 * 1:7884 <-> DISABLED <-> BROWSER-PLUGINS AolCalSvr.ACCalendarListCtrl ActiveX clsid access (browser-plugins.rules)
 * 1:26530 <-> DISABLED <-> INDICATOR-COMPROMISE Unix.Backdoor.Cdorked redirected URI attempt (indicator-compromise.rules)
 * 1:5947 <-> DISABLED <-> PUA-ADWARE Adware weirdontheweb runtime detection - log url (pua-adware.rules)
 * 1:27609 <-> DISABLED <-> POLICY-OTHER Microsoft ADFS endpoint information disclosure attempt (policy-other.rules)
 * 1:6443 <-> DISABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP msdtc BuildContextW heap overflow attempt (os-windows.rules)
 * 1:28097 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Ohlat variant connection (malware-cnc.rules)
 * 1:6431 <-> DISABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP msdtc BuildContextW invalid second uuid size attempt (os-windows.rules)
 * 1:9625 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Media Player ASX file ref href buffer overflow attempt (os-windows.rules)
 * 1:26765 <-> DISABLED <-> BROWSER-PLUGINS Oracle Java Web Start control launchapp ActiveX function call access (browser-plugins.rules)
 * 1:8819 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DAImage.1 ActiveX clsid access (browser-plugins.rules)
 * 1:7191 <-> DISABLED <-> PUA-ADWARE Adware trustyfiles v3.1.0.1 runtime detection - url retrieval (pua-adware.rules)
 * 1:28141 <-> ENABLED <-> MALWARE-CNC Win.Trojan.banker outbound communication (malware-cnc.rules)
 * 1:26975 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image uploader ActiveX function call access attempt (browser-plugins.rules)
 * 1:4205 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Visual Database Tools Database Designer v7.0 ActiveX object access (browser-plugins.rules)
 * 1:4914 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Repository Script Definition ActiveX object access (browser-plugins.rules)
 * 1:27230 <-> DISABLED <-> SERVER-WEBAPP Pragyan CMS form.lib.php remove file include attempt (server-webapp.rules)
 * 1:4207 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Audio Decompressor Control Property Page ActiveX object access (browser-plugins.rules)
 * 1:7152 <-> DISABLED <-> PUA-ADWARE Hijacker cnsmin 3721 outbound connection - installation (pua-adware.rules)
 * 1:26472 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime pict image poly structure memory corruption attempt (file-multimedia.rules)
 * 1:4891 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer cfw Class ActiveX object access (browser-plugins.rules)
 * 1:5961 <-> DISABLED <-> PUA-ADWARE Hijacker searchfast detection - news ticker (pua-adware.rules)
 * 1:4164 <-> DISABLED <-> BROWSER-PLUGINS DigWebX MSN ActiveX object access (browser-plugins.rules)
 * 1:5983 <-> DISABLED <-> PUA-ADWARE Adware powerstrip runtime detection (pua-adware.rules)
 * 1:27817 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Tenavt connection (malware-cnc.rules)
 * 1:26394 <-> DISABLED <-> SERVER-OTHER Bopup Communications server buffer overflow attempt (server-other.rules)
 * 1:27284 <-> DISABLED <-> SERVER-WEBAPP SezHoo remote file include in SezHooTabsAndActions.php (server-webapp.rules)
 * 1:26766 <-> DISABLED <-> BROWSER-PLUGINS Oracle Java Web Start control launchapp ActiveX clsid access (browser-plugins.rules)
 * 1:7008 <-> DISABLED <-> BROWSER-PLUGINS DirectAnimation.DAUserData ActiveX function call access (browser-plugins.rules)
 * 1:5989 <-> DISABLED <-> PUA-ADWARE Adware broadcastpc runtime detection - get config (pua-adware.rules)
 * 1:5853 <-> DISABLED <-> PUA-ADWARE Adware warez_p2p runtime detection - download ads (pua-adware.rules)
 * 1:27250 <-> DISABLED <-> BROWSER-PLUGINS ShockwaveFlash.ShockwaveFlash.9 ActiveX function overflow attempt (browser-plugins.rules)
 * 1:26922 <-> DISABLED <-> OS-WINDOWS Microsoft Windows FlattenPath paged memory consumption privilege escalation attempt (os-windows.rules)
 * 1:27969 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Updays variant connection (malware-cnc.rules)
 * 1:4150 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Office Outlook View OVCtl ActiveX function call access (browser-plugins.rules)
 * 1:26588 <-> DISABLED <-> FILE-JAVA Oracle Java runtime JMX findclass sandbox breach attempt (file-java.rules)
 * 1:27526 <-> ENABLED <-> FILE-IMAGE Directshow GIF logical height overflow attempt (file-image.rules)
 * 1:27835 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer AddOption use after free attempt (browser-ie.rules)
 * 1:8015 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer German_German Stemmer ActiveX clsid access (browser-plugins.rules)
 * 1:5828 <-> DISABLED <-> PUA-ADWARE Adware broadcasturban tuner runtime detection - connect to station (pua-adware.rules)
 * 1:6382 <-> DISABLED <-> PUA-TOOLBARS Hijacker dotcomtoolbar runtime detection - url hook (pua-toolbars.rules)
 * 1:26441 <-> DISABLED <-> INDICATOR-OBFUSCATION Obfuscated javascript/html generated by myobfuscate.com detected (indicator-obfuscation.rules)
 * 1:7894 <-> DISABLED <-> BROWSER-PLUGINS AOL.PicDownloadCtrl ActiveX clsid access (browser-plugins.rules)
 * 1:27720 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Kolok variant connection (malware-cnc.rules)
 * 1:26768 <-> DISABLED <-> OS-MOBILE Android Fakedoc device information leakage (os-mobile.rules)
 * 1:26471 <-> ENABLED <-> PROTOCOL-FTP VanDyke AbsoluteFTP LIST command stack buffer overflow attempt (protocol-ftp.rules)
 * 1:7854 <-> DISABLED <-> PUA-ADWARE Adware web-nexus runtime detection - config retrieval (pua-adware.rules)
 * 1:27217 <-> ENABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 260 buffer overflow attempt (server-other.rules)
 * 1:2923 <-> DISABLED <-> NETBIOS SMB repeated logon failure (netbios.rules)
 * 1:3692 <-> DISABLED <-> POLICY-SOCIAL Yahoo Messenger File Transfer Initiation Request (policy-social.rules)
 * 1:5929 <-> DISABLED <-> PUA-ADWARE Adware cashbar runtime detection - pop-up ad 1 (pua-adware.rules)
 * 1:6495 <-> DISABLED <-> PUA-ADWARE Hijacker troj_spywad.x outbound connection (pua-adware.rules)
 * 1:5752 <-> DISABLED <-> PUA-ADWARE Adware exactsearch runtime detection - switch search engine 2 (pua-adware.rules)
 * 1:4228 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Start Menu ActiveX object access (browser-plugins.rules)
 * 1:5851 <-> DISABLED <-> PUA-ADWARE Adware warez_p2p runtime detection - .txt .dat and .lst requests (pua-adware.rules)
 * 1:4899 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer ISupportErrorInfo Interface ActiveX object access (browser-plugins.rules)
 * 1:3069 <-> DISABLED <-> PROTOCOL-IMAP fetch literal overflow attempt (protocol-imap.rules)
 * 1:28133 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word remote code execution attempt (file-office.rules)
 * 1:7458 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Wmm2fxb.dll ActiveX clsid access (browser-plugins.rules)
 * 1:5860 <-> DISABLED <-> PUA-ADWARE Hijacker daosearch outbound connection - search hijack (pua-adware.rules)
 * 1:27123 <-> ENABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 259 buffer overflow attempt (server-other.rules)
 * 1:5776 <-> DISABLED <-> PUA-ADWARE Trickler grokster outbound connection (pua-adware.rules)
 * 1:5754 <-> DISABLED <-> PUA-ADWARE Hijacker ezcybersearch outbound connection - ie auto search hijack (pua-adware.rules)
 * 1:5938 <-> DISABLED <-> PUA-ADWARE Hijacker dropspam outbound connection - third party information collection (pua-adware.rules)
 * 1:3035 <-> DISABLED <-> NETBIOS SMB NT Trans NT CREATE andx DACL overflow attempt (netbios.rules)
 * 1:26817 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader javascript regex embedded sandbox escape attempt (file-pdf.rules)
 * 1:8776 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DAUserData.1 ActiveX function call access (browser-plugins.rules)
 * 1:5962 <-> DISABLED <-> PUA-ADWARE Hijacker searchfast detection - catch search keyword (pua-adware.rules)
 * 1:26941 <-> ENABLED <-> MALWARE-CNC Win.Trojan.PipCreat RAT dropper download (malware-cnc.rules)
 * 1:5785 <-> DISABLED <-> PUA-ADWARE Adware hithopper runtime detection - get xml setting (pua-adware.rules)
 * 1:26504 <-> ENABLED <-> PROTOCOL-SCADA 3S CoDeSys Gateway Server stack buffer overflow attempt (protocol-scada.rules)
 * 1:4186 <-> DISABLED <-> BROWSER-PLUGINS Kodak Image Editing ActiveX object access (browser-plugins.rules)
 * 1:4165 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Image Control 1.0 ActiveX object access (browser-plugins.rules)
 * 1:5799 <-> DISABLED <-> BROWSER-PLUGINS mydailyhoroscope update or installation in progress (browser-plugins.rules)
 * 1:5949 <-> DISABLED <-> PUA-TOOLBARS Trackware iggsey toolbar detection - simpleticker.htm request (pua-toolbars.rules)
 * 1:462 <-> DISABLED <-> PROTOCOL-ICMP unassigned type 7 (protocol-icmp.rules)
 * 1:27073 <-> DISABLED <-> INDICATOR-OBFUSCATION obfuscated getElementsByTagName string - seen in exploit kits (indicator-obfuscation.rules)
 * 1:27818 <-> DISABLED <-> SERVER-OTHER Microsoft SharePoint denial of service attempt (server-other.rules)
 * 1:5854 <-> DISABLED <-> PUA-ADWARE Adware warez_p2p runtime detection - pass user information (pua-adware.rules)
 * 1:26440 <-> DISABLED <-> INDICATOR-OBFUSCATION Obfuscated javascript/html generated by myobfuscate.com detected (indicator-obfuscation.rules)
 * 1:8806 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DAMontage.1 ActiveX function call access (browser-plugins.rules)
 * 1:27531 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 9 and 10 information disclosure attempt (browser-ie.rules)
 * 1:4893 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Trident HTMLEditor ActiveX object access (browser-plugins.rules)
 * 1:8854 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Agent v2.0 ActiveX function call access (browser-plugins.rules)
 * 1:27578 <-> DISABLED <-> SERVER-OTHER OpenX POST to known backdoored file (server-other.rules)
 * 1:5969 <-> DISABLED <-> PUA-ADWARE trackware searchinweb detection - collect information (pua-adware.rules)
 * 1:8828 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DAColor.1 ActiveX clsid access (browser-plugins.rules)
 * 1:26674 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word TextBox sub-document memory corruption attempt (file-office.rules)
 * 1:7531 <-> DISABLED <-> PUA-ADWARE Trickler mediaseek.pl client outbound connection - login (pua-adware.rules)
 * 1:26416 <-> ENABLED <-> SERVER-WEBAPP HP Intelligent Management Center mibFileUpload servlet arbitrary file upload attempt (server-webapp.rules)
 * 1:26585 <-> DISABLED <-> INDICATOR-COMPROMISE config.inc.php in iframe (indicator-compromise.rules)
 * 1:4912 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Repository Root ActiveX object access (browser-plugins.rules)
 * 1:5849 <-> DISABLED <-> PUA-ADWARE Adware warez_p2p runtime detection - update request (pua-adware.rules)
 * 1:6201 <-> DISABLED <-> PUA-ADWARE Adware twaintec runtime detection (pua-adware.rules)
 * 1:26880 <-> DISABLED <-> MALWARE-CNC Win.Zotob.E gc.exe download (malware-cnc.rules)
 * 1:26451 <-> DISABLED <-> INDICATOR-OBFUSCATION g01pack Javascript substr function wrapper attempt (indicator-obfuscation.rules)
 * 1:27579 <-> DISABLED <-> SERVER-OTHER Sybase Open Server function pointer array code execution attempt (server-other.rules)
 * 1:5866 <-> DISABLED <-> PUA-TOOLBARS Hijacker couponbar runtime detection - download new coupon offers and links (pua-toolbars.rules)
 * 1:6432 <-> DISABLED <-> OS-WINDOWS DCERPC NCADG-IP-UDP msdtc BuildContextW invalid second uuid size attempt (os-windows.rules)
 * 1:27572 <-> ENABLED <-> SERVER-APACHE Apache Struts wildcard matching OGNL remote code execution attempt (server-apache.rules)
 * 1:8445 <-> DISABLED <-> FILE-OFFICE Microsoft Windows RTF file with embedded object package download attempt (file-office.rules)
 * 1:26469 <-> DISABLED <-> SERVER-ORACLE Oracle WebCenter FatWire Satellite Server header injection on blobheadername2 attempt (server-oracle.rules)
 * 1:5751 <-> DISABLED <-> PUA-ADWARE Adware exactsearch runtime detection - switch search engine 1 (pua-adware.rules)
 * 1:26517 <-> DISABLED <-> FILE-IDENTIFY maplet bin file download attempt (file-identify.rules)
 * 1:27282 <-> DISABLED <-> BROWSER-PLUGINS PPMate PPMPlayer.dll ActiveX clsid access (browser-plugins.rules)
 * 1:4185 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Terminal Services Advanced Client ActiveX object access (browser-plugins.rules)
 * 1:27215 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint schemes record buffer overflow (file-office.rules)
 * 1:8786 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DASound.1 ActiveX clsid access (browser-plugins.rules)
 * 1:6906 <-> DISABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP rras RasRpcSetUserPreferences callback number overflow attempt (os-windows.rules)
 * 1:3819 <-> DISABLED <-> FILE-IDENTIFY CHM file download request (file-identify.rules)
 * 1:5763 <-> DISABLED <-> PUA-ADWARE Trickler bearshare outbound connection - chat request (pua-adware.rules)
 * 1:27968 <-> ENABLED <-> MALWARE-CNC Win.Backdoor.Chopper web shell connection (malware-cnc.rules)
 * 1:4154 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Active Setup ActiveX object access (browser-plugins.rules)
 * 1:4235 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Helper Object for Java ActiveX object access (browser-plugins.rules)
 * 1:27279 <-> DISABLED <-> FILE-OTHER Trimble SketchUp PICT color entries buffer overflow attempt (file-other.rules)
 * 1:27905 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Helauto variant connection (malware-cnc.rules)
 * 1:26799 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel style handling overflow attempt (file-office.rules)
 * 1:27803 <-> ENABLED <-> MALWARE-CNC Win.Trojan.PRISM outbound connection (malware-cnc.rules)
 * 1:5810 <-> DISABLED <-> PUA-ADWARE Hijacker shop at home select installation in progress (pua-adware.rules)
 * 1:26974 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image uploader ActiveX clsid access attempt (browser-plugins.rules)
 * 1:5911 <-> DISABLED <-> PUA-ADWARE Adware smartpops runtime detection (pua-adware.rules)
 * 1:26487 <-> DISABLED <-> FILE-JAVA Oracle Java JRE reflection types public final field overwrite attempt (file-java.rules)
 * 1:8777 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DATransform3.1 ActiveX clsid access (browser-plugins.rules)
 * 1:6183 <-> DISABLED <-> PUA-ADWARE Adware 180Search assistant runtime detection - tracked event URL (pua-adware.rules)
 * 1:5867 <-> DISABLED <-> PUA-TOOLBARS Hijacker couponbar runtime detection - get updates to toolbar buttons (pua-toolbars.rules)
 * 1:4175 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Office 2000/2002 Web Components PivotTable ActiveX object access (browser-plugins.rules)
 * 1:8744 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DAEvent.1 ActiveX clsid access (browser-plugins.rules)
 * 1:7828 <-> DISABLED <-> PUA-ADWARE Adware whenu runtime detection - search request 2 (pua-adware.rules)
 * 1:8063 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer ADODB.Stream ActiveX function call access (browser-plugins.rules)
 * 1:7910 <-> DISABLED <-> BROWSER-PLUGINS DXImageTransform.Microsoft.DropShadow ActiveX clsid access (browser-plugins.rules)
 * 1:3024 <-> DISABLED <-> NETBIOS SMB-DS NT Trans NT CREATE unicode oversized Security Descriptor attempt (netbios.rules)
 * 1:27120 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Agent variant outbound connection (malware-cnc.rules)
 * 1:3033 <-> DISABLED <-> NETBIOS SMB-DS NT Trans NT CREATE unicode andx SACL overflow attempt (netbios.rules)
 * 1:3022 <-> DISABLED <-> NETBIOS SMB-DS NT Trans NT CREATE oversized Security Descriptor attempt (netbios.rules)
 * 1:5757 <-> DISABLED <-> PUA-TOOLBARS Hijacker ezcybersearch runtime detection - check toolbar setting (pua-toolbars.rules)
 * 1:8375 <-> DISABLED <-> BROWSER-PLUGINS QuickTime Object ActiveX clsid access (browser-plugins.rules)
 * 1:27688 <-> DISABLED <-> SERVER-WEBAPP mxBB MX Faq module_root_path file inclusion attempt (server-webapp.rules)
 * 1:7855 <-> DISABLED <-> PUA-ADWARE Adware web-nexus runtime detection - ad url 2 (pua-adware.rules)
 * 1:26669 <-> DISABLED <-> SERVER-WEBAPP HP Intelligent Management Center SyslogDownloadServlet information disclosure attempt (server-webapp.rules)
 * 1:28073 <-> ENABLED <-> MALWARE-CNC Trojan.Win32.Kimsuky variant file stealing (malware-cnc.rules)
 * 1:5891 <-> DISABLED <-> PUA-ADWARE Hijacker shopnav outbound connection - self-update request 2 (pua-adware.rules)
 * 1:6219 <-> DISABLED <-> PUA-ADWARE Adware bonzibuddy runtime detection (pua-adware.rules)
 * 1:26425 <-> DISABLED <-> PROTOCOL-VOIP Digium Asterisk SIP SDP header parsing stack buffer overflow attempt (protocol-voip.rules)
 * 1:26545 <-> DISABLED <-> BROWSER-PLUGINS SafeNet ActiveX clsid access (browser-plugins.rules)
 * 1:7843 <-> DISABLED <-> PUA-ADWARE Hijacker avenuemedia.dyfuca outbound connection - search engine hijack (pua-adware.rules)
 * 1:5972 <-> DISABLED <-> PUA-ADWARE hijacker smart finder detection - ie autosearch hijack 1 (pua-adware.rules)
 * 1:5748 <-> DISABLED <-> PUA-ADWARE Hijacker adultlinks outbound connection - ads (pua-adware.rules)
 * 1:5848 <-> DISABLED <-> PUA-ADWARE Adware warez_p2p runtime detection - ip.php request (pua-adware.rules)
 * 1:7197 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel MSO.DLL malformed string parsing single byte buffer over attempt (file-office.rules)
 * 1:26673 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word TextBox sub-document memory corruption attempt (file-office.rules)
 * 1:27600 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Nawpers variant connection (malware-cnc.rules)
 * 1:27940 <-> DISABLED <-> SERVER-WEBAPP Django web framework oversized password denial of service attempt (server-webapp.rules)
 * 1:8842 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DABbox2.1 ActiveX function call access (browser-plugins.rules)
 * 1:6237 <-> DISABLED <-> PUA-ADWARE Adware lop runtime detection - check update request (pua-adware.rules)
 * 1:5918 <-> DISABLED <-> PUA-ADWARE Hijacker painter outbound connection - ping 'alive' signal (pua-adware.rules)
 * 1:6378 <-> DISABLED <-> PUA-ADWARE Hijacker adbars outbound connection - homepage hijack (pua-adware.rules)
 * 1:8395 <-> DISABLED <-> BROWSER-PLUGINS DX3DTransform.Microsoft.CrShatter ActiveX clsid access (browser-plugins.rules)
 * 1:27629 <-> ENABLED <-> MALWARE-CNC Win.Backdoor.Aumlib outbound connection (malware-cnc.rules)
 * 1:4197 <-> DISABLED <-> BROWSER-PLUGINS DigWebX MSN ActiveX object access (browser-plugins.rules)
 * 1:5798 <-> DISABLED <-> PUA-ADWARE Adware mydailyhoroscope runtime detection (pua-adware.rules)
 * 1:8003 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Content.mbcontent.1 ActiveX clsid access (browser-plugins.rules)
 * 1:7490 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WMT Switch Filter ActiveX clsid access (browser-plugins.rules)
 * 1:8009 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer English_UK Stemmer ActiveX clsid access (browser-plugins.rules)
 * 1:5862 <-> DISABLED <-> PUA-ADWARE Hijacker isearch outbound connection - search hijack 1 (pua-adware.rules)
 * 1:3023 <-> DISABLED <-> NETBIOS SMB-DS NT Trans NT CREATE andx oversized Security Descriptor attempt (netbios.rules)
 * 1:5859 <-> DISABLED <-> PUA-ADWARE Hijacker daosearch outbound connection - information request (pua-adware.rules)
 * 1:5993 <-> DISABLED <-> PUA-ADWARE Hijacker getmirar outbound connection - track activity (pua-adware.rules)
 * 1:26769 <-> ENABLED <-> SERVER-OTHER MIT Kerberos kpasswd process_chpw_request denial of service attempt (server-other.rules)
 * 1:28047 <-> DISABLED <-> SERVER-WEBAPP RaidSonic Multiple Products arbitrary command injection attempt (server-webapp.rules)
 * 1:8764 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.Sequence ActiveX function call access (browser-plugins.rules)
 * 1:2707 <-> DISABLED <-> FILE-IMAGE JPEG parser multipacket heap overflow attempt (file-image.rules)
 * 1:6200 <-> DISABLED <-> PUA-ADWARE Hijacker smart search outbound connection - get settings (pua-adware.rules)
 * 1:26622 <-> DISABLED <-> BROWSER-IE Microsoft Windows Live Writer wlw protocol handler information disclosure attempt (browser-ie.rules)
 * 1:8416 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Vector Markup Language fill method overflow attempt (os-windows.rules)
 * 1:5967 <-> DISABLED <-> PUA-ADWARE trackware searchinweb detection - click result links (pua-adware.rules)
 * 1:27694 <-> DISABLED <-> FILE-JAVA Oracle Java 2D ImagingLib BytePackedRaster signed integer overflow attempt (file-java.rules)
 * 1:6403 <-> DISABLED <-> SERVER-WEBAPP horde help module arbitrary command execution attempt (server-webapp.rules)
 * 1:5996 <-> DISABLED <-> PUA-ADWARE Adware offeragent runtime detection - ads request (pua-adware.rules)
 * 1:28166 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Bifrose variant connection (malware-cnc.rules)
 * 1:27225 <-> DISABLED <-> SERVER-OTHER Adobe ColdFusion JRun error page getWriter denial of service attempt (server-other.rules)
 * 1:2922 <-> DISABLED <-> PROTOCOL-DNS TCP inverse query (protocol-dns.rules)
 * 1:8791 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DAPoint3.1 ActiveX function call access (browser-plugins.rules)
 * 1:27074 <-> DISABLED <-> INDICATOR-OBFUSCATION obfuscated getElementsByTagName string - seen in exploit kits (indicator-obfuscation.rules)
 * 1:27023 <-> DISABLED <-> MALWARE-CNC Trojan.Netweird.A outbound communication (malware-cnc.rules)
 * 1:26484 <-> DISABLED <-> FILE-JAVA Oracle Java JRE reflection types public final field overwrite attempt (file-java.rules)
 * 1:4358 <-> DISABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP umpnpmgr PNP_GetDeviceListSize attempt (os-windows.rules)
 * 1:27685 <-> DISABLED <-> SERVER-WEBAPP ASPMForum SQL injection attempt (server-webapp.rules)
 * 1:26520 <-> DISABLED <-> FILE-OTHER Maple Maplet File Creation and Command Execution attempt (file-other.rules)
 * 1:6258 <-> DISABLED <-> PUA-ADWARE Adware searchsquire runtime detection - get engine file (pua-adware.rules)
 * 1:7128 <-> DISABLED <-> PUA-ADWARE Hijacker wowok mp3 bar outbound connection - advertising 1 (pua-adware.rules)
 * 1:5927 <-> DISABLED <-> PUA-ADWARE Adware cashbar runtime detection - .smx requests (pua-adware.rules)
 * 1:2665 <-> DISABLED <-> PROTOCOL-IMAP login literal format string attempt (protocol-imap.rules)
 * 1:8253 <-> DISABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP webdav DavrCreateConnection username overflow attempt (os-windows.rules)
 * 1:27038 <-> DISABLED <-> OS-MOBILE Android Vidro / EClips device information leakage (os-mobile.rules)
 * 1:27693 <-> DISABLED <-> FILE-JAVA Oracle Java 2D ImagingLib BytePackedRaster signed integer overflow attempt (file-java.rules)
 * 1:5892 <-> DISABLED <-> PUA-TOOLBARS Trackware wordiq toolbar runtime detection - get link info (pua-toolbars.rules)
 * 1:9806 <-> DISABLED <-> NETBIOS DCERPC NCACN-IP-TCP brightstor-arc GetGroupStatus overflow attempt (netbios.rules)
 * 1:3029 <-> DISABLED <-> NETBIOS SMB NT Trans NT CREATE unicode andx SACL overflow attempt (netbios.rules)
 * 1:26501 <-> DISABLED <-> SERVER-OTHER BigAnt Document Service DDNF request stack buffer overflow attempt (server-other.rules)
 * 1:9801 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows Media Player or Explorer Malformed MIDI File DOS attempt (file-multimedia.rules)
 * 1:26902 <-> DISABLED <-> FILE-IDENTIFY Android APK download request (file-identify.rules)
 * 1:9795 <-> DISABLED <-> BROWSER-PLUGINS Panda ActiveScan ActiveScan.1 ActiveX clsid access (browser-plugins.rules)
 * 1:9812 <-> DISABLED <-> BROWSER-PLUGINS Yahoo Messenger YMMAPI.YMailAttach ActiveX function call access (browser-plugins.rules)
 * 1:5842 <-> DISABLED <-> PUA-ADWARE Trickler minibug outbound connection - ads (pua-adware.rules)
 * 1:9797 <-> DISABLED <-> BROWSER-PLUGINS Panda ActiveScan ActiveScan.1 ActiveX function call access (browser-plugins.rules)
 * 1:9800 <-> DISABLED <-> BROWSER-PLUGINS Panda ActiveScan PAVPZ.SOS.1 ActiveX function call access (browser-plugins.rules)
 * 1:9816 <-> DISABLED <-> BROWSER-PLUGINS ICQPhone.SipxPhoneManager ActiveX function call access (browser-plugins.rules)
 * 1:9814 <-> DISABLED <-> BROWSER-PLUGINS ICQPhone.SipxPhoneManager ActiveX clsid access (browser-plugins.rules)
 * 1:7934 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer ftp Asychronous Pluggable Protocol Handler ActiveX clsid access (browser-plugins.rules)
 * 1:26901 <-> ENABLED <-> BROWSER-PLUGINS Java Applet sql.DriverManager exploit attempt (browser-plugins.rules)
 * 1:3461 <-> DISABLED <-> SERVER-MAIL Content-Type overflow attempt (server-mail.rules)
 * 1:3218 <-> DISABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP winreg OpenKey overflow attempt (os-windows.rules)
 * 1:7425 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer 9x8Resize ActiveX clsid access (browser-plugins.rules)
 * 1:7053 <-> DISABLED <-> PUA-ADWARE Adware webredir runtime detection (pua-adware.rules)
 * 1:8771 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DAVector2.1 ActiveX clsid access (browser-plugins.rules)
 * 1:9640 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows ADODB.Connection ActiveX function call access (browser-plugins.rules)
 * 1:27030 <-> DISABLED <-> SERVER-WEBAPP Novell ZENworks Mobile Management mdm.php directory traversal attempt (server-webapp.rules)
 * 1:5845 <-> DISABLED <-> PUA-ADWARE Hijacker surfsidekick outbound connection - update request (pua-adware.rules)
 * 1:4155 <-> ENABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer htmlfile ActiveX object access (browser-plugins.rules)
 * 1:26980 <-> DISABLED <-> SERVER-OTHER RealNetworks Helix snmp master agent denial of service attempt (server-other.rules)
 * 1:26442 <-> DISABLED <-> OS-MOBILE Android MDK encrypted information leak (os-mobile.rules)
 * 1:2942 <-> DISABLED <-> NETBIOS DCERPC NCACN-IP-TCP winreg InitiateSystemShutdown attempt (netbios.rules)
 * 1:6360 <-> DISABLED <-> PUA-ADWARE Adware altnet runtime detection - update (pua-adware.rules)
 * 1:7853 <-> DISABLED <-> PUA-ADWARE Adware web-nexus runtime detection - ad url 1 (pua-adware.rules)
 * 1:28215 <-> DISABLED <-> SERVER-WEBAPP vBulletin upgrade.php exploit attempt (server-webapp.rules)
 * 1:7896 <-> DISABLED <-> BROWSER-PLUGINS AOL.PicEditCtrl ActiveX clsid access (browser-plugins.rules)
 * 1:7026 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows RDS.Dataspace ActiveX function call access (browser-plugins.rules)
 * 1:3691 <-> DISABLED <-> POLICY-SOCIAL Yahoo Messenger Message (policy-social.rules)
 * 1:28074 <-> ENABLED <-> MALWARE-CNC Win.Trojan.ADKR connection (malware-cnc.rules)
 * 1:7054 <-> DISABLED <-> PUA-ADWARE Trickler download arq variant outbound connection (pua-adware.rules)
 * 1:7126 <-> DISABLED <-> PUA-ADWARE Hijacker trojan proxy atiup outbound connection - notification (pua-adware.rules)
 * 1:5924 <-> DISABLED <-> PUA-ADWARE Adware active shopper runtime detection - redirect (pua-adware.rules)
 * 1:5711 <-> DISABLED <-> FILE-IMAGE Microsoft Windows Media Player zero length bitmap heap overflow attempt (file-image.rules)
 * 1:27285 <-> DISABLED <-> SERVER-WEBAPP Gazi Download Portal down_indir.asp SQL injection attempt (server-webapp.rules)
 * 1:3462 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer Content-Encoding overflow attempt (browser-ie.rules)
 * 1:27018 <-> DISABLED <-> SERVER-WEBAPP Novell ZENworks Mobile Management dusap.php directory traversal attempt (server-webapp.rules)
 * 1:5791 <-> DISABLED <-> PUA-ADWARE Dialer pluginaccess outbound connection - get pin (pua-adware.rules)
 * 1:5864 <-> DISABLED <-> PUA-TOOLBARS Hijacker isearch runtime detection - search in toolbar (pua-toolbars.rules)
 * 1:4225 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Repository ActiveX object access (browser-plugins.rules)
 * 1:6687 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DXImageTransform.Microsoft.MMSpecialEffect1Input ActiveX function call access (browser-plugins.rules)
 * 1:26573 <-> DISABLED <-> BROWSER-PLUGINS Honeywell HscRemoteDeploy ActiveX control arbitrary HTA execution attempt (browser-plugins.rules)
 * 1:6367 <-> DISABLED <-> PUA-ADWARE Trickler eacceleration downloadreceiver outbound connection - stop-sign ads (pua-adware.rules)
 * 1:7470 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WMT DV Extract Filter ActiveX clsid access (browser-plugins.rules)
 * 1:5787 <-> DISABLED <-> PUA-ADWARE Adware hithopper runtime detection - search (pua-adware.rules)
 * 1:26431 <-> DISABLED <-> SERVER-WEBAPP Apache mod_proxy_balancer cross site scripting attempt (server-webapp.rules)
 * 1:27261 <-> ENABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 215 buffer overflow attempt (server-other.rules)
 * 1:7007 <-> DISABLED <-> BROWSER-PLUGINS AxDebugger.Document.1 ActiveX function call access (browser-plugins.rules)
 * 1:6266 <-> DISABLED <-> PUA-ADWARE Hijacker gigatech superbar outbound connection - self update - check update (pua-adware.rules)
 * 1:27762 <-> DISABLED <-> BROWSER-PLUGINS Ultra Shareware Office Control ActiveX clsid access (browser-plugins.rules)
 * 1:26981 <-> DISABLED <-> SERVER-WEBAPP WordPress login denial of service attempt (server-webapp.rules)
 * 1:6007 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DT DDS OrgChart GDD Layout ActiveX object access (browser-plugins.rules)
 * 1:7595 <-> DISABLED <-> PUA-ADWARE Adware comedy planet runtime detection - collect user information (pua-adware.rules)
 * 1:2921 <-> DISABLED <-> PROTOCOL-DNS UDP inverse query (protocol-dns.rules)
 * 1:6346 <-> DISABLED <-> PUA-ADWARE Adware stationripper update detection (pua-adware.rules)
 * 1:4209 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer LexRefStFrObject Class ActiveX object access (browser-plugins.rules)
 * 1:7985 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Explorer WebViewFolderIcon.WebViewFolderIcon.1 ActiveX clsid access (browser-plugins.rules)
 * 1:4072 <-> DISABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP umpnpmgr PNP_DetectResourceConflict attempt (os-windows.rules)
 * 1:5940 <-> DISABLED <-> PUA-TOOLBARS Trackware supreme toolbar runtime detection - search request (pua-toolbars.rules)
 * 1:3590 <-> DISABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP mqqm QMDeleteObject overflow attempt (os-windows.rules)
 * 1:6240 <-> DISABLED <-> PUA-ADWARE Adware lop runtime detection - pop up ads (pua-adware.rules)
 * 1:4905 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Repository Object ActiveX object access (browser-plugins.rules)
 * 1:27659 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Gapz variant connection (malware-cnc.rules)
 * 1:6456 <-> DISABLED <-> OS-WINDOWS DCERPC NCADG-IP-UDP msdtc BuildContext heap overflow attempt (os-windows.rules)
 * 1:8354 <-> DISABLED <-> PUA-ADWARE Adware desktopmedia runtime detection - surf monitoring (pua-adware.rules)
 * 1:5865 <-> DISABLED <-> PUA-ADWARE Adware zapspot runtime detection - pop up ads (pua-adware.rules)
 * 1:27601 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Noobot variant connection (malware-cnc.rules)
 * 1:8033 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer QC.MessageMover.1 ActiveX clsid access (browser-plugins.rules)
 * 1:27010 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Zbot payment .scr download (malware-cnc.rules)
 * 1:8852 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Agent v2.0 ActiveX clsid access (browser-plugins.rules)
 * 1:4134 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer blnmgr clsid attempt (browser-ie.rules)
 * 1:6455 <-> DISABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP msdtc BuildContext heap overflow attempt (os-windows.rules)
 * 1:27243 <-> ENABLED <-> SERVER-APACHE Apache Struts2 blacklisted method redirectAction (server-apache.rules)
 * 1:8721 <-> DISABLED <-> BROWSER-PLUGINS Outlook Data Object ActiveX clsid access (browser-plugins.rules)
 * 1:26832 <-> DISABLED <-> FILE-OFFICE Microsoft Office MSComctlLib.Toolbar ActiveX control exploit attempt (file-office.rules)
 * 1:7999 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer CLSID_CDIDeviceActionConfigPage ActiveX clsid access (browser-plugins.rules)
 * 1:3030 <-> DISABLED <-> NETBIOS SMB-DS NT Trans NT CREATE SACL overflow attempt (netbios.rules)
 * 1:5767 <-> DISABLED <-> PUA-ADWARE Hijacker begin2search outbound connection - download unauthorized code (pua-adware.rules)
 * 1:27117 <-> DISABLED <-> OS-MOBILE Android Androrat sms message leakage (os-mobile.rules)
 * 1:26627 <-> DISABLED <-> FILE-OFFICE Microsoft Office Visio SVG external entity local file disclosure attempt (file-office.rules)
 * 1:27167 <-> DISABLED <-> FILE-OTHER Microsoft Windows HLP File Handling heap overflow attempt (file-other.rules)
 * 1:27753 <-> DISABLED <-> SERVER-WEBAPP Click N Print Coupons coupon_detail.asp SQL injection attempt (server-webapp.rules)
 * 1:26705 <-> DISABLED <-> OS-MOBILE Android Ewalls device information exfiltration (os-mobile.rules)
 * 1:7838 <-> DISABLED <-> PUA-ADWARE Adware smiley central runtime detection (pua-adware.rules)
 * 1:7850 <-> DISABLED <-> PUA-ADWARE Trickler maxsearch outbound connection - retrieve command (pua-adware.rules)
 * 1:6248 <-> DISABLED <-> PUA-ADWARE Adware ezula toptext runtime detection - popup (pua-adware.rules)
 * 1:3552 <-> DISABLED <-> OS-WINDOWS Microsoft Windows OLE32 MSHTA masquerade attempt (os-windows.rules)
 * 1:26388 <-> DISABLED <-> OS-MOBILE Android Stels server response (os-mobile.rules)
 * 1:28101 <-> DISABLED <-> SERVER-OTHER CA Total Defense Suite UNCWS reGenerateReports/DeleteReports SQL injection attempt (server-other.rules)
 * 1:7049 <-> DISABLED <-> PUA-ADWARE Hijacker extreme biz outbound connection - uniq1 (pua-adware.rules)
 * 1:26621 <-> DISABLED <-> SERVER-OTHER Adobe ColdFusion adminapi information disclosure attempt (server-other.rules)
 * 1:5976 <-> DISABLED <-> PUA-ADWARE hijacker topfive searchassistant detection - side search (pua-adware.rules)
 * 1:5793 <-> DISABLED <-> PUA-ADWARE Dialer pluginaccess outbound connection - redirect (pua-adware.rules)
 * 1:7454 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Wmm2ae.dll ActiveX clsid access (browser-plugins.rules)
 * 1:3031 <-> DISABLED <-> NETBIOS SMB-DS NT Trans NT CREATE andx SACL overflow attempt (netbios.rules)
 * 1:6352 <-> DISABLED <-> PUA-ADWARE Hijacker adblock auto search redirect detection (pua-adware.rules)
 * 1:4216 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer CLSID_CComAcctImport ActiveX object access (browser-plugins.rules)
 * 1:28005 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Kuluoz outbound command (malware-cnc.rules)
 * 1:6008 <-> DISABLED <-> BROWSER-PLUGINS Microsoft DT DDS OrgChart GDD Route ActiveX object access (browser-plugins.rules)
 * 1:26797 <-> DISABLED <-> SERVER-WEBAPP Mutiny editdocument servlet arbitrary file access attempt (server-webapp.rules)
 * 1:7466 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WMT DeInterlace Prop Page ActiveX clsid access (browser-plugins.rules)
 * 1:4754 <-> DISABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP locator nsi_binding_lookup_begin overflow attempt (os-windows.rules)
 * 1:8815 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DALineStyle.1 ActiveX function call access (browser-plugins.rules)
 * 1:5858 <-> DISABLED <-> PUA-TOOLBARS Adware praizetoolbar runtime detection (pua-toolbars.rules)
 * 1:8353 <-> DISABLED <-> PUA-ADWARE Adware desktopmedia runtime detection - auto update (pua-adware.rules)
 * 1:5903 <-> DISABLED <-> PUA-ADWARE Adware download accelerator plus runtime detection - get ads (pua-adware.rules)
 * 1:5852 <-> DISABLED <-> PUA-ADWARE Adware warez_p2p runtime detection - cache.dat request (pua-adware.rules)
 * 1:4200 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Index Server Scope Administration ActiveX object access (browser-plugins.rules)
 * 1:7928 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer file or local Asychronous Pluggable Protocol Handler ActiveX clsid access (browser-plugins.rules)
 * 1:7944 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer https Asychronous Pluggable Protocol Handler ActiveX clsid access (browser-plugins.rules)
 * 1:27179 <-> ENABLED <-> BROWSER-PLUGINS Oracle document capture EMPOP3Lib ActiveX clsid access attempt (browser-plugins.rules)
 * 1:28042 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Caphaw outbound connection (malware-cnc.rules)
 * 1:8373 <-> DISABLED <-> BROWSER-PLUGINS VsmIDE.DTE ActiveX clsid access (browser-plugins.rules)
 * 1:27593 <-> DISABLED <-> INDICATOR-OBFUSCATION Javascript obfuscation - split (indicator-obfuscation.rules)
 * 1:8385 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer Playback Handler ActiveX clsid access (browser-plugins.rules)
 * 1:26632 <-> DISABLED <-> SERVER-WEBAPP Microsoft Windows 2012 Server additional empty Accept-Encoding field denial of service attempt (server-webapp.rules)
 * 1:4140 <-> DISABLED <-> SERVER-OTHER tcpdump tcp LDP print zero length message denial of service attempt (server-other.rules)
 * 1:4161 <-> DISABLED <-> BROWSER-PLUGINS DigWebX MSN ActiveX object access (browser-plugins.rules)
 * 1:27573 <-> ENABLED <-> SERVER-APACHE Apache Struts wildcard matching OGNL remote code execution attempt (server-apache.rules)
 * 1:4180 <-> DISABLED <-> BROWSER-PLUGINS Kodak Image Scan Control ActiveX object access (browser-plugins.rules)
 * 1:27967 <-> DISABLED <-> MALWARE-CNC Win.Backdoor.Chopper web shell connection (malware-cnc.rules)
 * 1:27205 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Media Services CallHTMLHelp ActiveX buffer overflow attempt (browser-plugins.rules)
 * 1:7886 <-> DISABLED <-> BROWSER-PLUGINS AolCalSvr.ACDictionary ActiveX clsid access (browser-plugins.rules)
 * 1:26640 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer XML digital signature transformation of digest value (browser-ie.rules)
 * 1:27184 <-> DISABLED <-> FILE-FLASH Adobe Flash Player malicious swf file download attempt (file-flash.rules)
 * 1:27726 <-> ENABLED <-> MALWARE-CNC Orbit Downloader denial of service update (malware-cnc.rules)
 * 1:28128 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word remote code execution attempt (file-office.rules)
 * 1:26429 <-> ENABLED <-> FILE-FLASH Adobe Flash Player RTMP malformed onStatus message type confusion attempt (file-flash.rules)
 * 1:7040 <-> DISABLED <-> OS-WINDOWS SMB Trans unicode andx mailslot heap overflow attempt (os-windows.rules)
 * 1:27118 <-> DISABLED <-> OS-MOBILE Android Androrat contact list leakage (os-mobile.rules)
 * 1:8837 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DABbox3.1 ActiveX clsid access (browser-plugins.rules)
 * 1:26693 <-> DISABLED <-> OS-MOBILE Android Antammi device information exfiltration (os-mobile.rules)
 * 1:8818 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DAJoinStyle.1 ActiveX function call access (browser-plugins.rules)
 * 1:9629 <-> DISABLED <-> BROWSER-PLUGINS Citrix.ICAClient ActiveX clsid access (browser-plugins.rules)
 * 1:7553 <-> DISABLED <-> PUA-ADWARE Adware hxdl runtime detection - hxlogonly user-agent (pua-adware.rules)
 * 1:27699 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Tartober variant connection (malware-cnc.rules)
 * 1:3034 <-> DISABLED <-> NETBIOS SMB NT Trans NT CREATE DACL overflow attempt (netbios.rules)
 * 1:27630 <-> ENABLED <-> MALWARE-CNC Win.Backdoor.Aumlib outbound connection (malware-cnc.rules)
 * 1:7922 <-> DISABLED <-> BROWSER-PLUGINS DXImageTransform.Microsoft.RevealTrans ActiveX clsid access (browser-plugins.rules)
 * 1:6188 <-> DISABLED <-> PUA-ADWARE Adware ISTBar runtime detection - bar (pua-adware.rules)
 * 1:27226 <-> DISABLED <-> SERVER-WEBAPP DokuWiki PHP file inclusion attempt (server-webapp.rules)
 * 1:28052 <-> DISABLED <-> SERVER-WEBAPP Linksys WRT110 ping.cgi remote command execution attempt (server-webapp.rules)
 * 1:27045 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Blocker Download (malware-cnc.rules)
 * 1:8045 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Video Effect Class Manager 2 Input ActiveX clsid access (browser-plugins.rules)
 * 1:556 <-> DISABLED <-> PUA-P2P Outbound GNUTella client request (pua-p2p.rules)
 * 1:26493 <-> ENABLED <-> FILE-IDENTIFY KingView KingMessage log file attachment detected (file-identify.rules)
 * 1:28125 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Banbra variant connection (malware-cnc.rules)
 * 1:9626 <-> DISABLED <-> BROWSER-PLUGINS AcroPDF.PDF ActiveX clsid access (browser-plugins.rules)
 * 1:27718 <-> DISABLED <-> OS-WINDOWS Microsoft Windows malformed shortcut file buffer overflow attempt (os-windows.rules)
 * 1:6253 <-> DISABLED <-> PUA-TOOLBARS Trackware quicksearch toolbar runtime detection - log user ativity (pua-toolbars.rules)
 * 1:4145 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Trouble Shooter ActiveX object access (browser-plugins.rules)
 * 1:27821 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel PtgMemFunc zero-value cce-field read access violation attempt (file-office.rules)
 * 1:27735 <-> DISABLED <-> INDICATOR-OBFUSCATION Javascript obfuscation - document - seen in IFRAMEr Tool usage (indicator-obfuscation.rules)
 * 1:27206 <-> DISABLED <-> BROWSER-PLUGINS SigPlus Pro ActiveX clsid access (browser-plugins.rules)
 * 1:27711 <-> ENABLED <-> MALWARE-CNC Win.Trojan.FakeAV outbound connection (malware-cnc.rules)
 * 1:26843 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer 9 array element property use after free attempt (browser-ie.rules)
 * 1:4168 <-> DISABLED <-> BROWSER-PLUGINS Shell Automation Service ActiveX object access (browser-plugins.rules)
 * 1:26907 <-> DISABLED <-> SERVER-WEBAPP TWiki search function remote code execution attempt (server-webapp.rules)
 * 1:7580 <-> DISABLED <-> PUA-TOOLBARS Hijacker starware toolbar runtime detection - update (pua-toolbars.rules)
 * 1:27631 <-> ENABLED <-> MALWARE-CNC Win.Backdoor.Aumlib outbound connection (malware-cnc.rules)
 * 1:7932 <-> DISABLED <-> BROWSER-PLUGINS FolderItems3 ActiveX clsid access (browser-plugins.rules)
 * 1:7577 <-> DISABLED <-> PUA-TOOLBARS Hijacker starware toolbar runtime detection - collect information (pua-toolbars.rules)
 * 1:5811 <-> DISABLED <-> PUA-ADWARE shop at home select installation in progress - clsid detected (pua-adware.rules)
 * 1:7014 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer NMSA.ASFSourceMediaDescription.1 ActiveX function call access (browser-plugins.rules)
 * 1:27727 <-> ENABLED <-> MALWARE-CNC Orbit Downloader denial of service update (malware-cnc.rules)
 * 1:6419 <-> DISABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP msdtc BuildContextW invalid uuid size attempt (os-windows.rules)
 * 1:26547 <-> DISABLED <-> SERVER-WEBAPP phpMyAdmin preg_replace remote code execution attempt (server-webapp.rules)
 * 1:26422 <-> DISABLED <-> FILE-IDENTIFY Metalink File file attachment detected (file-identify.rules)
 * 1:7193 <-> DISABLED <-> PUA-ADWARE Adware trustyfiles v3.1.0.1 runtime detection - startup access (pua-adware.rules)
 * 1:6496 <-> DISABLED <-> PUA-ADWARE Adware adpowerzone runtime detection (pua-adware.rules)
 * 1:7936 <-> DISABLED <-> BROWSER-PLUGINS DXImageTransform.Microsoft.Glow ActiveX clsid access (browser-plugins.rules)
 * 1:8091 <-> DISABLED <-> FILE-MULTIMEDIA RealNetworks RealPlayer error message format string vulnerability attempt (file-multimedia.rules)
 * 1:26620 <-> DISABLED <-> INDICATOR-OBFUSCATION multiple comment tags used in embedded RTF object - potentially malicious (indicator-obfuscation.rules)
 * 1:27617 <-> ENABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 264 buffer overflow attempt (server-other.rules)
 * 1:27745 <-> DISABLED <-> BROWSER-PLUGINS BaoFeng Storm ActiveX control SetAttributeValue method buffer overflow attempt (browser-plugins.rules)
 * 1:26542 <-> DISABLED <-> SERVER-OTHER Autonomy Ultraseek cs.html url parameter with url - possible malicious redirection attempt (server-other.rules)
 * 1:8468 <-> DISABLED <-> PUA-ADWARE Hijacker accoona outbound connection - collect info (pua-adware.rules)
 * 1:7598 <-> DISABLED <-> PUA-TOOLBARS Snoopware 2-seek runtime detection - search in toolbar (pua-toolbars.rules)
 * 1:8779 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DATransform3.1 ActiveX function call access (browser-plugins.rules)
 * 1:28137 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel ShrFmla record use after free attempt (file-office.rules)
 * 1:7942 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer http Asychronous Pluggable Protocol Handler ActiveX clsid access (browser-plugins.rules)
 * 1:7532 <-> DISABLED <-> PUA-ADWARE Adware piolet runtime detection - user-agent (pua-adware.rules)
 * 1:8391 <-> DISABLED <-> BROWSER-PLUGINS RFXInstMgr Class ActiveX clsid access (browser-plugins.rules)
 * 1:6251 <-> DISABLED <-> PUA-ADWARE Adware hotbar runtime detection - hostie user-agent (pua-adware.rules)
 * 1:7954 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Forms 2.0 ComboBox ActiveX clsid access (browser-plugins.rules)
 * 1:8761 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.SequencerControl ActiveX function call access (browser-plugins.rules)
 * 1:5935 <-> DISABLED <-> PUA-ADWARE Hijacker dropspam outbound connection - search request 3 (pua-adware.rules)
 * 1:6244 <-> DISABLED <-> PUA-ADWARE Hijacker coolwebsearch cameup outbound connection - ie auto search hijack (pua-adware.rules)
 * 1:7930 <-> DISABLED <-> BROWSER-PLUGINS FolderItem2 ActiveX clsid access (browser-plugins.rules)
 * 1:27917 <-> DISABLED <-> PUA-TOOLBARS Vittalia adware outbound connection - offers (pua-toolbars.rules)
 * 1:6375 <-> DISABLED <-> PUA-ADWARE Trickler spyblocs.eblocs detection - register request (pua-adware.rules)
 * 1:3171 <-> DISABLED <-> OS-WINDOWS DCERPC NCADG-IP-UDP msqueue function 4 overflow attempt (os-windows.rules)
 * 1:5944 <-> DISABLED <-> PUA-ADWARE Adware free access bar runtime detection 1 (pua-adware.rules)
 * 1:27187 <-> DISABLED <-> FILE-FLASH Adobe Flash Player malicious swf file download attempt (file-flash.rules)
 * 1:7958 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer mk Asychronous Pluggable Protocol Handler ActiveX clsid access (browser-plugins.rules)
 * 1:26410 <-> DISABLED <-> INDICATOR-COMPROMISE IP address check to j.maxmind.com detected (indicator-compromise.rules)
 * 1:7518 <-> DISABLED <-> PUA-TOOLBARS Trackware earthlink toolbar runtime detection - get up-to-date news info (pua-toolbars.rules)
 * 1:7022 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Explorer invalid url file overflow attempt (os-windows.rules)
 * 1:7543 <-> DISABLED <-> PUA-ADWARE Hijacker 2020search outbound connection (pua-adware.rules)
 * 1:26495 <-> ENABLED <-> FILE-OTHER WellinTech KingView KingMessage log file parsing buffer overflow attempt (file-other.rules)
 * 1:26564 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime Movie file clipping region handling heap buffer overflow attempt (file-multimedia.rules)
 * 1:7476 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WMT Import Filter ActiveX clsid access (browser-plugins.rules)
 * 1:497 <-> DISABLED <-> INDICATOR-COMPROMISE file copied ok (indicator-compromise.rules)
 * 1:26945 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Bisonal RAT beacon (malware-cnc.rules)
 * 1:27910 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Kovter variant connection (malware-cnc.rules)
 * 1:7446 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Record Queue ActiveX clsid access (browser-plugins.rules)
 * 1:27577 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agent variant outbound connection (malware-cnc.rules)
 * 1:8747 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DAEndStyle.1 ActiveX clsid access (browser-plugins.rules)
 * 1:27244 <-> ENABLED <-> SERVER-APACHE Apache Struts2 blacklisted method redirect (server-apache.rules)
 * 1:5890 <-> DISABLED <-> PUA-ADWARE Hijacker shopnav outbound connection - self-update request 1 (pua-adware.rules)
 * 1:7997 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer CLSID_ApprenticeICW ActiveX clsid access (browser-plugins.rules)
 * 1:5743 <-> DISABLED <-> PUA-ADWARE Hijacker actualnames outbound connection - plugin list (pua-adware.rules)
 * 1:7521 <-> DISABLED <-> PUA-TOOLBARS Trackware earthlink toolbar runtime detection - search toolbar request 1 (pua-toolbars.rules)
 * 1:4894 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer PSEnumVariant ActiveX object access (browser-plugins.rules)
 * 1:27286 <-> DISABLED <-> SERVER-WEBAPP DuWare DuClassmate default.asp iCity sql injection attempt (server-webapp.rules)
 * 1:6213 <-> DISABLED <-> PUA-ADWARE Hijacker 7fasst outbound connection - auto requests (pua-adware.rules)
 * 1:6189 <-> DISABLED <-> PUA-TOOLBARS Trackware try2find detection (pua-toolbars.rules)
 * 1:7870 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Office Data Source Control 9.0 ActiveX clsid access (browser-plugins.rules)
 * 1:6505 <-> DISABLED <-> FILE-IMAGE Apple QuickTime fpx file SectNumMiniFAT overflow attempt (file-image.rules)
 * 1:6002 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DT DDS Rectilinear GDD Layout ActiveX object access (browser-plugins.rules)
 * 1:27811 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Mindweq variant connection (malware-cnc.rules)
 * 1:9652 <-> DISABLED <-> PUA-ADWARE Hijacker oemji bar outbound connection (pua-adware.rules)
 * 1:5946 <-> DISABLED <-> PUA-ADWARE Adware weirdontheweb runtime detection - monitor user web activity (pua-adware.rules)
 * 1:5995 <-> DISABLED <-> PUA-ADWARE Adware offeragent runtime detection - information checking (pua-adware.rules)
 * 1:5768 <-> DISABLED <-> PUA-ADWARE Hijacker begin2search outbound connection - pass information (pua-adware.rules)
 * 1:5984 <-> DISABLED <-> PUA-TOOLBARS Trackware push toolbar installtime detection - user information collect (pua-toolbars.rules)
 * 1:7526 <-> DISABLED <-> PUA-TOOLBARS Trackware hotblox toolbar runtime detection - stat counter (pua-toolbars.rules)
 * 1:7433 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectX Transform Wrapper Property Page ActiveX clsid access (browser-plugins.rules)
 * 1:26626 <-> DISABLED <-> FILE-OFFICE Microsoft Office XML parameter entity reference local file disclosure attempt (file-office.rules)
 * 1:27182 <-> DISABLED <-> FILE-FLASH Adobe Flash Player malicious swf file download attempt (file-flash.rules)
 * 1:8839 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DABbox3.1 ActiveX function call access (browser-plugins.rules)
 * 1:7500 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WM VIH2 Fix ActiveX clsid access (browser-plugins.rules)
 * 1:27208 <-> DISABLED <-> BROWSER-PLUGINS Symantec WinFax Pro ActiveX heap buffer overflow attempt (browser-plugins.rules)
 * 1:27186 <-> DISABLED <-> FILE-FLASH Adobe Flash Player malicious swf file download attempt (file-flash.rules)
 * 1:4160 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Reporting Tool ActiveX object access (browser-plugins.rules)
 * 1:7993 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer clbcatex.dll ActiveX clsid access (browser-plugins.rules)
 * 1:8723 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Office Data Source Control 11.0 ActiveX clsid access (browser-plugins.rules)
 * 1:26590 <-> DISABLED <-> FILE-EXECUTABLE Microsoft Windows Authenticode signature verification bypass attempt (file-executable.rules)
 * 1:7452 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WM Color Converter Filter ActiveX clsid access (browser-plugins.rules)
 * 1:6185 <-> DISABLED <-> PUA-ADWARE Adware 180Search assistant runtime detection - reporting keyword (pua-adware.rules)
 * 1:6275 <-> DISABLED <-> PUA-ADWARE Hijacker incredifind outbound connection - cookie (pua-adware.rules)
 * 1:27166 <-> DISABLED <-> FILE-OTHER Microsoft Windows HLP File Handling heap overflow attempt (file-other.rules)
 * 1:6268 <-> DISABLED <-> PUA-ADWARE Hijacker gigatech superbar outbound connection - self update - download exe (pua-adware.rules)
 * 1:26392 <-> ENABLED <-> PROTOCOL-SCADA Schneider Electric IGSS integer underflow attempt (protocol-scada.rules)
 * 1:8399 <-> DISABLED <-> BROWSER-PLUGINS Microsoft.WebCapture ActiveX clsid access (browser-plugins.rules)
 * 1:27125 <-> ENABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 211 buffer overflow attempt (server-other.rules)
 * 1:27216 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint printer record buffer overflow (file-office.rules)
 * 1:8035 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Spanish_Modern Stemmer ActiveX clsid access (browser-plugins.rules)
 * 1:8393 <-> DISABLED <-> BROWSER-PLUGINS WebDetectFrm ActiveX clsid access (browser-plugins.rules)
 * 1:27173 <-> ENABLED <-> BROWSER-PLUGINS Cisco AnyConnect mobility client activex clsid access attempt (browser-plugins.rules)
 * 1:26455 <-> DISABLED <-> SERVER-OTHER UltraVNC Listening mode stack buffer overflow attempt (server-other.rules)
 * 1:7536 <-> DISABLED <-> PUA-ADWARE Hijacker clearsearch variant outbound connection - popup (pua-adware.rules)
 * 1:4898 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer PSTypeComp ActiveX object access (browser-plugins.rules)
 * 1:5885 <-> DISABLED <-> PUA-TOOLBARS Hijacker copernic meta toolbar runtime detection - ie autosearch & search assistant hijack (pua-toolbars.rules)
 * 1:26953 <-> DISABLED <-> SERVER-WEBAPP D-Link DIR-300/DIR-600 unauthenticated remote command execution attempt (server-webapp.rules)
 * 1:26639 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer XML digital signature transformation of digest value (browser-ie.rules)
 * 1:5792 <-> DISABLED <-> PUA-ADWARE Dialer pluginaccess outbound connection - active proxy (pua-adware.rules)
 * 1:28209 <-> ENABLED <-> MALWARE-CNC Win.Worm.IRCbot outbound communication (malware-cnc.rules)
 * 1:7840 <-> DISABLED <-> PUA-TOOLBARS Hijacker instafinder initial configuration detection (pua-toolbars.rules)
 * 1:8073 <-> DISABLED <-> PUA-TOOLBARS Adware zango toolbar runtime detection (pua-toolbars.rules)
 * 1:27644 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Merong variant connection (malware-cnc.rules)
 * 1:27240 <-> DISABLED <-> SERVER-OTHER multiple vendors IPMI RAKP username brute force attempt (server-other.rules)
 * 1:27755 <-> ENABLED <-> FILE-FLASH Adobe Flash Player Action InitArray stack overflow attempt (file-flash.rules)
 * 1:5710 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Media Player Plugin for Non-IE browsers buffer overflow attempt (os-windows.rules)
 * 1:28212 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Bitsto variant connection (malware-cnc.rules)
 * 1:6479 <-> DISABLED <-> PUA-ADWARE Snoopware totalvelocity zsearch outbound connection (pua-adware.rules)
 * 1:4215 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer HTML Popup Window ActiveX object access (browser-plugins.rules)
 * 1:7482 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WMT MuxDeMux Filter ActiveX clsid access (browser-plugins.rules)
 * 1:27001 <-> DISABLED <-> SERVER-OTHER Novell ZENWorks Remote Management overflow attempt (server-other.rules)
 * 1:26602 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel sheet name memory corruption attempt (file-office.rules)
 * 1:5919 <-> DISABLED <-> PUA-ADWARE Hijacker painter outbound connection - redirect to klikvipsearch (pua-adware.rules)
 * 1:3967 <-> DISABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP umpnpmgr PNP_QueryResConfList attempt (os-windows.rules)
 * 1:7573 <-> DISABLED <-> PUA-ADWARE Trickler album galaxy outbound connection - p2p gnutella (pua-adware.rules)
 * 1:28106 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Banload information upload (malware-cnc.rules)
 * 1:6267 <-> DISABLED <-> PUA-ADWARE Hijacker gigatech superbar outbound connection - self update - get update (pua-adware.rules)
 * 1:5677 <-> DISABLED <-> NETBIOS SMB Session Setup username overflow attempt (netbios.rules)
 * 1:26549 <-> DISABLED <-> FILE-JAVA Oracle Java JRE reflection types public final field overwrite attempt (file-java.rules)
 * 1:5803 <-> DISABLED <-> PUA-TOOLBARS Trackware myway speedbar / mywebsearch toolbar runtime detection - collect information (pua-toolbars.rules)
 * 1:4227 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Network Connections ActiveX object access (browser-plugins.rules)
 * 1:28081 <-> DISABLED <-> OS-MOBILE Android ANDR.Trojan.Malapp APK file download attempt (os-mobile.rules)
 * 1:5926 <-> DISABLED <-> PUA-ADWARE Adware active shopper runtime detection - collect information (pua-adware.rules)
 * 1:7848 <-> DISABLED <-> PUA-TOOLBARS Hijacker netguide runtime detection (pua-toolbars.rules)
 * 1:8831 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DACamera.1 ActiveX clsid access (browser-plugins.rules)
 * 1:26417 <-> ENABLED <-> SERVER-WEBAPP HP Intelligent Management Center mibFileUpload servlet arbitrary file upload attempt (server-webapp.rules)
 * 1:27826 <-> DISABLED <-> SERVER-WEBAPP Microsoft SharePoint self cross site scripting attempt (server-webapp.rules)
 * 1:28072 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Omexo outbound communication (malware-cnc.rules)
 * 1:27827 <-> DISABLED <-> SERVER-WEBAPP Microsoft SharePoint self cross site scripting attempt (server-webapp.rules)
 * 1:4897 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer PSOAInterface ActiveX object access (browser-plugins.rules)
 * 1:4158 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Media Player Active Movie ActiveX object access (browser-plugins.rules)
 * 1:28025 <-> DISABLED <-> INDICATOR-OBFUSCATION Javascript obfuscation - split - seen in iframe injection (indicator-obfuscation.rules)
 * 1:26644 <-> DISABLED <-> SERVER-OTHER SSL TLS DEFLATE compression detected (server-other.rules)
 * 1:6373 <-> DISABLED <-> PUA-ADWARE Trickler spyblocs eblocs detection - stbarpat.dat (pua-adware.rules)
 * 1:5945 <-> DISABLED <-> PUA-ADWARE Adware weirdontheweb runtime detection - track.cgi request (pua-adware.rules)
 * 1:8816 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DAJoinStyle.1 ActiveX clsid access (browser-plugins.rules)
 * 1:27684 <-> DISABLED <-> SERVER-WEBAPP ASPMForum SQL injection attempt (server-webapp.rules)
 * 1:4895 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer PSTypeInfo ActiveX object access (browser-plugins.rules)
 * 1:9129 <-> DISABLED <-> BROWSER-PLUGINS WinZip FileView 6.1 ActiveX clsid access (browser-plugins.rules)
 * 1:6263 <-> DISABLED <-> PUA-ADWARE Hijacker gigatech superbar outbound connection - collect information (pua-adware.rules)
 * 1:7970 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer PostBootReminder object ActiveX clsid access (browser-plugins.rules)
 * 1:5750 <-> DISABLED <-> PUA-TOOLBARS Adware dogpile runtime detection (pua-toolbars.rules)
 * 1:4167 <-> DISABLED <-> BROWSER-PLUGINS MSN Heartbeat ActiveX clsid access (browser-plugins.rules)
 * 1:26518 <-> DISABLED <-> FILE-IDENTIFY maplet bin file attachment detected (file-identify.rules)
 * 1:8845 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DAArray.1 ActiveX function call access (browser-plugins.rules)
 * 1:6214 <-> DISABLED <-> PUA-ADWARE Hijacker 7fasst outbound connection - search (pua-adware.rules)
 * 1:7844 <-> DISABLED <-> PUA-ADWARE Hijacker avenuemedia.dyfuca outbound connection - post data (pua-adware.rules)
 * 1:27852 <-> ENABLED <-> FILE-OFFICE Microsoft Office Word invalid number of cells memory corruption attempt (file-office.rules)
 * 1:27203 <-> DISABLED <-> INDICATOR-COMPROMISE Apache auto_prepend_file a.control.bin C2 traffic (indicator-compromise.rules)
 * 1:26528 <-> DISABLED <-> INDICATOR-COMPROMISE Unix.Backdoor.Cdorked redirect attempt (indicator-compromise.rules)
 * 1:8469 <-> DISABLED <-> PUA-ADWARE Hijacker accoona outbound connection - open sidebar search url (pua-adware.rules)
 * 1:8381 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer SMIL Download Handler ActiveX clsid access (browser-plugins.rules)
 * 1:8365 <-> DISABLED <-> BROWSER-PLUGINS DExplore.AppObj.8.0 ActiveX clsid access (browser-plugins.rules)
 * 1:27016 <-> DISABLED <-> OS-MOBILE Android AnserverBot initial contact (os-mobile.rules)
 * 1:27604 <-> DISABLED <-> POLICY-SPAM FedEX spam campaign outbound connection (policy-spam.rules)
 * 1:5850 <-> DISABLED <-> PUA-ADWARE Adware warez_p2p runtime detection - check update (pua-adware.rules)
 * 1:7005 <-> DISABLED <-> BROWSER-PLUGINS OutlookExpress.AddressBook ActiveX function call access (browser-plugins.rules)
 * 1:7874 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Office PivotTable 10.0 ActiveX clsid access (browser-plugins.rules)
 * 1:26414 <-> ENABLED <-> PROTOCOL-SCADA CODESYS Gateway-Server executable file upload attempt (protocol-scada.rules)
 * 1:6278 <-> DISABLED <-> PUA-TOOLBARS Trickler navexcel search toolbar runtime detection - activate/update (pua-toolbars.rules)
 * 1:4193 <-> DISABLED <-> BROWSER-PLUGINS Kodak Image Editing ActiveX object access (browser-plugins.rules)
 * 1:26433 <-> DISABLED <-> FILE-OTHER Cisco WebEx recording integer overflow attempt (file-other.rules)
 * 1:5953 <-> DISABLED <-> PUA-ADWARE Hijacker 123mania outbound connection - sidesearch hijacking (pua-adware.rules)
 * 1:8031 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Mslablti.MarshalableTI.1 ActiveX clsid access (browser-plugins.rules)
 * 1:4219 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Network Connections Tray ActiveX object access (browser-plugins.rules)
 * 1:26390 <-> DISABLED <-> SERVER-OTHER BigAnt Document Service DUPF command arbitrary file upload attempt (server-other.rules)
 * 1:7570 <-> DISABLED <-> PUA-ADWARE Hijacker linkspider search bar outbound connection - ads (pua-adware.rules)
 * 1:6681 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Media Transform Effects ActiveX clsid access (browser-plugins.rules)
 * 1:4755 <-> DISABLED <-> OS-WINDOWS DCERPC NCADG-IP-UDP locator nsi_binding_lookup_begin overflow attempt (os-windows.rules)
 * 1:26699 <-> ENABLED <-> FILE-IMAGE Apple QuickTime PICT Image PnSize Opcode Stack Buffer Overflow attempt (file-image.rules)
 * 1:27268 <-> ENABLED <-> FILE-FLASH Adobe Flash ActionScript user-supplied PCM resampling integer overflow attempt (file-flash.rules)
 * 1:26991 <-> DISABLED <-> SERVER-WEBAPP WordPress Super Cache & W3 Total Cache remote code execution attempt (server-webapp.rules)
 * 1:28033 <-> ENABLED <-> MALWARE-CNC Win.Ransomware.Urausy variant outbound connection (malware-cnc.rules)
 * 1:27763 <-> DISABLED <-> BROWSER-PLUGINS Husdawg System Requirements Lab Control ActiveX clsid access (browser-plugins.rules)
 * 1:4199 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Blnmgrps.dll ActiveX object access (browser-plugins.rules)
 * 1:26551 <-> DISABLED <-> FILE-JAVA Oracle Java JRE reflection types public final field overwrite attempt (file-java.rules)
 * 1:8428 <-> DISABLED <-> SERVER-OTHER SSLv2 openssl get shared ciphers overflow attempt (server-other.rules)
 * 1:6215 <-> DISABLED <-> PUA-ADWARE Hijacker 7fasst outbound connection - track (pua-adware.rules)
 * 1:7902 <-> DISABLED <-> BROWSER-PLUGINS CDDBControlAOL.CDDBAOLControl ActiveX clsid access (browser-plugins.rules)
 * 1:26427 <-> DISABLED <-> PROTOCOL-DNS ISC libdns client NAPTR record regular expression handling denial of service attempt (protocol-dns.rules)
 * 1:26694 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader dll injection sandbox escape (file-pdf.rules)
 * 1:7974 <-> DISABLED <-> BROWSER-PLUGINS Rendezvous Class ActiveX clsid access (browser-plugins.rules)
 * 1:8367 <-> DISABLED <-> BROWSER-PLUGINS Microsoft.DbgClr.DTE.8.0 ActiveX clsid access (browser-plugins.rules)
 * 1:26944 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Post_Show RAT beacon (malware-cnc.rules)
 * 1:6247 <-> DISABLED <-> PUA-ADWARE Adware ezula toptext runtime detection - help redirect (pua-adware.rules)
 * 1:5809 <-> DISABLED <-> PUA-ADWARE Hijacker shop at home select merchant redirect in progress (pua-adware.rules)
 * 1:3019 <-> DISABLED <-> NETBIOS SMB NT Trans NT CREATE andx oversized Security Descriptor attempt (netbios.rules)
 * 1:8389 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer RMP Download Handler ActiveX clsid access (browser-plugins.rules)
 * 1:5741 <-> DISABLED <-> FILE-OTHER Microsoft HTML help workshop buffer overflow attempt (file-other.rules)
 * 1:27914 <-> DISABLED <-> PUA-ADWARE Vittalia adware - post install (pua-adware.rules)
 * 1:7831 <-> DISABLED <-> PUA-ADWARE Adware downloadplus runtime detection (pua-adware.rules)
 * 1:3146 <-> DISABLED <-> OS-WINDOWS SMB-DS Trans2 FIND_FIRST2 response andx overflow attempt (os-windows.rules)
 * 1:27730 <-> DISABLED <-> INDICATOR-COMPROMISE request for potential web shell - /css3.jsp (indicator-compromise.rules)
 * 1:3473 <-> DISABLED <-> FILE-MULTIMEDIA RealNetworks RealPlayer SMIL file overflow attempt (file-multimedia.rules)
 * 1:8448 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel colinfo XF record overflow attempt (file-office.rules)
 * 1:6714 <-> DISABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP rras RasRpcSetUserPreferences phonebook mode overflow attempt (os-windows.rules)
 * 1:8725 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows System Monitor ActiveX clsid access (browser-plugins.rules)
 * 1:26903 <-> DISABLED <-> FILE-IDENTIFY Android APK download file attachment detected (file-identify.rules)
 * 1:7006 <-> DISABLED <-> BROWSER-PLUGINS ASControls.InstallEngineCtl ActiveX function call access (browser-plugins.rules)
 * 1:9639 <-> DISABLED <-> FILE-IDENTIFY Microsoft Windows Address Book file magic detected (file-identify.rules)
 * 1:7020 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer isComponentInstalled function buffer overflow (browser-ie.rules)
 * 1:7898 <-> DISABLED <-> BROWSER-PLUGINS AOL.PicSsvrCtrl ActiveX clsid access (browser-plugins.rules)
 * 1:27862 <-> ENABLED <-> SERVER-WEBAPP Avaya IP Office Customer Call Reporter invalid file upload attempt (server-webapp.rules)
 * 1:9668 <-> DISABLED <-> BROWSER-PLUGINS Outlook Recipient Control ActiveX clsid access (browser-plugins.rules)
 * 1:7926 <-> DISABLED <-> BROWSER-PLUGINS DXTFilter ActiveX clsid access (browser-plugins.rules)
 * 1:7492 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WMT Virtual Renderer ActiveX clsid access (browser-plugins.rules)
 * 1:26707 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint Viewer memory allocation code execution attempt (file-office.rules)
 * 1:5826 <-> DISABLED <-> PUA-ADWARE Adware broadcasturban tuner runtime detection - pass user info to server (pua-adware.rules)
 * 1:4229 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSAPP Export Support for Office Access ActiveX object access (browser-plugins.rules)
 * 1:7429 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Bitmap ActiveX clsid access (browser-plugins.rules)
 * 1:26767 <-> DISABLED <-> BROWSER-PLUGINS Oracle Java Web Start control launchapp embed access (browser-plugins.rules)
 * 1:5840 <-> DISABLED <-> PUA-ADWARE Hijacker sep outbound connection (pua-adware.rules)
 * 1:28087 <-> DISABLED <-> OS-MOBILE Android ANDR.Trojan.SmsSpy APK file download attempt (os-mobile.rules)
 * 1:26619 <-> DISABLED <-> INDICATOR-OBFUSCATION multiple comment tags used in embedded RTF object - potentially malicious (indicator-obfuscation.rules)
 * 1:6478 <-> DISABLED <-> PUA-TOOLBARS Trackware searchingall toolbar runtime detection - send user url request (pua-toolbars.rules)
 * 1:8773 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DAVector2.1 ActiveX function call access (browser-plugins.rules)
 * 1:7862 <-> DISABLED <-> BROWSER-PLUGINS Mcafee Security Center McSubMgr.IsAppExpired ActiveX function call access (browser-plugins.rules)
 * 1:7035 <-> DISABLED <-> OS-WINDOWS SMB Trans mailslot heap overflow attempt (os-windows.rules)
 * 1:26430 <-> ENABLED <-> FILE-FLASH Adobe Flash Player RTMP malformed onStatus message type confusion attempt (file-flash.rules)
 * 1:7892 <-> DISABLED <-> BROWSER-PLUGINS AOL Phobos Class ActiveX clsid access (browser-plugins.rules)
 * 1:27820 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel PtgMemFunc zero-value cce-field read access violation attempt (file-office.rules)
 * 1:27570 <-> DISABLED <-> BROWSER-PLUGINS CEnroll.CEnroll.2 ActiveX function stringtoBinary access attempt (browser-plugins.rules)
 * 1:4177 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Office 2000 and 2002 Web Components Spreadsheet ActiveX clsid access (browser-plugins.rules)
 * 1:7594 <-> DISABLED <-> PUA-ADWARE Adware comedy planet runtime detection - ads (pua-adware.rules)
 * 1:4191 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows MsnPUpld ActiveX object access (browser-plugins.rules)
 * 1:27234 <-> DISABLED <-> SERVER-OTHER Microsoft Active Directory LDAP search denial of service attempt (server-other.rules)
 * 1:7562 <-> DISABLED <-> PUA-ADWARE Adware morpheus runtime detection - ad 1 (pua-adware.rules)
 * 1:6265 <-> DISABLED <-> PUA-ADWARE Hijacker gigatech superbar outbound connection - self update - engine (pua-adware.rules)
 * 1:26973 <-> ENABLED <-> FILE-OFFICE Microsoft Office Visio TAG_xxxSect code execution attempt (file-office.rules)
 * 1:498 <-> DISABLED <-> INDICATOR-COMPROMISE id check returned root (indicator-compromise.rules)
 * 1:26998 <-> ENABLED <-> MALWARE-CNC OSX.Trojan.Morcut file download (malware-cnc.rules)
 * 1:27945 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel ObjectLink invalid wLinkVar2 value attempt (file-office.rules)
 * 1:6236 <-> DISABLED <-> PUA-ADWARE Adware lop runtime detection - pass info to server (pua-adware.rules)
 * 1:7494 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WMT Virtual Source ActiveX clsid access (browser-plugins.rules)
 * 1:4915 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Shortcut Handler ActiveX object access (browser-plugins.rules)
 * 1:6250 <-> DISABLED <-> PUA-ADWARE Adware hotbar runtime detection - hotbar user-agent (pua-adware.rules)
 * 1:26992 <-> DISABLED <-> SERVER-WEBAPP WordPress Super Cache & W3 Total Cache remote code execution attempt (server-webapp.rules)
 * 1:6467 <-> DISABLED <-> POLICY-SOCIAL jabber traffic detected (policy-social.rules)
 * 1:27665 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Castov variant connection (malware-cnc.rules)
 * 1:4906 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Repository Interface Definition ActiveX object access (browser-plugins.rules)
 * 1:3021 <-> DISABLED <-> NETBIOS SMB NT Trans NT CREATE unicode andx oversized Security Descriptor attempt (netbios.rules)
 * 1:26420 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer 9 onbeforeprint use after free attempt (browser-ie.rules)
 * 1:4174 <-> DISABLED <-> BROWSER-PLUGINS Symantec RuFSI registry Information Class ActiveX object access (browser-plugins.rules)
 * 1:6249 <-> DISABLED <-> PUA-ADWARE Adware ezula toptext runtime detection - redirect (pua-adware.rules)
 * 1:8025 <-> DISABLED <-> BROWSER-PLUGINS Microsoft HTML Window Security Proxy ActiveX clsid access (browser-plugins.rules)
 * 1:7137 <-> DISABLED <-> PUA-ADWARE Hijacker dsrch outbound connection - side search redirect (pua-adware.rules)
 * 1:5886 <-> DISABLED <-> PUA-TOOLBARS Hijacker copernic meta toolbar runtime detection - pass info to server (pua-toolbars.rules)
 * 1:26905 <-> DISABLED <-> SERVER-WEBAPP FosWiki and TWiki MAKETEXT macro memory consumption denial of service attempt (server-webapp.rules)
 * 1:27758 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Visual Studio Msmask32 ActiveX function call access (browser-plugins.rules)
 * 1:4162 <-> DISABLED <-> BROWSER-PLUGINS DigWebX MSN ActiveX object access (browser-plugins.rules)
 * 1:27170 <-> ENABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 1091 buffer overflow attempt (server-other.rules)
 * 1:4212 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DDS Generic Class ActiveX object access (browser-plugins.rules)
 * 1:27729 <-> DISABLED <-> INDICATOR-COMPROMISE request for potential web shell - /Silic.jsp (indicator-compromise.rules)
 * 1:8425 <-> DISABLED <-> BROWSER-PLUGINS DXImageTransform.Microsoft.NDFXArtEffects ActiveX function call access (browser-plugins.rules)
 * 1:6196 <-> DISABLED <-> PUA-ADWARE Hijacker smart shopper outbound connection - services requests (pua-adware.rules)
 * 1:5985 <-> DISABLED <-> PUA-TOOLBARS Trackware push toolbar runtime detection - toolbar information request (pua-toolbars.rules)
 * 1:26601 <-> DISABLED <-> FILE-EXECUTABLE Microsoft Windows Authenticode signature verification bypass attempt (file-executable.rules)
 * 1:26885 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer onscroll use after free attempt (browser-ie.rules)
 * 1:26519 <-> DISABLED <-> FILE-IDENTIFY maplet bin file attachment detected (file-identify.rules)
 * 1:26982 <-> ENABLED <-> FILE-FLASH Adobe SWF remote memory corruption attempt (file-flash.rules)
 * 1:7940 <-> DISABLED <-> BROWSER-PLUGINS DXImageTransform.Microsoft.Gradient ActiveX clsid access (browser-plugins.rules)
 * 1:27757 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Visual Studio Msmask32 ActiveX clsid access (browser-plugins.rules)
 * 1:28130 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word remote code execution attempt (file-office.rules)
 * 1:7554 <-> DISABLED <-> PUA-ADWARE Adware hxdl runtime detection - hxdownload user-agent (pua-adware.rules)
 * 1:8753 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer LM.AutoEffectBvr.1 ActiveX clsid access (browser-plugins.rules)
 * 1:5871 <-> DISABLED <-> PUA-ADWARE Trickler VX2/ABetterInternet transponder thinstaller outbound connection - post information (pua-adware.rules)
 * 1:8007 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Dutch_Dutch Stemmer ActiveX clsid access (browser-plugins.rules)
 * 1:9619 <-> DISABLED <-> FILE-OTHER Gnu gv buffer overflow attempt (file-other.rules)
 * 1:6282 <-> DISABLED <-> PUA-TOOLBARS Hijacker customtoolbar runtime detection (pua-toolbars.rules)
 * 1:8850 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Agent Custom Proxy Class ActiveX clsid access (browser-plugins.rules)
 * 1:27965 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Eupuds variant connection (malware-cnc.rules)
 * 1:27262 <-> ENABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 263 buffer overflow attempt (server-other.rules)
 * 1:27031 <-> DISABLED <-> OS-MOBILE Android Satfi device information leakage (os-mobile.rules)
 * 1:8840 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DABbox2.1 ActiveX clsid access (browser-plugins.rules)
 * 1:5916 <-> DISABLED <-> PUA-TOOLBARS Hijacker locatorstoolbar runtime detection - sidebar search (pua-toolbars.rules)
 * 1:27655 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Enchanim variant connection (malware-cnc.rules)
 * 1:7952 <-> DISABLED <-> BROWSER-PLUGINS Microsoft DirectAnimation Windowed Control ActiveX clsid access (browser-plugins.rules)
 * 1:6342 <-> DISABLED <-> PUA-ADWARE Hijacker spediabar outbound connection - info check (pua-adware.rules)
 * 1:3067 <-> DISABLED <-> PROTOCOL-IMAP examine literal overflow attempt (protocol-imap.rules)
 * 1:28079 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Napolar outbound connection (malware-cnc.rules)
 * 1:5855 <-> DISABLED <-> PUA-ADWARE Hijacker funbuddyicons outbound connection - request config (pua-adware.rules)
 * 1:8801 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DANumber.1 ActiveX clsid access (browser-plugins.rules)
 * 1:3143 <-> DISABLED <-> OS-WINDOWS SMB Trans2 FIND_FIRST2 command response overflow attempt (os-windows.rules)
 * 1:4904 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Repository Alias ActiveX object access (browser-plugins.rules)
 * 1:26831 <-> DISABLED <-> FILE-OFFICE Microsoft Office MSComctlLib.Toolbar ActiveX control access (file-office.rules)
 * 1:7442 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer mmAEPlugIn.AEPlugIn.1 ActiveX clsid access (browser-plugins.rules)
 * 1:28144 <-> ENABLED <-> MALWARE-CNC Trojan.Win32.Wpbrutebot variant connection (malware-cnc.rules)
 * 1:27222 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer innerHTML against incomplete element heap corruption attempt (browser-ie.rules)
 * 1:9637 <-> DISABLED <-> FILE-OTHER Adobe Download Manger dm.ini stack overflow attempt (file-other.rules)
 * 1:9641 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Media Player ASF simple index object parsing buffer overflow attempt (os-windows.rules)
 * 1:26652 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader X XML forms specially crafted RLE8 format BMP integer overflow attempt (file-pdf.rules)
 * 1:27028 <-> DISABLED <-> SERVER-WEBAPP Novell ZENworks Mobile Management mdm.php directory traversal attempt (server-webapp.rules)
 * 1:8813 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DALineStyle.1 ActiveX clsid access (browser-plugins.rules)
 * 1:4170 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Office 2000 and 2002 Web Components Data Source Control ActiveX clsid access (browser-plugins.rules)
 * 1:7155 <-> DISABLED <-> PUA-ADWARE Trickler jubster outbound connection (pua-adware.rules)
 * 1:6203 <-> DISABLED <-> PUA-ADWARE Trickler farmmext outbound connection - drk.syn request (pua-adware.rules)
 * 1:26798 <-> DISABLED <-> SERVER-WEBAPP Mutiny editdocument servlet arbitrary file upload attempt (server-webapp.rules)
 * 1:6230 <-> DISABLED <-> PUA-TOOLBARS Hijacker i-lookup runtime detection (pua-toolbars.rules)
 * 1:4157 <-> DISABLED <-> BROWSER-PLUGINS MSN Setup BBS 4.71.0.10 ActiveX object access (browser-plugins.rules)
 * 1:26938 <-> DISABLED <-> OS-MOBILE Android Tetus device information leakage (os-mobile.rules)
 * 1:5994 <-> DISABLED <-> PUA-ADWARE Hijacker getmirar outbound connection - click related button (pua-adware.rules)
 * 1:26661 <-> DISABLED <-> FILE-PDF PDF with click-to-launch executable (file-pdf.rules)
 * 1:5807 <-> DISABLED <-> PUA-ADWARE Hijacker shopathomeselect outbound connection (pua-adware.rules)
 * 1:28100 <-> DISABLED <-> SERVER-OTHER CA Total Defense Suite UNCWS deleteReportFilter SQL injection attempt (server-other.rules)
 * 1:7588 <-> DISABLED <-> PUA-ADWARE Trickler urlblaze outbound connection - files search or download (pua-adware.rules)
 * 1:27249 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel invalid Window2 BIFF record value attempt (file-office.rules)
 * 1:8064 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Scriptlet.Typelib ActiveX clsid access (browser-plugins.rules)
 * 1:5692 <-> DISABLED <-> PUA-P2P Skype client successful install (pua-p2p.rules)
 * 1:8001 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer CommunicationManager ActiveX clsid access (browser-plugins.rules)
 * 1:27732 <-> DISABLED <-> INDICATOR-COMPROMISE request for potential web shell - /jspspy.jsp (indicator-compromise.rules)
 * 1:4188 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer RAV Online Scanner ActiveX object access (browser-plugins.rules)
 * 1:6348 <-> DISABLED <-> PUA-ADWARE Snoopware zenosearch outbound connection (pua-adware.rules)
 * 1:26567 <-> DISABLED <-> INDICATOR-OBFUSCATION base64-encoded nop sled detected (indicator-obfuscation.rules)
 * 1:5937 <-> DISABLED <-> PUA-ADWARE Hijacker dropspam outbound connection - pass information to its controlling server (pua-adware.rules)
 * 1:4132 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer msdds clsid attempt (browser-ie.rules)
 * 1:26490 <-> ENABLED <-> BROWSER-OTHER Novell Messenger Client nim URI handler buffer overflow attempt (browser-other.rules)
 * 1:6504 <-> DISABLED <-> FILE-OTHER Sophos Anti-Virus CAB file overflow attempt (file-other.rules)
 * 1:5884 <-> DISABLED <-> PUA-TOOLBARS Hijacker copernic meta toolbar runtime detection - check toolbar & category info (pua-toolbars.rules)
 * 1:6517 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DXImageTransform.Microsoft.Light ActiveX clsid access (browser-plugins.rules)
 * 1:5952 <-> DISABLED <-> PUA-ADWARE Hijacker 123mania outbound connection - autosearch hijacking (pua-adware.rules)
 * 1:7194 <-> DISABLED <-> PUA-ADWARE Hijacker shopprreports outbound connection - services requests (pua-adware.rules)
 * 1:27913 <-> DISABLED <-> PUA-ADWARE Vittalia adware - get ads (pua-adware.rules)
 * 1:7052 <-> DISABLED <-> PUA-ADWARE Trickler generic downloader.g outbound connection - adv (pua-adware.rules)
 * 1:27089 <-> DISABLED <-> FILE-OFFICE Microsoft Office eps filters memory corruption attempt (file-office.rules)
 * 1:3132 <-> DISABLED <-> FILE-IMAGE Microsoft Multiple Products PNG large image width download attempt (file-image.rules)
 * 1:27839 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer range markup switch use after free attempt (browser-ie.rules)
 * 1:27210 <-> ENABLED <-> SERVER-OTHER IPMI RAKP cipher zero remote authentication bypass attempt (server-other.rules)
 * 1:4648 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer wang image admin activex object access (browser-plugins.rules)
 * 1:4198 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Blnmgrps.dll ActiveX object access (browser-plugins.rules)
 * 1:27267 <-> ENABLED <-> FILE-FLASH Adobe Flash ActionScript user-supplied PCM resampling integer overflow attempt (file-flash.rules)
 * 1:26830 <-> DISABLED <-> FILE-OFFICE Microsoft Office MSComctlLib.Toolbar ActiveX control access (file-office.rules)
 * 1:27759 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Treizt variant connection (malware-cnc.rules)
 * 1:28094 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Liteol variant connection (malware-cnc.rules)
 * 1:27227 <-> DISABLED <-> SERVER-WEBAPP txtSQL startup.php remote file include attempt (server-webapp.rules)
 * 1:4163 <-> DISABLED <-> BROWSER-PLUGINS DigWebX MSN ActiveX object access (browser-plugins.rules)
 * 1:27840 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer range markup switch use after free attempt (browser-ie.rules)
 * 1:7141 <-> DISABLED <-> PUA-ADWARE Adware pay-per-click runtime detection - update (pua-adware.rules)
 * 1:6480 <-> DISABLED <-> PUA-ADWARE Hijacker cws.cameup outbound connection - home page (pua-adware.rules)
 * 1:6506 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime udta atom overflow attempt (file-multimedia.rules)
 * 1:7983 <-> DISABLED <-> BROWSER-PLUGINS SuperBuddy Class ActiveX clsid access (browser-plugins.rules)
 * 1:27275 <-> DISABLED <-> FILE-IDENTIFY Trimble SketchUp file attachment detected (file-identify.rules)
 * 1:28055 <-> DISABLED <-> OS-MOBILE Android ANDR.Trojan.FakeAV outbound communication attempt (os-mobile.rules)
 * 1:27098 <-> DISABLED <-> OS-MOBILE Android ANDR.Trojan.SMSSilence unsolicited sms attempt (os-mobile.rules)
 * 1:26598 <-> DISABLED <-> FILE-OTHER .tar multiple antivirus evasion attempt (file-other.rules)
 * 1:26523 <-> DISABLED <-> SERVER-WEBAPP HP Intelligent Management Center ReportImgServlet information disclosure attempt (server-webapp.rules)
 * 1:26940 <-> ENABLED <-> MALWARE-CNC Win.Trojan.TripleNine RAT beacon (malware-cnc.rules)
 * 1:26423 <-> DISABLED <-> FILE-IDENTIFY Metalink File file attachment detected (file-identify.rules)
 * 1:27947 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel rtMergeCells heap overflow attempt (file-office.rules)
 * 1:27047 <-> DISABLED <-> INDICATOR-COMPROMISE Unknown ?1 redirect (indicator-compromise.rules)
 * 1:3079 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer ANI file parsing buffer overflow attempt (browser-ie.rules)
 * 1:8360 <-> DISABLED <-> PUA-ADWARE Hijacker yok supersearch outbound connection - search info collect (pua-adware.rules)
 * 1:8403 <-> DISABLED <-> BROWSER-PLUGINS XML Schema Cache 6.0 ActiveX clsid access (browser-plugins.rules)
 * 1:26647 <-> DISABLED <-> BROWSER-PLUGINS Java security warning bypass through JWS attempt (browser-plugins.rules)
 * 1:7829 <-> DISABLED <-> PUA-ADWARE Adware gator user-agent detected (pua-adware.rules)
 * 1:4231 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer SysTray ActiveX object access (browser-plugins.rules)
 * 1:27532 <-> DISABLED <-> SERVER-MAIL Exim and Dovecot mail from remote command execution attempt (server-mail.rules)
 * 1:26701 <-> ENABLED <-> FILE-IMAGE Apple QuickTime PICT Image PnSize Opcode Stack Buffer Overflow attempt (file-image.rules)
 * 1:5999 <-> DISABLED <-> PUA-P2P Skype client login (pua-p2p.rules)
 * 1:7027 <-> DISABLED <-> SERVER-IIS Microsoft Office FrontPage server extensions 2002 cross site scripting attempt (server-iis.rules)
 * 1:6389 <-> DISABLED <-> PUA-ADWARE Adware esyndicate runtime detection - postinstall request (pua-adware.rules)
 * 1:26597 <-> DISABLED <-> FILE-OFFICE Microsoft Office eps filters memory corruption attempt (file-office.rules)
 * 1:7565 <-> DISABLED <-> PUA-ADWARE Hijacker adshooter.searchforit outbound connection - search engine (pua-adware.rules)
 * 1:8422 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Office Outlook View OVCtl ActiveX clsid access (browser-plugins.rules)
 * 1:7924 <-> DISABLED <-> BROWSER-PLUGINS DXImageTransform.Microsoft.Shadow ActiveX clsid access (browser-plugins.rules)
 * 1:26943 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Post_Show RAT beacon (malware-cnc.rules)
 * 1:26649 <-> DISABLED <-> FILE-OTHER Microsoft Windows uniscribe fonts parsing memory corruption attempt (file-other.rules)
 * 1:8041 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer VFW Capture Class Manager ActiveX clsid access (browser-plugins.rules)
 * 1:5973 <-> DISABLED <-> PUA-ADWARE hijacker smart finder detection - search engines hijack (pua-adware.rules)
 * 1:6684 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DXImageTransform.Microsoft.MMSpecialEffect1Input ActiveX clsid access (browser-plugins.rules)
 * 1:7533 <-> DISABLED <-> PUA-ADWARE Adware piolet runtime detection - ads request (pua-adware.rules)
 * 1:4206 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MPEG-4 Video Decompressor Property Page ActiveX object access (browser-plugins.rules)
 * 1:7003 <-> DISABLED <-> BROWSER-PLUGINS ADODB.Recordset ActiveX function call access (browser-plugins.rules)
 * 1:8717 <-> DISABLED <-> BROWSER-PLUGINS VsaIDE.DTE ActiveX clsid access (browser-plugins.rules)
 * 1:27719 <-> DISABLED <-> OS-WINDOWS Microsoft Windows malformed shortcut file with comment buffer overflow attempt (os-windows.rules)
 * 1:5749 <-> DISABLED <-> PUA-TOOLBARS Trackware alexa runtime detection (pua-toolbars.rules)
 * 1:7125 <-> DISABLED <-> PUA-ADWARE Hijacker traffbest biz outbound connection - adv (pua-adware.rules)
 * 1:5796 <-> DISABLED <-> PUA-ADWARE Adware keenvalue runtime detection (pua-adware.rules)
 * 1:9670 <-> DISABLED <-> BROWSER-PLUGINS Outlook Recipient Control ActiveX function call access (browser-plugins.rules)
 * 1:27006 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Network Node Manager URI rping stack buffer overflow attempt (server-webapp.rules)
 * 1:7527 <-> DISABLED <-> PUA-TOOLBARS Trackware hotblox toolbar runtime detection - toolbar find function (pua-toolbars.rules)
 * 1:26387 <-> DISABLED <-> OS-MOBILE Android Stels initial server contact (os-mobile.rules)
 * 1:6372 <-> DISABLED <-> PUA-ADWARE Trickler spyblocs eblocs detection - get wsliveup.dat (pua-adware.rules)
 * 1:7590 <-> DISABLED <-> PUA-TOOLBARS Hijacker swbar runtime detection (pua-toolbars.rules)
 * 1:6509 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer mhtml uri href buffer overflow attempt (browser-ie.rules)
 * 1:28211 <-> ENABLED <-> MALWARE-CNC Win.Worm.IRCbot outbound communication (malware-cnc.rules)
 * 1:8750 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer LM.LMBehaviorFactory.1 ActiveX clsid access (browser-plugins.rules)
 * 1:6223 <-> DISABLED <-> PUA-ADWARE Adware delfin media viewer runtime detection - retrieve schedule (pua-adware.rules)
 * 1:26565 <-> DISABLED <-> INDICATOR-OBFUSCATION base64-encoded nop sled detected (indicator-obfuscation.rules)
 * 1:27667 <-> DISABLED <-> SERVER-WEBAPP Joomla media.php file.upload direct administrator access attempt (server-webapp.rules)
 * 1:8780 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DATransform2.1 ActiveX clsid access (browser-plugins.rules)
 * 1:26513 <-> DISABLED <-> FILE-PDF PDF with large embedded JavaScript - JS string attempt (file-pdf.rules)
 * 1:26676 <-> DISABLED <-> FILE-OFFICE Microsoft Windows WordPad sprmTSetBrc SPRM overflow attempt (file-office.rules)
 * 1:7136 <-> DISABLED <-> PUA-ADWARE Hijacker dsrch outbound connection - search assistant redirect (pua-adware.rules)
 * 1:4220 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Network and Dial-Up Connections ActiveX object access (browser-plugins.rules)
 * 1:7522 <-> DISABLED <-> PUA-TOOLBARS Trackware earthlink toolbar runtime detection - search toolbar request 2 (pua-toolbars.rules)
 * 1:4201 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Queued Components Recorder ActiveX object access (browser-plugins.rules)
 * 1:6193 <-> DISABLED <-> PUA-ADWARE Adware seekmo runtime detection - pop up ads (pua-adware.rules)
 * 1:28044 <-> ENABLED <-> MALWARE-CNC Win.Trojan.CryptoLocker variant connection (malware-cnc.rules)
 * 1:28043 <-> DISABLED <-> OS-MOBILE Android WebKit Java reflection command execution attempt (os-mobile.rules)
 * 1:460 <-> DISABLED <-> PROTOCOL-ICMP unassigned type 2 (protocol-icmp.rules)
 * 1:28129 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word remote code execution attempt (file-office.rules)
 * 1:4909 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Repository Property Definition ActiveX object access (browser-plugins.rules)
 * 1:27195 <-> DISABLED <-> SERVER-OTHER Kerberos KDC null pointer dereference denial of service attempt (server-other.rules)
 * 1:26453 <-> DISABLED <-> FILE-OFFICE OpenOffice OLE File Stream Buffer Overflow attempt (file-office.rules)
 * 1:6269 <-> DISABLED <-> PUA-ADWARE Hijacker gigatech superbar outbound connection - track event (pua-adware.rules)
 * 1:27569 <-> DISABLED <-> FILE-IMAGE JPEG parser multipacket heap overflow attempt (file-image.rules)
 * 1:27708 <-> ENABLED <-> MALWARE-CNC Win.Ransomware.Urausy outbound connection (malware-cnc.rules)
 * 1:7496 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WMT Volume ActiveX clsid access (browser-plugins.rules)
 * 1:4245 <-> DISABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP msdtc BuildContextW overflow attempt (os-windows.rules)
 * 1:8047 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WaveIn Class Manager ActiveX clsid access (browser-plugins.rules)
 * 1:6224 <-> DISABLED <-> PUA-ADWARE Hijacker ieplugin outbound connection - search (pua-adware.rules)
 * 1:7946 <-> DISABLED <-> BROWSER-PLUGINS DXImageTransform.Microsoft.MaskFilter ActiveX clsid access (browser-plugins.rules)
 * 1:26570 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer null object access attempt (browser-ie.rules)
 * 1:8825 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DADashStyle.1 ActiveX clsid access (browser-plugins.rules)
 * 1:6271 <-> DISABLED <-> PUA-ADWARE Trickler bundleware runtime detection (pua-adware.rules)
 * 1:8049 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WaveOut and DSound Class Manager ActiveX clsid access (browser-plugins.rules)
 * 1:8758 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.SpriteControl ActiveX function call access (browser-plugins.rules)
 * 1:6194 <-> DISABLED <-> PUA-ADWARE Adware seekmo runtime detection - config upload (pua-adware.rules)
 * 1:7013 <-> DISABLED <-> BROWSER-PLUGINS Microsoft.ISCatAdm ActiveX function call access (browser-plugins.rules)
 * 1:6682 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DXImageTransform.Microsoft.MMSpecialEffect2Inputs ActiveX function call access (browser-plugins.rules)
 * 1:5847 <-> DISABLED <-> PUA-ADWARE Adware warez_p2p runtime detection - p2p client home (pua-adware.rules)
 * 1:7502 <-> DISABLED <-> BROWSER-PLUGINS tsuserex.ADsTSUserEx.1 ActiveX clsid access (browser-plugins.rules)
 * 1:6392 <-> DISABLED <-> PUA-ADWARE Hijacker zeropopup outbound connection (pua-adware.rules)
 * 1:4203 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Marquee Control ActiveX object access (browser-plugins.rules)
 * 1:5693 <-> DISABLED <-> PUA-P2P Skype client start up get latest version attempt (pua-p2p.rules)
 * 1:7516 <-> DISABLED <-> PUA-TOOLBARS Trickler hmtoolbar runtime detection (pua-toolbars.rules)
 * 1:3133 <-> DISABLED <-> FILE-IMAGE Microsoft Multiple Products PNG large image height download attempt (file-image.rules)
 * 1:27642 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Downbot variant connection (malware-cnc.rules)
 * 1:27224 <-> ENABLED <-> SERVER-OTHER Adobe ColdFusion websocket invoke method access (server-other.rules)
 * 1:26596 <-> DISABLED <-> INDICATOR-OBFUSCATION javascript fromCharCode xor decryption routine detected (indicator-obfuscation.rules)
 * 1:27721 <-> DISABLED <-> INDICATOR-COMPROMISE Suspicious .su dns query (indicator-compromise.rules)
 * 1:28190 <-> DISABLED <-> INDICATOR-COMPROMISE Suspicious .cc dns query (indicator-compromise.rules)
 * 1:27728 <-> ENABLED <-> MALWARE-CNC Orbit Downloader denial of service update (malware-cnc.rules)
 * 1:27869 <-> ENABLED <-> BROWSER-PLUGINS HP LoadRunner WriteFileString ActiveX function call attempt (browser-plugins.rules)
 * 1:5712 <-> DISABLED <-> FILE-IMAGE Microsoft Windows Media Player invalid data offset bitmap heap overflow attempt (file-image.rules)
 * 1:27163 <-> DISABLED <-> SERVER-WEBAPP Dasdec unauthenticated information disclosure vulnerability (server-webapp.rules)
 * 1:6192 <-> DISABLED <-> PUA-ADWARE Adware seekmo runtime detection - reporting keyword (pua-adware.rules)
 * 1:26550 <-> DISABLED <-> FILE-JAVA Oracle Java JRE reflection types public final field overwrite attempt (file-java.rules)
 * 1:3020 <-> DISABLED <-> NETBIOS SMB NT Trans NT CREATE unicode oversized Security Descriptor attempt (netbios.rules)
 * 1:26502 <-> ENABLED <-> PROTOCOL-SCADA 3S CoDeSys Gateway Server stack buffer overflow attempt (protocol-scada.rules)
 * 1:27211 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel style handling overflow attempt (file-office.rules)
 * 1:8741 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DAFontStyle.1 ActiveX clsid access (browser-plugins.rules)
 * 1:5753 <-> DISABLED <-> PUA-ADWARE Adware exactsearch runtime detection - topsearches (pua-adware.rules)
 * 1:3814 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer javaprxy.dll COM access (browser-ie.rules)
 * 1:5987 <-> DISABLED <-> PUA-TOOLBARS Hijacker wishbone runtime detection (pua-toolbars.rules)
 * 1:7153 <-> DISABLED <-> PUA-ADWARE Hijacker cnsmin 3721 outbound connection - hijacking (pua-adware.rules)
 * 1:7866 <-> DISABLED <-> BROWSER-PLUGINS ADODB.Connection ActiveX clsid access (browser-plugins.rules)
 * 1:27828 <-> DISABLED <-> SERVER-WEBAPP Microsoft SharePoint self cross site scripting attempt (server-webapp.rules)
 * 1:8719 <-> DISABLED <-> BROWSER-PLUGINS VisualStudio.DTE.8.0 ActiveX clsid access (browser-plugins.rules)
 * 1:27064 <-> DISABLED <-> OS-MOBILE Android Spy2Mobile device information leakage (os-mobile.rules)
 * 1:6361 <-> DISABLED <-> PUA-ADWARE Adware altnet runtime detection - status report (pua-adware.rules)
 * 1:7498 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WM TV Out Smooth Picture Filter ActiveX clsid access (browser-plugins.rules)
 * 1:6358 <-> DISABLED <-> PUA-ADWARE Hijacker need2find search query detection (pua-adware.rules)
 * 1:9427 <-> DISABLED <-> BROWSER-PLUGINS Acer LunchApp.APlunch ActiveX clsid access (browser-plugins.rules)
 * 1:8420 <-> DISABLED <-> BROWSER-PLUGINS DXImageTransform.Microsoft.Gradient ActiveX function call access (browser-plugins.rules)
 * 1:28147 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Conficker variant connection (malware-cnc.rules)
 * 1:28203 <-> ENABLED <-> FILE-OTHER ATMFD Adobe font driver reserved command denial of service attempt (file-other.rules)
 * 1:8409 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer Stream Handler ActiveX clsid access (browser-plugins.rules)
 * 1:6381 <-> DISABLED <-> PUA-TOOLBARS Hijacker dotcomtoolbar runtime detection - search in toolbar (pua-toolbars.rules)
 * 1:27213 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel style handling overflow attempt (file-office.rules)
 * 1:7464 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WMT DeInterlace Filter ActiveX clsid access (browser-plugins.rules)
 * 1:8051 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WDM Instance Provider ActiveX clsid access (browser-plugins.rules)
 * 1:26426 <-> DISABLED <-> PROTOCOL-VOIP Digium Asterisk SIP SDP header parsing stack buffer overflow attempt (protocol-voip.rules)
 * 1:8387 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer RNX Download Handler ActiveX clsid access (browser-plugins.rules)
 * 1:27539 <-> ENABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 234 buffer overflow attempt (server-other.rules)
 * 1:6516 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DXImageTransform.Microsoft.Light ActiveX function call access (browser-plugins.rules)
 * 1:5920 <-> DISABLED <-> PUA-ADWARE Hijacker painter outbound connection - redirect yahoo search through online-casino-searcher (pua-adware.rules)
 * 1:4214 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer TipGW Init ActiveX object access (browser-plugins.rules)
 * 1:26833 <-> DISABLED <-> FILE-OFFICE Microsoft Office MSComctlLib.Toolbar ActiveX control exploit attempt (file-office.rules)
 * 1:7830 <-> DISABLED <-> PUA-ADWARE Botnet dacryptic outbound connection (pua-adware.rules)
 * 1:27939 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Galock variant connection (malware-cnc.rules)
 * 1:5827 <-> DISABLED <-> PUA-ADWARE Adware broadcasturban tuner runtime detection - get gateway (pua-adware.rules)
 * 1:7202 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word document summary information string overflow attempt (file-office.rules)
 * 1:5775 <-> DISABLED <-> PUA-ADWARE Hijacker freescratch outbound connection - scratch card (pua-adware.rules)
 * 1:9430 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime Movie link file URI security bypass attempt (file-multimedia.rules)
 * 1:27635 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel Malformed Record Code Execution attempt (file-office.rules)
 * 1:3459 <-> DISABLED <-> PUA-P2P Manolito Search Query (pua-p2p.rules)
 * 1:8029 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MidiOut Class Manager ActiveX clsid access (browser-plugins.rules)
 * 1:26665 <-> ENABLED <-> FILE-IMAGE BMP extremely large xpos opcodes (file-image.rules)
 * 1:8053 <-> DISABLED <-> BROWSER-PLUGINS DirectAnimation.PathControl ActiveX clsid access (browser-plugins.rules)
 * 1:7851 <-> DISABLED <-> PUA-ADWARE Trickler maxsearch outbound connection - ack (pua-adware.rules)
 * 1:7550 <-> DISABLED <-> PUA-ADWARE Adware adroar runtime detection (pua-adware.rules)
 * 1:7188 <-> DISABLED <-> PUA-ADWARE Hijacker shop at home select - merchant redirect in progress (pua-adware.rules)
 * 1:4187 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Terminal Services Advanced Client ActiveX object access (browser-plugins.rules)
 * 1:26900 <-> ENABLED <-> BROWSER-PLUGINS Java Applet sql.DriverManager exploit attempt (browser-plugins.rules)
 * 1:9646 <-> DISABLED <-> PUA-TOOLBARS Hijacker sogou runtime detection - search through sogou toolbar (pua-toolbars.rules)
 * 1:27822 <-> DISABLED <-> FILE-OTHER Microsoft Windows XP .theme file remote code execution attempt (file-other.rules)
 * 1:5966 <-> DISABLED <-> PUA-ADWARE trackware searchinweb detection - search request (pua-adware.rules)
 * 1:557 <-> DISABLED <-> PUA-P2P GNUTella client request (pua-p2p.rules)
 * 1:27754 <-> ENABLED <-> FILE-FLASH Adobe Flash Player Action InitArray stack overflow attempt (file-flash.rules)
 * 1:28086 <-> DISABLED <-> OS-MOBILE Android ANDR.Trojan.SmsSpy APK file download attempt (os-mobile.rules)
 * 1:26521 <-> DISABLED <-> FILE-OTHER Maple Maplet File Creation and Command Execution attempt (file-other.rules)
 * 1:7474 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WMT FormatConversion ActiveX clsid access (browser-plugins.rules)
 * 1:6489 <-> DISABLED <-> PUA-ADWARE Hijacker analyze IE outbound connection - default page hijacker (pua-adware.rules)
 * 1:5934 <-> DISABLED <-> PUA-ADWARE Hijacker dropspam outbound connection - search request 2 (pua-adware.rules)
 * 1:8759 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.SequencerControl ActiveX clsid access (browser-plugins.rules)
 * 1:26663 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint malformed shapeid arbitrary code execution attempt (file-office.rules)
 * 1:4192 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer HHOpen ActiveX object access (browser-plugins.rules)
 * 1:8788 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DASound.1 ActiveX function call access (browser-plugins.rules)
 * 1:7904 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer CDL Asychronous Pluggable Protocol Handler ActiveX clsid access (browser-plugins.rules)
 * 1:5872 <-> DISABLED <-> PUA-ADWARE Snoopware hyperlinker outbound connection (pua-adware.rules)
 * 1:5951 <-> DISABLED <-> PUA-TOOLBARS Trackware iggsey toolbar detection - search request (pua-toolbars.rules)
 * 1:5915 <-> DISABLED <-> PUA-TOOLBARS Hijacker locatorstoolbar runtime detection - autosearch hijack (pua-toolbars.rules)
 * 1:7041 <-> DISABLED <-> OS-WINDOWS SMB Trans andx mailslot heap overflow attempt (os-windows.rules)
 * 1:5905 <-> DISABLED <-> PUA-ADWARE Adware download accelerator plus runtime detection - games center request (pua-adware.rules)
 * 1:7480 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WMT Log Filter ActiveX clsid access (browser-plugins.rules)
 * 1:6356 <-> DISABLED <-> PUA-ADWARE Trickler wsearch outbound connection - desktop search (pua-adware.rules)
 * 1:4218 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Microsoft Windows Visual Basic WebClass ActiveX object access (browser-plugins.rules)
 * 1:7028 <-> DISABLED <-> SERVER-IIS Microsoft Office FrontPage server extensions 2002 cross site scripting attempt (server-iis.rules)
 * 1:26666 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer ANIMATECOLOR SMIL access attempt (browser-ie.rules)
 * 1:27640 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Chekafe variant connection (malware-cnc.rules)
 * 1:27124 <-> ENABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 1092 buffer overflow attempt (server-other.rules)
 * 1:26689 <-> DISABLED <-> OS-MOBILE Android Denofow phone information exfiltration (os-mobile.rules)
 * 1:8043 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Video Effect Class Manager 1 Input ActiveX clsid access (browser-plugins.rules)
 * 1:27525 <-> ENABLED <-> FILE-IMAGE Directshow GIF logical width overflow attempt (file-image.rules)
 * 1:27806 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Retruse variant connection (malware-cnc.rules)
 * 1:28143 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Medfos outbound communication (malware-cnc.rules)
 * 1:27159 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Pesut variant outbound connection (malware-cnc.rules)
 * 1:4184 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Certificate Enrollment ActiveX object access (browser-plugins.rules)
 * 1:4902 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Video Mixing Renderer 9 ActiveX object access (browser-plugins.rules)
 * 1:6195 <-> DISABLED <-> PUA-ADWARE Adware seekmo runtime detection - download .cab (pua-adware.rules)
 * 1:27916 <-> DISABLED <-> PUA-TOOLBARS Vittalia adware outbound connection - Eazel toolbar install (pua-toolbars.rules)
 * 1:5788 <-> DISABLED <-> PUA-TOOLBARS Adware hithopper runtime detection - click toolbar buttons (pua-toolbars.rules)
 * 1:7914 <-> DISABLED <-> BROWSER-PLUGINS DXImageTransform.Microsoft.NDFXArtEffects ActiveX clsid access (browser-plugins.rules)
 * 1:4176 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Office 2000 and 2002 Web Components Chart ActiveX object access (browser-plugins.rules)
 * 1:7192 <-> DISABLED <-> PUA-ADWARE Adware trustyfiles v3.1.0.1 runtime detection - sponsor selection (pua-adware.rules)
 * 1:27864 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Sinowal variant connection (malware-cnc.rules)
 * 1:8371 <-> DISABLED <-> BROWSER-PLUGINS Outlook.Application ActiveX clsid access (browser-plugins.rules)
 * 1:7530 <-> DISABLED <-> PUA-ADWARE Trickler mediaseek.pl client outbound connection - trickler (pua-adware.rules)
 * 1:28057 <-> DISABLED <-> OS-MOBILE Android ANDR.Trojan.FakeAV APK file download attempt (os-mobile.rules)
 * 1:28095 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Liteol variant connection (malware-cnc.rules)
 * 1:7529 <-> DISABLED <-> PUA-ADWARE Snoopware halflife jacker outbound connection (pua-adware.rules)
 * 1:27266 <-> ENABLED <-> FILE-FLASH Adobe SWF heap buffer overflow attempt (file-flash.rules)
 * 1:28105 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Banload outbound connection (malware-cnc.rules)
 * 1:6484 <-> DISABLED <-> PUA-TOOLBARS Hijacker makemesearch toolbar runtime detection - search (pua-toolbars.rules)
 * 1:6510 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer mhtml uri shortcut buffer overflow attempt (browser-ie.rules)
 * 1:7567 <-> DISABLED <-> PUA-TOOLBARS Trackware funwebproducts mywebsearchtoolbar-funtools runtime detection (pua-toolbars.rules)
 * 1:28134 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Dorkbot variant connection (malware-cnc.rules)
 * 1:5846 <-> DISABLED <-> PUA-ADWARE Trickler VX2/DLmax/BestOffers/Aurora outbound connection (pua-adware.rules)
 * 1:4892 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MTSEvents Class ActiveX object access (browser-plugins.rules)
 * 1:28201 <-> DISABLED <-> SERVER-OTHER Microsoft SharePoint XSS attempt (server-other.rules)
 * 1:5923 <-> DISABLED <-> PUA-ADWARE Adware active shopper runtime detection - side search request (pua-adware.rules)
 * 1:9434 <-> DISABLED <-> FILE-OTHER Ultravox-Max-Msg header integer overflow attempt (file-other.rules)
 * 1:654 <-> DISABLED <-> SERVER-MAIL RCPT TO overflow (server-mail.rules)
 * 1:4159 <-> DISABLED <-> BROWSER-PLUGINS Multimedia File Property Sheet ActiveX object access (browser-plugins.rules)
 * 1:8383 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer RAM Download Handler ActiveX clsid access (browser-plugins.rules)
 * 1:26926 <-> DISABLED <-> FILE-OTHER Multiple products ZIP archive virus detection bypass attempt (file-other.rules)
 * 1:27276 <-> DISABLED <-> FILE-IDENTIFY Trimble SketchUp file attachment detected (file-identify.rules)
 * 1:5889 <-> DISABLED <-> PUA-ADWARE Hijacker shopnav outbound connection - collect information (pua-adware.rules)
 * 1:27677 <-> ENABLED <-> FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption attempt (file-java.rules)
 * 1:28107 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Banload download (malware-cnc.rules)
 * 1:4907 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Repository Collection Definition ActiveX object access (browser-plugins.rules)
 * 1:5745 <-> DISABLED <-> PUA-ADWARE Hijacker adultlinks outbound connection - redirect (pua-adware.rules)
 * 1:26906 <-> DISABLED <-> SERVER-OTHER Foswiki/Twiki MAKETEXT command execution attempt (server-other.rules)
 * 1:5844 <-> DISABLED <-> PUA-ADWARE Hijacker surfsidekick outbound connection - post request (pua-adware.rules)
 * 1:26454 <-> DISABLED <-> SERVER-OTHER UltraVNC Listening mode stack buffer overflow attempt (server-other.rules)
 * 1:5801 <-> DISABLED <-> PUA-TOOLBARS Trackware myway speedbar / mywebsearch toolbar runtime detection - track activity 1 (pua-toolbars.rules)
 * 1:26983 <-> ENABLED <-> FILE-FLASH Adobe SWF remote memory corruption attempt (file-flash.rules)
 * 1:27670 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Agent.evf variant connection (malware-cnc.rules)
 * 1:26572 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer null object access attempt (browser-ie.rules)
 * 1:27162 <-> DISABLED <-> SERVER-WEBAPP Dasdec unauthenticated information disclosure vulnerability (server-webapp.rules)
 * 1:7603 <-> DISABLED <-> PUA-ADWARE Snoopware big brother v3.5.1 outbound connection - connect to receiver (pua-adware.rules)
 * 1:26379 <-> DISABLED <-> SERVER-OTHER Squid proxy Accept-Language denial of service attempt (server-other.rules)
 * 1:6284 <-> DISABLED <-> PUA-ADWARE Hijacker websearch outbound connection - webstat (pua-adware.rules)
 * 1:5965 <-> DISABLED <-> PUA-TOOLBARS Hijacker searchfast detection - get toolbar cfg (pua-toolbars.rules)
 * 1:5932 <-> DISABLED <-> PUA-ADWARE Adware cashbar runtime detection - stats track (pua-adware.rules)
 * 1:9673 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer AutoStream.AutoStream.1 ActiveX function call access (browser-plugins.rules)
 * 1:5964 <-> DISABLED <-> PUA-TOOLBARS Hijacker searchfast detection - track user activity & get 'relates links' of the toolbar (pua-toolbars.rules)
 * 1:28156 <-> DISABLED <-> PUA-ADWARE Linkury outbound time check (pua-adware.rules)
 * 1:5991 <-> DISABLED <-> PUA-ADWARE Hijacker getmirar outbound connection - search request (pua-adware.rules)
 * 1:26587 <-> DISABLED <-> FILE-JAVA Oracle Java runtime JMX findclass sandbox breach attempt (file-java.rules)
 * 1:6218 <-> DISABLED <-> PUA-ADWARE Adware aornum/iwon copilot runtime detection - ads (pua-adware.rules)
 * 1:6003 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DT DDS Rectilinear GDD Route ActiveX object access (browser-plugins.rules)
 * 1:5485 <-> DISABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP llsrpc2 LlsrLicenseRequestW overflow attempt (os-windows.rules)
 * 1:4202 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows DirectAnimation ActiveX object access (browser-plugins.rules)
 * 1:3680 <-> DISABLED <-> PUA-P2P AOL Instant Messenger file send attempt (pua-p2p.rules)
 * 1:27020 <-> DISABLED <-> SERVER-WEBAPP Novell ZENworks Mobile Management dusap.php directory traversal attempt (server-webapp.rules)
 * 1:8824 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DAGeometry.1 ActiveX function call access (browser-plugins.rules)
 * 1:4221 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer ProxyStub Dispatch ActiveX object access (browser-plugins.rules)
 * 1:7912 <-> DISABLED <-> BROWSER-PLUGINS DX3DTransform.Microsoft.Shapes ActiveX clsid access (browser-plugins.rules)
 * 1:8058 <-> DISABLED <-> BROWSER-FIREFOX Mozilla javascript navigator object access (browser-firefox.rules)
 * 1:4234 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSVTDGridCtrl7 ActiveX object access (browser-plugins.rules)
 * 1:27269 <-> DISABLED <-> SERVER-OTHER GuildFTPd CWD command heap overflow attempt (server-other.rules)
 * 1:26939 <-> DISABLED <-> OS-MOBILE Android Tetus device information leakage variant (os-mobile.rules)
 * 1:8785 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DAString.1 ActiveX function call access (browser-plugins.rules)
 * 1:26929 <-> DISABLED <-> SERVER-WEBAPP SAP ConfigServlet command execution attempt (server-webapp.rules)
 * 1:26942 <-> ENABLED <-> MALWARE-CNC Win.Trojan.PipCreat RAT beacon (malware-cnc.rules)
 * 1:5893 <-> DISABLED <-> PUA-TOOLBARS Trackware wordiq toolbar runtime detection - search keyword (pua-toolbars.rules)
 * 1:27804 <-> ENABLED <-> MALWARE-CNC Win.Trojan.PRISM outbound connection (malware-cnc.rules)
 * 1:26761 <-> DISABLED <-> OS-MOBILE Android Fakeinst device information leakage (os-mobile.rules)
 * 1:5942 <-> DISABLED <-> PUA-TOOLBARS Trackware supreme toolbar runtime detection - pass information to its controlling server (pua-toolbars.rules)
 * 1:28210 <-> ENABLED <-> MALWARE-CNC Win.Worm.IRCbot outbound communication (malware-cnc.rules)
 * 1:8072 <-> DISABLED <-> PUA-ADWARE Hijacker findthewebsiteyouneed outbound connection - surf monitor (pua-adware.rules)
 * 1:27860 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Active Directory LDAP denial of service attempt (os-windows.rules)
 * 1:5933 <-> DISABLED <-> PUA-ADWARE Hijacker dropspam outbound connection - search request 1 (pua-adware.rules)
 * 1:26898 <-> ENABLED <-> BROWSER-PLUGINS Java Applet sql.DriverManager fakedriver exploit attempt (browser-plugins.rules)
 * 1:5948 <-> DISABLED <-> PUA-ADWARE Adware weirdontheweb runtime detection - update notifier (pua-adware.rules)
 * 1:26516 <-> DISABLED <-> FILE-IDENTIFY maplet file attachment detected (file-identify.rules)
 * 1:6260 <-> DISABLED <-> PUA-ADWARE Adware overpro runtime detection (pua-adware.rules)
 * 1:6488 <-> DISABLED <-> PUA-TOOLBARS Adware searchnugget toolbar runtime detection - redirect mistyped urls (pua-toolbars.rules)
 * 1:9671 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer AutoStream.AutoStream.1 ActiveX clsid access (browser-plugins.rules)
 * 1:4179 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows DirectX Files Viewer ActiveX object access (browser-plugins.rules)
 * 1:4890 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer IAVIStream & IAVIFile Proxy ActiveX object access (browser-plugins.rules)
 * 1:7039 <-> DISABLED <-> OS-WINDOWS SMB Trans andx mailslot heap overflow attempt (os-windows.rules)
 * 1:27037 <-> DISABLED <-> OS-MOBILE Android Vidro / EClips sms send instructions (os-mobile.rules)
 * 1:3028 <-> DISABLED <-> NETBIOS SMB NT Trans NT CREATE unicode SACL overflow attempt (netbios.rules)
 * 1:7025 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel url unicode overflow attempt (file-office.rules)
 * 1:7139 <-> DISABLED <-> PUA-ADWARE Other-Technologies clicktrojan outbound connection - fake search query (pua-adware.rules)
 * 1:9644 <-> DISABLED <-> PUA-ADWARE Adware imnames runtime detection (pua-adware.rules)
 * 1:27639 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Epipenwa variant connection (malware-cnc.rules)
 * 1:26489 <-> ENABLED <-> BROWSER-OTHER Novell Messenger Client nim URI handler buffer overflow attempt (browser-other.rules)
 * 1:27112 <-> DISABLED <-> BROWSER-PLUGINS PcVue SVUIGrd.ocx ActiveX function call access (browser-plugins.rules)
 * 1:26503 <-> ENABLED <-> PROTOCOL-SCADA 3S CoDeSys Gateway Server stack buffer overflow attempt (protocol-scada.rules)
 * 1:569 <-> DISABLED <-> PROTOCOL-RPC snmpXdmi overflow attempt TCP (protocol-rpc.rules)
 * 1:6468 <-> DISABLED <-> POLICY-SOCIAL jabber file transfer request (policy-social.rules)
 * 1:7528 <-> DISABLED <-> PUA-TOOLBARS Trackware hotblox toolbar runtime detection - ie autosearch hijack (pua-toolbars.rules)
 * 1:27660 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Reabfrus variant connection (malware-cnc.rules)
 * 1:27747 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Banechant outbound variant connection (malware-cnc.rules)
 * 1:27760 <-> DISABLED <-> BROWSER-PLUGINS Ultra Shareware Office Control ActiveX function call access (browser-plugins.rules)
 * 1:8774 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DAUserData.1 ActiveX clsid access (browser-plugins.rules)
 * 1:8740 <-> DISABLED <-> BROWSER-PLUGINS Macrovision InstallShield Update Service ActiveX function call access (browser-plugins.rules)
 * 1:7002 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel url unicode overflow attempt (file-office.rules)
 * 1:5922 <-> DISABLED <-> PUA-TOOLBARS Trackware fftoolbar toolbar runtime detection - display advertisement news (pua-toolbars.rules)
 * 1:4210 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Msb1geen.dll ActiveX object access (browser-plugins.rules)
 * 1:8856 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Agent v1.5 ActiveX function call access (browser-plugins.rules)
 * 1:7468 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WMT DirectX Transform Wrapper ActiveX clsid access (browser-plugins.rules)
 * 1:7460 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WMT Audio Analyzer ActiveX clsid access (browser-plugins.rules)
 * 1:3398 <-> DISABLED <-> OS-WINDOWS DCERPC NCADG-IP-UDP ISystemActivator RemoteCreateInstance attempt (os-windows.rules)
 * 1:27853 <-> ENABLED <-> FILE-OFFICE Microsoft Office Word invalid number of cells memory corruption attempt (file-office.rules)
 * 1:27870 <-> ENABLED <-> BROWSER-PLUGINS HP LoadRunner WriteFileString ActiveX function call attempt (browser-plugins.rules)
 * 1:27867 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Dropper outbound communication (malware-cnc.rules)
 * 1:8834 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DABoolean.1 ActiveX clsid access (browser-plugins.rules)
 * 1:27111 <-> DISABLED <-> BROWSER-PLUGINS PcVue SVUIGrd.ocx ActiveX clsid access (browser-plugins.rules)
 * 1:27663 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 9 memory disclosure attempt (browser-ie.rules)
 * 1:8798 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DAPair.1 ActiveX clsid access (browser-plugins.rules)
 * 1:8710 <-> DISABLED <-> OS-WINDOWS Microsoft Windows NAT helper components udp denial of service attempt (os-windows.rules)
 * 1:26717 <-> ENABLED <-> FILE-JAVA Oracle Java font rendering remote code execution attempt (file-java.rules)
 * 1:4189 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Third-Party Plugin ActiveX object access (browser-plugins.rules)
 * 1:4246 <-> DISABLED <-> OS-WINDOWS DCERPC NCADG-IP-UDP msdtc BuildContextW overflow attempt (os-windows.rules)
 * 1:5868 <-> DISABLED <-> PUA-ADWARE Hijacker couponbar outbound connection - view coupon offers (pua-adware.rules)
 * 1:26990 <-> DISABLED <-> SERVER-WEBAPP WordPress Super Cache & W3 Total Cache remote code execution attempt (server-webapp.rules)
 * 1:6261 <-> DISABLED <-> PUA-TOOLBARS Trickler slinkyslate toolbar runtime detection (pua-toolbars.rules)
 * 1:4148 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer  DHTML Editing ActiveX clsid access (browser-plugins.rules)
 * 1:3036 <-> DISABLED <-> NETBIOS SMB NT Trans NT CREATE unicode DACL overflow attempt (netbios.rules)
 * 1:7938 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer gopher Asychronous Pluggable Protocol Handler ActiveX clsid access (browser-plugins.rules)
 * 1:27682 <-> DISABLED <-> SERVER-WEBAPP ASPMForum SQL injection attempt (server-webapp.rules)
 * 1:8735 <-> DISABLED <-> BROWSER-PLUGINS BOWebAgent.Webagent.1 ActiveX clsid access (browser-plugins.rules)
 * 1:4183 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows HTML Help ActiveX object access (browser-plugins.rules)
 * 1:27019 <-> DISABLED <-> SERVER-WEBAPP Novell ZENworks Mobile Management dusap.php directory traversal attempt (server-webapp.rules)
 * 1:5863 <-> DISABLED <-> PUA-ADWARE Hijacker isearch outbound connection - search hijack 2 (pua-adware.rules)
 * 1:27576 <-> ENABLED <-> FILE-OTHER Microsoft Windows True Type Font maxComponentPoints overflow attempt (file-other.rules)
 * 1:4233 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Visual Database Tools Query Designer v7.0 ActiveX object access (browser-plugins.rules)
 * 1:7868 <-> DISABLED <-> BROWSER-PLUGINS ADODB.Recordset ActiveX clsid access (browser-plugins.rules)
 * 1:27802 <-> ENABLED <-> MALWARE-CNC Win.Trojan.PRISM outbound connection (malware-cnc.rules)
 * 1:5744 <-> DISABLED <-> PUA-ADWARE Hijacker actualnames outbound connection - online.php request (pua-adware.rules)
 * 1:8807 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DAMicrophone.1 ActiveX clsid access (browser-plugins.rules)
 * 1:7124 <-> DISABLED <-> PUA-ADWARE Other-Technologies alfacleaner outbound connection - buy (pua-adware.rules)
 * 1:9131 <-> DISABLED <-> BROWSER-PLUGINS WinZip FileView 6.1 ActiveX function call access (browser-plugins.rules)
 * 1:8411 <-> DISABLED <-> BROWSER-PLUGINS DocFind Command ActiveX clsid access (browser-plugins.rules)
 * 1:6187 <-> DISABLED <-> PUA-ADWARE Adware ISTBar runtime detection - scripts (pua-adware.rules)
 * 1:26977 <-> DISABLED <-> FILE-IMAGE Oracle Outside In FlashPix image processing overflow attempt (file-image.rules)
 * 1:5836 <-> DISABLED <-> PUA-ADWARE Trickler nictech.bm2 outbound connection (pua-adware.rules)
 * 1:26625 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 7-9 VBScript JSON reference information disclosure attempt (browser-ie.rules)
 * 1:5904 <-> DISABLED <-> PUA-ADWARE Adware download accelerator plus runtime detection - download files (pua-adware.rules)
 * 1:5795 <-> DISABLED <-> PUA-ADWARE Adware ist powerscan runtime detection (pua-adware.rules)
 * 1:27863 <-> DISABLED <-> SERVER-WEBAPP Ektron CMS XSLT transform remote code execution attempt (server-webapp.rules)
 * 1:26687 <-> ENABLED <-> FILE-FLASH Adobe SWF malformed HTML text null dereference attempt (file-flash.rules)
 * 1:3037 <-> DISABLED <-> NETBIOS SMB NT Trans NT CREATE unicode andx DACL overflow attempt (netbios.rules)
 * 1:461 <-> DISABLED <-> PROTOCOL-ICMP unassigned type 2 undefined code (protocol-icmp.rules)
 * 1:7593 <-> DISABLED <-> PUA-TOOLBARS Trackware trellian toolbarbrowser runtime detection (pua-toolbars.rules)
 * 1:7462 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WMT Black Frame Generator ActiveX clsid access (browser-plugins.rules)
 * 1:4169 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Active Setup ActiveX object access (browser-plugins.rules)
 * 1:28098 <-> DISABLED <-> SERVER-OTHER CA Total Defense Suite UNCWS reGenerateReports/DeleteReports SQL injection attempt (server-other.rules)
 * 1:27678 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Goolelo variant connection (malware-cnc.rules)
 * 1:27654 <-> DISABLED <-> MALWARE-CNC Win.Backdoor.Agent outbound connection (malware-cnc.rules)
 * 1:27915 <-> DISABLED <-> PUA-ADWARE Vittalia adware outbound connection - pre install (pua-adware.rules)
 * 1:27810 <-> ENABLED <-> EXPLOIT-KIT Fiesta exploit kit redirection (exploit-kit.rules)
 * 1:7599 <-> DISABLED <-> PUA-TOOLBARS Snoopware 2-seek runtime detection - user info collection (pua-toolbars.rules)
 * 1:6239 <-> DISABLED <-> PUA-ADWARE Adware lop runtime detection - collect info request 2 (pua-adware.rules)
 * 1:8056 <-> DISABLED <-> SERVER-OTHER ISC DHCP server 2 client_id length denial of service attempt (server-other.rules)
 * 1:26548 <-> DISABLED <-> SERVER-WEBAPP HP OpenView NNM webappmon.exe buffer overflow attempt (server-webapp.rules)
 * 1:27236 <-> DISABLED <-> SERVER-OTHER Citrix XenApp password buffer overflow attempt (server-other.rules)
 * 1:28096 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Spynet variant connection (malware-cnc.rules)
 * 1:7948 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Common Browser Architecture ActiveX clsid access (browser-plugins.rules)
 * 1:7916 <-> DISABLED <-> BROWSER-PLUGINS CLSID_IMimeInternational ActiveX clsid access (browser-plugins.rules)
 * 1:26624 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 7-9 VBScript JSON reference information disclosure attempt (browser-ie.rules)
 * 1:26439 <-> DISABLED <-> FILE-JAVA Oracle Java known malicious jar file download - specific structure (file-java.rules)
 * 1:6371 <-> DISABLED <-> PUA-ADWARE Adware flashtrack media/spoton runtime detection - pop up ads (pua-adware.rules)
 * 1:26419 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer 9 onbeforeprint use after free attempt (browser-ie.rules)
 * 1:8743 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DAFontStyle.1 ActiveX function call access (browser-plugins.rules)
 * 1:26494 <-> ENABLED <-> FILE-IDENTIFY KingView KingMessage log file attachment detected (file-identify.rules)
 * 1:6343 <-> DISABLED <-> PUA-ADWARE Adware targetsaver runtime detection (pua-adware.rules)
 * 1:26899 <-> ENABLED <-> BROWSER-PLUGINS Java Applet sql.DriverManager fakedriver exploit attempt (browser-plugins.rules)
 * 1:8843 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DAArray.1 ActiveX clsid access (browser-plugins.rules)
 * 1:27102 <-> ENABLED <-> FILE-MULTIMEDIA Apple QuickTime enof atom parsing heap buffer overflow attempt (file-multimedia.rules)
 * 1:9769 <-> DISABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP msqueue function 4 overflow attempt (os-windows.rules)
 * 1:7011 <-> DISABLED <-> BROWSER-PLUGINS HtmlDlgSafeHelper.HtmlDlgSafeHelper ActiveX function call access (browser-plugins.rules)
 * 1:26505 <-> DISABLED <-> SERVER-WEBAPP HP Intelligent Management Center IctDownloadServlet information disclosure attempt (server-webapp.rules)
 * 1:6279 <-> DISABLED <-> PUA-ADWARE Hijacker sidefind outbound connection (pua-adware.rules)
 * 1:26524 <-> DISABLED <-> BROWSER-PLUGINS Java security warning bypass through JWS attempt (browser-plugins.rules)
 * 1:8021 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer ISSimpleCommandCreator.1 ActiveX clsid access (browser-plugins.rules)
 * 1:27188 <-> ENABLED <-> FILE-JAVA Oracle Java Applet ProviderSkeleton sandbox bypass attempt (file-java.rules)
 * 1:28126 <-> DISABLED <-> BROWSER-PLUGINS WibuKey Runtime ActiveX clsid access (browser-plugins.rules)
 * 1:8545 <-> DISABLED <-> PUA-ADWARE Adware roogoo runtime detection - surfing monitor (pua-adware.rules)
 * 1:5906 <-> DISABLED <-> PUA-ADWARE Adware download accelerator plus runtime detection - update (pua-adware.rules)
 * 1:26646 <-> DISABLED <-> BROWSER-PLUGINS Java security warning bypass through JWS attempt (browser-plugins.rules)
 * 1:7204 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel object ftCmo overflow attempt (file-office.rules)
 * 1:26432 <-> DISABLED <-> FILE-OTHER Cisco WebEx recording integer overflow attempt (file-other.rules)
 * 1:6368 <-> DISABLED <-> PUA-ADWARE Adware flashtrack media/spoton runtime detection - update request (pua-adware.rules)
 * 1:9645 <-> DISABLED <-> PUA-ADWARE Hijacker sogou outbound connection - keyword hijack (pua-adware.rules)
 * 1:26525 <-> DISABLED <-> BROWSER-PLUGINS Java security warning bypass through JWS attempt (browser-plugins.rules)
 * 1:27641 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Meilat variant connection (malware-cnc.rules)
 * 1:6242 <-> DISABLED <-> PUA-ADWARE Hijacker coolwebsearch.cameup outbound connection (pua-adware.rules)
 * 1:8752 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer LM.LMBehaviorFactory.1 ActiveX function call access (browser-plugins.rules)
 * 1:26468 <-> DISABLED <-> SERVER-ORACLE Oracle WebCenter FatWire Satellite Server header injection on blobheadername2 attempt (server-oracle.rules)
 * 1:7827 <-> DISABLED <-> PUA-ADWARE Adware whenu runtime detection - search request 1 (pua-adware.rules)
 * 1:9429 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime Movie link scripting security bypass attempt (file-multimedia.rules)
 * 1:7579 <-> DISABLED <-> PUA-TOOLBARS Hijacker starware toolbar runtime detection - smileys (pua-toolbars.rules)
 * 1:7140 <-> DISABLED <-> PUA-ADWARE Adware pay-per-click runtime detection - configuration (pua-adware.rules)
 * 1:27223 <-> ENABLED <-> BROWSER-PLUGINS Oracle document capture Actbar2.ocx ActiveX clsid access attempt (browser-plugins.rules)
 * 1:7472 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WMT FormatConversion Prop Page ActiveX clsid access (browser-plugins.rules)
 * 1:8352 <-> DISABLED <-> PUA-ADWARE Adware desktopmedia runtime detection - ads popup (pua-adware.rules)
 * 1:26700 <-> ENABLED <-> FILE-IMAGE Apple QuickTime PICT Image PnSize Opcode Stack Buffer Overflow attempt (file-image.rules)
 * 1:6204 <-> DISABLED <-> PUA-ADWARE Trickler farmmext outbound connection - track activity (pua-adware.rules)
 * 1:7908 <-> DISABLED <-> BROWSER-PLUGINS DXImageTransform.Microsoft.Chroma ActiveX clsid access (browser-plugins.rules)
 * 1:27096 <-> DISABLED <-> FILE-OTHER XML exponential entity expansion attack attempt (file-other.rules)
 * 1:9433 <-> DISABLED <-> OS-WINDOWS Microsoft Agent buffer overflow attempt (os-windows.rules)
 * 1:26514 <-> DISABLED <-> FILE-IDENTIFY maplet file download attempt (file-identify.rules)
 * 1:5765 <-> DISABLED <-> PUA-TOOLBARS Hijacker begin2search runtime detection - ico query (pua-toolbars.rules)
 * 1:26568 <-> DISABLED <-> INDICATOR-OBFUSCATION eval of base64-encoded data (indicator-obfuscation.rules)
 * 1:7849 <-> DISABLED <-> PUA-TOOLBARS Trickler maxsearch runtime detection - toolbar download (pua-toolbars.rules)
 * 1:26909 <-> DISABLED <-> FILE-IMAGE Microsoft Windows WMF FILE-IMAGE attempt (file-image.rules)
 * 1:27871 <-> ENABLED <-> BROWSER-PLUGINS HP LoadRunner WriteFileString ActiveX function call attempt (browser-plugins.rules)
 * 1:27666 <-> DISABLED <-> SERVER-OTHER ISC BIND 9 DNS rdata length handling remote denial of service attempt (server-other.rules)
 * 1:3397 <-> DISABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP ISystemActivator RemoteCreateInstance attempt (os-windows.rules)
 * 1:3158 <-> DISABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP ISystemActivator CoGetInstanceFromFile attempt (os-windows.rules)
 * 1:4910 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Repository Relationship Definition ActiveX object access (browser-plugins.rules)
 * 1:27027 <-> DISABLED <-> POLICY-OTHER PHP tag injection in http header attempt (policy-other.rules)
 * 1:27528 <-> ENABLED <-> FILE-IMAGE Directshow GIF logical width overflow attempt (file-image.rules)
 * 1:6487 <-> DISABLED <-> PUA-TOOLBARS Adware searchnugget toolbar runtime detection - check updates (pua-toolbars.rules)
 * 1:5928 <-> DISABLED <-> PUA-ADWARE Adware cashbar runtime detection - ads request (pua-adware.rules)
 * 1:7882 <-> DISABLED <-> BROWSER-PLUGINS AccSync.AccSubNotHandler ActiveX clsid access (browser-plugins.rules)
 * 1:9820 <-> DISABLED <-> BROWSER-PLUGINS OWC11.DataSourceControl.11 ActiveX function call access (browser-plugins.rules)
 * 1:9821 <-> DISABLED <-> BROWSER-PLUGINS TriEditDocument.TriEditDocument ActiveX clsid access (browser-plugins.rules)
 * 1:9823 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime RTSP URI overflow attempt (file-multimedia.rules)
 * 1:9824 <-> DISABLED <-> BROWSER-PLUGINS Rediff Bol Downloader ActiveX clsid access (browser-plugins.rules)
 * 1:9826 <-> DISABLED <-> BROWSER-PLUGINS Rediff Bol Downloader ActiveX function call access (browser-plugins.rules)
 * 1:9831 <-> DISABLED <-> PUA-ADWARE Adware u88 runtime detection (pua-adware.rules)
 * 1:9840 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime HREF Track Detected (file-multimedia.rules)
 * 1:9843 <-> DISABLED <-> FILE-PDF Adobe Acrobat Plugin JavaScript parameter double free attempt (file-pdf.rules)
 * 1:9844 <-> DISABLED <-> FILE-MULTIMEDIA VLC Media Player udp URI format string attempt (file-multimedia.rules)
 * 1:9847 <-> DISABLED <-> FILE-OFFICE Microsoft Office Outlook Saved Search download attempt (file-office.rules)
 * 1:9848 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Vector Markup Language recolorinfo tag numfills parameter buffer overflow attempt (os-windows.rules)
 * 1:9849 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Vector Markup Language recolorinfo tag numcolors parameter buffer overflow attempt (os-windows.rules)
 * 1:1001 <-> DISABLED <-> SERVER-WEBAPP carbo.dll access (server-webapp.rules)
 * 1:10011 <-> DISABLED <-> SERVER-MAIL Novell NetMail APPEND command buffer overflow attempt (server-mail.rules)
 * 1:10013 <-> DISABLED <-> BROWSER-PLUGINS CCRP FolderTreeView ActiveX clsid access (browser-plugins.rules)
 * 1:10015 <-> DISABLED <-> BROWSER-PLUGINS Oracle ORADC ActiveX clsid access (browser-plugins.rules)
 * 1:10017 <-> DISABLED <-> BROWSER-PLUGINS Oracle ORADC ActiveX function call access (browser-plugins.rules)
 * 1:10018 <-> DISABLED <-> NETBIOS DCERPC NCACN-IP-TCP brightstor-arc ReserveGroup attempt (netbios.rules)
 * 1:1002 <-> DISABLED <-> SERVER-IIS cmd.exe access (server-iis.rules)
 * 1:10050 <-> DISABLED <-> NETBIOS DCERPC NCACN-IP-TCP brightstor-arc2 ASDBLoginToComputer overflow attempt (netbios.rules)
 * 1:10062 <-> DISABLED <-> FILE-IMAGE Oracle Java Virtual Machine malformed GIF buffer overflow attempt (file-image.rules)
 * 1:10063 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox query interface suspicious function call access attempt (browser-firefox.rules)
 * 1:10064 <-> DISABLED <-> SERVER-OTHER Peercast URL Parameter overflow attempt (server-other.rules)
 * 1:10084 <-> DISABLED <-> BROWSER-PLUGINS NCTAudioFile2 ActiveX clsid access (browser-plugins.rules)
 * 1:10086 <-> DISABLED <-> BROWSER-PLUGINS NCTAudioFile2 ActiveX function call access (browser-plugins.rules)
 * 1:10090 <-> DISABLED <-> PUA-ADWARE Trickler zango easymessenger outbound connection (pua-adware.rules)
 * 1:10093 <-> DISABLED <-> PUA-TOOLBARS Hijacker kuaiso toolbar runtime detection (pua-toolbars.rules)
 * 1:10094 <-> DISABLED <-> PUA-ADWARE Adware borlan runtime detection (pua-adware.rules)
 * 1:10115 <-> DISABLED <-> FILE-IMAGE Microsoft Windows WMF FILE-IMAGE attempt (file-image.rules)
 * 1:10116 <-> DISABLED <-> POLICY-SOCIAL AIM GoChat URL access attempt (policy-social.rules)
 * 1:10123 <-> DISABLED <-> PROTOCOL-VOIP PA168 chipset based IP phone default password attempt (protocol-voip.rules)
 * 1:10128 <-> DISABLED <-> BROWSER-PLUGINS Aliplay ActiveX clsid access (browser-plugins.rules)
 * 1:10131 <-> DISABLED <-> BROWSER-FIREFOX Mozilla compareTo arbitrary code execution attempt (browser-firefox.rules)
 * 1:10134 <-> DISABLED <-> SERVER-OTHER CA Brightstor discovery service buffer overflow attempt (server-other.rules)
 * 1:10135 <-> DISABLED <-> SERVER-OTHER Squid proxy FTP denial of service attempt (server-other.rules)
 * 1:10137 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Input Method Editor ActiveX clsid access (browser-plugins.rules)
 * 1:10139 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Input Method Editor ActiveX function call access (browser-plugins.rules)
 * 1:10140 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Input Method Editor 2 ActiveX clsid access (browser-plugins.rules)
 * 1:10142 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer LexRefBilingualTextContext ActiveX clsid access (browser-plugins.rules)
 * 1:10144 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer LexRefBilingualTextContext ActiveX function call access (browser-plugins.rules)
 * 1:10145 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer HTML Inline Sound Control ActiveX clsid access (browser-plugins.rules)
 * 1:10147 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer HTML Inline Sound Control ActiveX function call access (browser-plugins.rules)
 * 1:10148 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer HTML Inline Movie Control ActiveX clsid access (browser-plugins.rules)
 * 1:10150 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer HTML Inline Movie Control ActiveX function call access (browser-plugins.rules)
 * 1:10151 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer BlnSetUser Proxy ActiveX clsid access (browser-plugins.rules)
 * 1:10153 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer BlnSetUser Proxy ActiveX function call access (browser-plugins.rules)
 * 1:10154 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer BlnSetUser Proxy 2 ActiveX clsid access (browser-plugins.rules)
 * 1:10156 <-> DISABLED <-> BROWSER-PLUGINS ActiveX Soft DVD Tools ActiveX clsid access (browser-plugins.rules)
 * 1:10162 <-> DISABLED <-> BROWSER-PLUGINS BrowseDialog ActiveX clsid access (browser-plugins.rules)
 * 1:10164 <-> DISABLED <-> PUA-ADWARE Adware adclicker-ej runtime detection (pua-adware.rules)
 * 1:10170 <-> DISABLED <-> BROWSER-PLUGINS Verisign ConfigCHK ActiveX clsid access (browser-plugins.rules)
 * 1:10173 <-> DISABLED <-> BROWSER-PLUGINS Trend Micro OfficeScan Client ActiveX clsid access (browser-plugins.rules)
 * 1:10175 <-> DISABLED <-> BROWSER-PLUGINS Trend Micro OfficeScan Client ActiveX function call access (browser-plugins.rules)
 * 1:10176 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Shell User Enumeration Object ActiveX clsid access (browser-plugins.rules)
 * 1:10178 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Shell User Enumeration Object ActiveX function call access (browser-plugins.rules)
 * 1:10180 <-> DISABLED <-> PUA-TOOLBARS Adware eqiso runtime detection (pua-toolbars.rules)
 * 1:10182 <-> DISABLED <-> PUA-ADWARE Adware newweb runtime detection (pua-adware.rules)
 * 1:10187 <-> DISABLED <-> SERVER-OTHER HP Mercury Loadrunner command line buffer overflow (server-other.rules)
 * 1:10189 <-> DISABLED <-> BROWSER-PLUGINS DivXBrowserPlugin ActiveX clsid access (browser-plugins.rules)
 * 1:10191 <-> DISABLED <-> BROWSER-PLUGINS DivXBrowserPlugin ActiveX function call access (browser-plugins.rules)
 * 1:10214 <-> DISABLED <-> BROWSER-PLUGINS Shockwave ActiveX Control ActiveX clsid access (browser-plugins.rules)
 * 1:10216 <-> DISABLED <-> BROWSER-PLUGINS Shockwave ActiveX Control ActiveX function call access (browser-plugins.rules)
 * 1:10387 <-> DISABLED <-> BROWSER-PLUGINS McAfee Site Manager ActiveX clsid access attempt (browser-plugins.rules)
 * 1:10389 <-> DISABLED <-> BROWSER-PLUGINS McAfee Site Manager ActiveX function call access attempt (browser-plugins.rules)
 * 1:10390 <-> DISABLED <-> BROWSER-PLUGINS Symantec Support Controls SmartIssue ActiveX clsid access (browser-plugins.rules)
 * 1:10392 <-> DISABLED <-> BROWSER-PLUGINS Symantec Support Controls SmartIssue ActiveX function call access (browser-plugins.rules)
 * 1:10404 <-> DISABLED <-> BROWSER-PLUGINS SignKorea SKCommAX ActiveX clsid access (browser-plugins.rules)
 * 1:10406 <-> DISABLED <-> BROWSER-PLUGINS SignKorea SKCommAX ActiveX function call access (browser-plugins.rules)
 * 1:10407 <-> DISABLED <-> SERVER-OTHER Helix Server LoadTestPassword buffer overflow attempt (server-other.rules)
 * 1:10412 <-> DISABLED <-> BROWSER-PLUGINS IBM Lotus SameTime STJNILoader ActiveX clsid access attempt (browser-plugins.rules)
 * 1:10414 <-> DISABLED <-> BROWSER-PLUGINS IBM Lotus SameTime STJNILoader Alt CLSID ActiveX function call access (browser-plugins.rules)
 * 1:10415 <-> DISABLED <-> BROWSER-PLUGINS IBM Lotus SameTime STJNILoader ActiveX clsid access attempt (browser-plugins.rules)
 * 1:10417 <-> DISABLED <-> BROWSER-PLUGINS IBM Lotus SameTime STJNILoader ActiveX function call access (browser-plugins.rules)
 * 1:10419 <-> DISABLED <-> BROWSER-PLUGINS HP Mercury Quality Center SPIDERLib ProgColor ActiveX clsid access (browser-plugins.rules)
 * 1:10421 <-> DISABLED <-> BROWSER-PLUGINS HP Mercury Quality Center SPIDERLib ActiveX function call access (browser-plugins.rules)
 * 1:10423 <-> DISABLED <-> BROWSER-PLUGINS Yahoo Audio Conferencing ActiveX clsid access (browser-plugins.rules)
 * 1:10425 <-> DISABLED <-> BROWSER-PLUGINS Yahoo Audio Conferencing ActiveX function call access (browser-plugins.rules)
 * 1:10427 <-> DISABLED <-> BROWSER-PLUGINS Kaspersky AntiVirus SysInfo ActiveX clsid access (browser-plugins.rules)
 * 1:10429 <-> DISABLED <-> BROWSER-PLUGINS Kaspersky AntiVirus SysInfo ActiveX function call access (browser-plugins.rules)
 * 1:10431 <-> DISABLED <-> BROWSER-PLUGINS Kaspersky AntiVirus KAV60Info ActiveX clsid access (browser-plugins.rules)
 * 1:10433 <-> DISABLED <-> BROWSER-PLUGINS Kaspersky AntiVirus KAV60Info ActiveX function call access (browser-plugins.rules)
 * 1:10437 <-> DISABLED <-> PUA-ADWARE Hijacker bazookabar outbound connection (pua-adware.rules)
 * 1:10439 <-> DISABLED <-> PUA-ADWARE Adware mokead runtime detection (pua-adware.rules)
 * 1:10466 <-> DISABLED <-> BROWSER-PLUGINS iPIX Image Well ActiveX clsid access (browser-plugins.rules)
 * 1:10470 <-> DISABLED <-> BROWSER-PLUGINS iPIX Media Send Class ActiveX clsid access (browser-plugins.rules)
 * 1:10472 <-> DISABLED <-> BROWSER-PLUGINS iPIX Media Send Class ActiveX function call access (browser-plugins.rules)
 * 1:10475 <-> DISABLED <-> OS-WINDOWS Microsoft Windows UPnP notification type overflow attempt (os-windows.rules)
 * 1:10476 <-> DISABLED <-> BROWSER-PLUGINS MarkAny MaPrintModule_WORK ActiveX clsid access (browser-plugins.rules)
 * 1:10478 <-> DISABLED <-> BROWSER-PLUGINS MarkAny MaPrintModule_WORK ActiveX function call access (browser-plugins.rules)
 * 1:10978 <-> DISABLED <-> BROWSER-PLUGINS Second Sight Software ActiveGS ActiveX clsid access (browser-plugins.rules)
 * 1:10980 <-> DISABLED <-> BROWSER-PLUGINS Second Sight Software ActiveGS ActiveX function call access (browser-plugins.rules)
 * 1:10982 <-> DISABLED <-> BROWSER-PLUGINS Second Sight Software ActiveMod ActiveX clsid access (browser-plugins.rules)
 * 1:10984 <-> DISABLED <-> BROWSER-PLUGINS Second Sight Software ActiveMod ActiveX function call access (browser-plugins.rules)
 * 1:10986 <-> DISABLED <-> BROWSER-PLUGINS GraceNote CDDB ActiveX clsid access (browser-plugins.rules)
 * 1:10988 <-> DISABLED <-> BROWSER-PLUGINS GraceNote CDDB ActiveX function call access (browser-plugins.rules)
 * 1:10991 <-> DISABLED <-> BROWSER-PLUGINS Microgaming Download Helper ActiveX clsid access (browser-plugins.rules)
 * 1:10993 <-> DISABLED <-> BROWSER-PLUGINS Microgaming Download Helper ActiveX function call access (browser-plugins.rules)
 * 1:10998 <-> DISABLED <-> SERVER-OTHER Novell GroupWise WebAccess authentication overflow (server-other.rules)
 * 1:11004 <-> DISABLED <-> PROTOCOL-IMAP CRAM-MD5 authentication method buffer overflow (protocol-imap.rules)
 * 1:11176 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Office PowerPoint Viewer ActiveX clsid access (browser-plugins.rules)
 * 1:11178 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Office PowerPoint Viewer ActiveX function call access (browser-plugins.rules)
 * 1:11180 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime movie ftyp buffer underflow (file-multimedia.rules)
 * 1:11181 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Office Excel Viewer ActiveX clsid access (browser-plugins.rules)
 * 1:11183 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Office Excel Viewer ActiveX function call access (browser-plugins.rules)
 * 1:11185 <-> DISABLED <-> SERVER-OTHER CA eTrust key handling dos via username attempt (server-other.rules)
 * 1:11186 <-> DISABLED <-> SERVER-OTHER CA eTrust key handling dos (password -- server-other.rules)
 * 1:11187 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Office Word Viewer ActiveX clsid access (browser-plugins.rules)
 * 1:11189 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Office Word Viewer ActiveX function call access (browser-plugins.rules)
 * 1:11197 <-> DISABLED <-> BROWSER-PLUGINS ActiveX Soft DVD Tools ActiveX function call access (browser-plugins.rules)
 * 1:11204 <-> DISABLED <-> SERVER-ORACLE Oracle Database DBMS_AQADM_SYS package GRANT_TYPE_ACCESS procedure SQL injection attempt (server-oracle.rules)
 * 1:11206 <-> DISABLED <-> BROWSER-PLUGINS East Wind Software ADVDAUDIO ActiveX clsid access (browser-plugins.rules)
 * 1:11208 <-> DISABLED <-> BROWSER-PLUGINS East Wind Software ADVDAUDIO ActiveX function call access (browser-plugins.rules)
 * 1:11210 <-> DISABLED <-> BROWSER-PLUGINS Sienzo Digital Music Mentor ActiveX clsid access (browser-plugins.rules)
 * 1:11212 <-> DISABLED <-> BROWSER-PLUGINS Sienzo Digital Music Mentor ActiveX function call access (browser-plugins.rules)
 * 1:11214 <-> DISABLED <-> BROWSER-PLUGINS VeralSoft HTTP File Uploader ActiveX clsid access (browser-plugins.rules)
 * 1:11216 <-> DISABLED <-> BROWSER-PLUGINS VeralSoft HTTP File Uploader ActiveX function call access (browser-plugins.rules)
 * 1:11218 <-> DISABLED <-> BROWSER-PLUGINS SmartCode VNC Manager ActiveX clsid access (browser-plugins.rules)
 * 1:11220 <-> DISABLED <-> BROWSER-PLUGINS SmartCode VNC Manager ActiveX function call access (browser-plugins.rules)
 * 1:11224 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSAuth ActiveX clsid access (browser-plugins.rules)
 * 1:11226 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSAuth ActiveX function call access (browser-plugins.rules)
 * 1:11228 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Input Method Editor 3 ActiveX clsid access (browser-plugins.rules)
 * 1:11230 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Cryptographic API COM 1 ActiveX clsid access (browser-plugins.rules)
 * 1:11232 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Cryptographic API COM 1 ActiveX function call access (browser-plugins.rules)
 * 1:11234 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Cryptographic API COM 2 ActiveX clsid access (browser-plugins.rules)
 * 1:11236 <-> DISABLED <-> BROWSER-PLUGINS OutlookExpress.AddressBook ActiveX clsid access (browser-plugins.rules)
 * 1:11239 <-> DISABLED <-> BROWSER-PLUGINS DXImageTransform.Microsoft.Redirect ActiveX clsid access (browser-plugins.rules)
 * 1:11241 <-> DISABLED <-> BROWSER-PLUGINS DXImageTransform.Microsoft.Redirect ActiveX function call access (browser-plugins.rules)
 * 1:11243 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DAstatics ActiveX clsid access (browser-plugins.rules)
 * 1:11245 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DAstatics ActiveX function call access (browser-plugins.rules)
 * 1:11247 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Research In Motion TeamOn Import ActiveX clsid access (browser-plugins.rules)
 * 1:11250 <-> DISABLED <-> BROWSER-PLUGINS Sony Rootkit Uninstaller ActiveX clsid access (browser-plugins.rules)
 * 1:11252 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Address ActiveX clsid access (browser-plugins.rules)
 * 1:11253 <-> DISABLED <-> BROWSER-PLUGINS Microsoft MciWndx ActiveX clsid access (browser-plugins.rules)
 * 1:11255 <-> DISABLED <-> BROWSER-PLUGINS Microsoft MciWndx ActiveX function call access (browser-plugins.rules)
 * 1:11257 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer colgroup tag uninitialized memory exploit attempt (browser-ie.rules)
 * 1:11267 <-> DISABLED <-> FILE-IMAGE Adobe Photoshop PNG file handling stack buffer overflow attempt (file-image.rules)
 * 1:11268 <-> DISABLED <-> BROWSER-PLUGINS Symantec Norton AntiVirus ActiveX clsid access (browser-plugins.rules)
 * 1:11270 <-> DISABLED <-> BROWSER-PLUGINS Symantec Norton AntiVirus ActiveX function call access (browser-plugins.rules)
 * 1:11274 <-> DISABLED <-> BROWSER-PLUGINS RControl ActiveX clsid access (browser-plugins.rules)
 * 1:11276 <-> DISABLED <-> BROWSER-PLUGINS GDivX Zenith Player AVI Fixer ActiveX clsid access (browser-plugins.rules)
 * 1:11278 <-> DISABLED <-> BROWSER-PLUGINS GDivX Zenith Player AVI Fixer ActiveX function call access (browser-plugins.rules)
 * 1:11280 <-> DISABLED <-> BROWSER-PLUGINS FlexLabel ActiveX clsid access (browser-plugins.rules)
 * 1:11282 <-> DISABLED <-> BROWSER-PLUGINS FlexLabel ActiveX function call access (browser-plugins.rules)
 * 1:11284 <-> DISABLED <-> BROWSER-PLUGINS AudioCDRipper ActiveX clsid access (browser-plugins.rules)
 * 1:11286 <-> DISABLED <-> BROWSER-PLUGINS AudioCDRipper ActiveX function call access (browser-plugins.rules)
 * 1:11291 <-> DISABLED <-> BROWSER-PLUGINS Hewlett Packard HPQVWOCX.DL ActiveX clsid access (browser-plugins.rules)
 * 1:11293 <-> DISABLED <-> BROWSER-PLUGINS IDAutomation Linear Bar Code ActiveX clsid access (browser-plugins.rules)
 * 1:11295 <-> DISABLED <-> BROWSER-PLUGINS IDAutomation Linear Bar Code ActiveX function call access (browser-plugins.rules)
 * 1:11297 <-> DISABLED <-> BROWSER-PLUGINS Clever Database Comparer ActiveX clsid access (browser-plugins.rules)
 * 1:11299 <-> DISABLED <-> BROWSER-PLUGINS Clever Database Comparer ActiveX function call access (browser-plugins.rules)
 * 1:11301 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DB Software Laboratory DeWizardX ActiveX clsid access (browser-plugins.rules)
 * 1:11303 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DB Software Laboratory DeWizardX ActiveX function call access (browser-plugins.rules)
 * 1:11305 <-> DISABLED <-> PUA-ADWARE Snoopware childwebguardian outbound connection - send log through smtp (pua-adware.rules)
 * 1:11306 <-> DISABLED <-> PUA-ADWARE Snoopware childwebguardian outbound connection - udp broadcast (pua-adware.rules)
 * 1:11310 <-> DISABLED <-> PUA-ADWARE Trickler iowa webdownloader - icq notification (pua-adware.rules)
 * 1:11324 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Input Method Editor 3 ActiveX function call access (browser-plugins.rules)
 * 1:11680 <-> DISABLED <-> SERVER-WEBAPP Oracle Java web proxy sockd buffer overflow attempt (server-webapp.rules)
 * 1:11686 <-> DISABLED <-> OS-WINDOWS Microsoft Windows WebDAV search overflow attempt (os-windows.rules)
 * 1:11822 <-> DISABLED <-> BROWSER-PLUGINS Yahoo Webcam Upload ActiveX clsid access (browser-plugins.rules)
 * 1:11823 <-> DISABLED <-> BROWSER-PLUGINS Yahoo Webcam Upload ActiveX clsid unicode access (browser-plugins.rules)
 * 1:11824 <-> DISABLED <-> BROWSER-PLUGINS Yahoo Webcam Upload ActiveX function call access (browser-plugins.rules)
 * 1:11825 <-> DISABLED <-> BROWSER-PLUGINS Yahoo Webcam Upload ActiveX function call unicode access (browser-plugins.rules)
 * 1:11834 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer navcancl.htm url spoofing attempt (browser-ie.rules)
 * 1:11836 <-> DISABLED <-> FILE-OFFICE Microsoft Office Visio version number anomaly (file-office.rules)
 * 1:11970 <-> DISABLED <-> PROTOCOL-VOIP Cisco 7940/7960 INVITE Remote-Party-ID header denial of service attempt (protocol-voip.rules)
 * 1:12010 <-> DISABLED <-> BROWSER-PLUGINS RKD Software BarCode ActiveX clsid access (browser-plugins.rules)
 * 1:12012 <-> DISABLED <-> BROWSER-PLUGINS RKD Software BarCode ActiveX function call access (browser-plugins.rules)
 * 1:12031 <-> DISABLED <-> CONTENT-REPLACE MSN deny in-bound file transfer attempts (content-replace.rules)
 * 1:12032 <-> DISABLED <-> CONTENT-REPLACE MSN deny out-bound file transfer attempts (content-replace.rules)
 * 1:12033 <-> DISABLED <-> CONTENT-REPLACE Jabber deny in-bound file transfer attempts (content-replace.rules)
 * 1:12034 <-> DISABLED <-> CONTENT-REPLACE Jabber deny out-bound file transfer attempts (content-replace.rules)
 * 1:12035 <-> DISABLED <-> CONTENT-REPLACE IRC deny in-bound file transfer attempts (content-replace.rules)
 * 1:12036 <-> DISABLED <-> CONTENT-REPLACE IRC deny out-bound file transfer attempts (content-replace.rules)
 * 1:12037 <-> DISABLED <-> CONTENT-REPLACE AIM deny in-bound file transfer attempts (content-replace.rules)
 * 1:12038 <-> DISABLED <-> CONTENT-REPLACE AIM deny out-bound file transfer attempts (content-replace.rules)
 * 1:12039 <-> DISABLED <-> CONTENT-REPLACE Yahoo Messenger deny in-bound file transfer attempts (content-replace.rules)
 * 1:12040 <-> DISABLED <-> CONTENT-REPLACE Yahoo Messenger deny out-bound file transfer attempts (content-replace.rules)
 * 1:12041 <-> DISABLED <-> CONTENT-REPLACE Yahoo Messenger V7 deny in-bound file transfer attempts (content-replace.rules)
 * 1:12042 <-> DISABLED <-> CONTENT-REPLACE Yahoo Messenger V7 deny out-bound file transfer attempts (content-replace.rules)
 * 1:12069 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Active Directory Crafted LDAP ModifyRequest (os-windows.rules)
 * 1:12078 <-> DISABLED <-> SERVER-OTHER CA BrightStor LGServer Heap buffer overflow (server-other.rules)
 * 1:12114 <-> DISABLED <-> SERVER-MAIL Ipswitch IMail search command buffer overflow attempt (server-mail.rules)
 * 1:12115 <-> DISABLED <-> SERVER-MAIL Ipswitch IMail search command buffer overflow attempt (server-mail.rules)
 * 1:12183 <-> DISABLED <-> FILE-FLASH Adobe FLV long string script data buffer overflow attempt (file-flash.rules)
 * 1:12187 <-> DISABLED <-> PROTOCOL-RPC portmap 2112 tcp rename_principal attempt (protocol-rpc.rules)
 * 1:12188 <-> DISABLED <-> PROTOCOL-RPC portmap 2112 udp rename_principal attempt (protocol-rpc.rules)
 * 1:12212 <-> DISABLED <-> SERVER-MAIL Ipswitch IMail literal search date command buffer overflow attempt (server-mail.rules)
 * 1:12213 <-> DISABLED <-> SERVER-MAIL Ipswitch IMail search date command buffer overflow attempt (server-mail.rules)
 * 1:12219 <-> DISABLED <-> FILE-MULTIMEDIA RealNetworks RealPlayer SMIL wallclock parsing buffer overflow (file-multimedia.rules)
 * 1:12256 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel malformed FBI record (file-office.rules)
 * 1:12269 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Visual Basic 6 TLIApplication ActiveX clsid access (browser-plugins.rules)
 * 1:12270 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Visual Basic 6 TLIApplication ActiveX function call (browser-plugins.rules)
 * 1:12278 <-> DISABLED <-> FILE-IDENTIFY Microsoft Media Player compressed skin download request (file-identify.rules)
 * 1:12279 <-> DISABLED <-> OS-WINDOWS Microsoft XML substringData integer overflow attempt (os-windows.rules)
 * 1:12293 <-> DISABLED <-> PUA-TOOLBARS Hijacker morpheus toolbar runtime detection - get cfg info (pua-toolbars.rules)
 * 1:12307 <-> DISABLED <-> NETBIOS DCERPC NCACN-IP-TCP trend-serverprotect _SetPagerNotifyConfig attempt (netbios.rules)
 * 1:12317 <-> DISABLED <-> NETBIOS DCERPC NCACN-IP-TCP trend-serverprotect-earthagent RPCFN_CopyAUSrc attempt (netbios.rules)
 * 1:12326 <-> DISABLED <-> NETBIOS DCERPC NCACN-IP-TCP trend-serverprotect _AddTaskExportLogItem attempt (netbios.rules)
 * 1:12332 <-> DISABLED <-> NETBIOS DCERPC NCACN-IP-TCP trend-serverprotect _TakeActionOnAFile attempt (netbios.rules)
 * 1:12335 <-> DISABLED <-> NETBIOS DCERPC NCACN-IP-TCP trend-serverprotect Trent_req_num_30010 overflow attempt (netbios.rules)
 * 1:12341 <-> DISABLED <-> NETBIOS DCERPC NCACN-IP-TCP trend-serverprotect Trent_req_num_a0030 attempt (netbios.rules)
 * 1:12347 <-> DISABLED <-> NETBIOS DCERPC NCACN-IP-TCP trend-serverprotect _SetSvcImpersonateUser attempt (netbios.rules)
 * 1:12382 <-> DISABLED <-> BROWSER-PLUGINS Oracle EasyMail Objects ActiveX clsid access (browser-plugins.rules)
 * 1:1239 <-> DISABLED <-> OS-WINDOWS RFParalyze Attempt (os-windows.rules)
 * 1:12393 <-> DISABLED <-> BROWSER-PLUGINS Intuit QuickBooks Online Edition 1 ActiveX clsid access (browser-plugins.rules)
 * 1:12395 <-> DISABLED <-> BROWSER-PLUGINS Intuit QuickBooks Online Edition 2 ActiveX clsid access (browser-plugins.rules)
 * 1:12397 <-> DISABLED <-> BROWSER-PLUGINS Intuit QuickBooks Online Edition 3 ActiveX clsid access (browser-plugins.rules)
 * 1:12399 <-> DISABLED <-> BROWSER-PLUGINS Intuit QuickBooks Online Edition 4 ActiveX clsid access (browser-plugins.rules)
 * 1:12401 <-> DISABLED <-> BROWSER-PLUGINS Intuit QuickBooks Online Edition 5 ActiveX clsid access (browser-plugins.rules)
 * 1:12403 <-> DISABLED <-> BROWSER-PLUGINS Intuit QuickBooks Online Edition 6 ActiveX clsid access (browser-plugins.rules)
 * 1:12405 <-> DISABLED <-> BROWSER-PLUGINS Intuit QuickBooks Online Edition 7 ActiveX clsid access (browser-plugins.rules)
 * 1:12407 <-> DISABLED <-> BROWSER-PLUGINS Intuit QuickBooks Online Edition 8 ActiveX clsid access (browser-plugins.rules)
 * 1:12409 <-> DISABLED <-> BROWSER-PLUGINS Intuit QuickBooks Online Edition 9 ActiveX clsid access (browser-plugins.rules)
 * 1:12411 <-> DISABLED <-> BROWSER-PLUGINS Intuit QuickBooks Online Edition 10 ActiveX clsid access (browser-plugins.rules)
 * 1:12417 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Visual FoxPro ActiveX clsid access (browser-plugins.rules)
 * 1:12419 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Visual FoxPro ActiveX function call access (browser-plugins.rules)
 * 1:12454 <-> DISABLED <-> FILE-IDENTIFY Microsoft Windows Media ASF file magic detected (file-identify.rules)
 * 1:12459 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Visual Studio 6 PDWizard.ocx ActiveX clsid access (browser-plugins.rules)
 * 1:12466 <-> DISABLED <-> BROWSER-PLUGINS MW6 Technologies QRCode ActiveX clsid access (browser-plugins.rules)
 * 1:12472 <-> DISABLED <-> BROWSER-PLUGINS Oracle Java Web Start ActiveX clsid access (browser-plugins.rules)
 * 1:12474 <-> DISABLED <-> BROWSER-PLUGINS Oracle Java Web Start ActiveX function call access (browser-plugins.rules)
 * 1:12489 <-> DISABLED <-> NETBIOS DCERPC NCACN-IP-TCP wkssvc NetrWkstaGetInfo attempt (netbios.rules)
 * 1:12594 <-> DISABLED <-> SERVER-OTHER Oracle TNS Service_CurLoad command (server-other.rules)
 * 1:12597 <-> DISABLED <-> SERVER-OTHER utf8 filename transfer attempt (server-other.rules)
 * 1:12612 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows MFC Library ActiveX clsid access (browser-plugins.rules)
 * 1:12614 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows MFC Library ActiveX function call access (browser-plugins.rules)
 * 1:12616 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Visual Studio 6 PDWizard.ocx ActiveX function call access (browser-plugins.rules)
 * 1:12619 <-> DISABLED <-> SERVER-MAIL Microsoft Windows Exchange ical/vcal malformed property (server-mail.rules)
 * 1:12629 <-> DISABLED <-> SERVER-WEBAPP Microsoft Office SharePoint cross site scripting attempt (server-webapp.rules)
 * 1:12664 <-> DISABLED <-> BROWSER-IE Microsoft Windows ShellExecute and Internet Explorer 7 url handling code execution attempt (browser-ie.rules)
 * 1:12667 <-> DISABLED <-> SERVER-OTHER CA BrightStor ARCServer malicious fileupload attempt (server-other.rules)
 * 1:12672 <-> DISABLED <-> PUA-TOOLBARS Trackware searchmiracle elitebar runtime detection - get ads (pua-toolbars.rules)
 * 1:12687 <-> DISABLED <-> OS-WINDOWS Microsoft Windows ShellExecute and IE7 url handling code execution attempt (os-windows.rules)
 * 1:12688 <-> DISABLED <-> OS-WINDOWS Microsoft Windows ShellExecute and IE7 url handling code execution attempt (os-windows.rules)
 * 1:12691 <-> DISABLED <-> PUA-P2P Outbound Joltid PeerEnabler traffic detected (pua-p2p.rules)
 * 1:12728 <-> DISABLED <-> FILE-MULTIMEDIA RealNetworks SMIL wallclock stack overflow attempt (file-multimedia.rules)
 * 1:12742 <-> DISABLED <-> SERVER-OTHER Apple Quicktime UDP RTSP sdp type buffer overflow attempt (server-other.rules)
 * 1:12743 <-> DISABLED <-> FILE-MULTIMEDIA FLAC libFLAC picture description metadata buffer overflow attempt (file-multimedia.rules)
 * 1:12744 <-> DISABLED <-> FILE-MULTIMEDIA FLAC libFLAC VORBIS string buffer overflow attempt (file-multimedia.rules)
 * 1:12745 <-> DISABLED <-> FILE-MULTIMEDIA FLAC libFLAC picture metadata buffer overflow attempt (file-multimedia.rules)
 * 1:12751 <-> DISABLED <-> BROWSER-PLUGINS RichFX Basic Player ActiveX clsid access (browser-plugins.rules)
 * 1:12753 <-> DISABLED <-> BROWSER-PLUGINS RichFX Basic Player ActiveX function call access (browser-plugins.rules)
 * 1:12755 <-> DISABLED <-> BROWSER-PLUGINS PPStream PowerList ActiveX clsid access (browser-plugins.rules)
 * 1:12757 <-> DISABLED <-> FILE-IMAGE Apple QuickTime uncompressed PICT stack overflow attempt (file-image.rules)
 * 1:12762 <-> DISABLED <-> BROWSER-PLUGINS Yahoo Toolbar Helper Class ActiveX clsid access (browser-plugins.rules)
 * 1:12764 <-> DISABLED <-> BROWSER-PLUGINS Yahoo Toolbar Helper Class ActiveX function call access (browser-plugins.rules)
 * 1:12768 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer RMOC3260.DLL ActiveX function call access (browser-plugins.rules)
 * 1:12770 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows obfuscated RDS.Dataspace ActiveX exploit attempt (browser-plugins.rules)
 * 1:12771 <-> DISABLED <-> BROWSER-PLUGINS obfuscated BaoFeng Storm MPS.dll ActiveX exploit attempt (browser-plugins.rules)
 * 1:12772 <-> DISABLED <-> BROWSER-PLUGINS obfuscated PPStream PowerPlayer ActiveX exploit attempt (browser-plugins.rules)
 * 1:12773 <-> DISABLED <-> BROWSER-PLUGINS obfuscated Xunlei Thunder PPLAYER.DLL ActiveX exploit attempt (browser-plugins.rules)
 * 1:12774 <-> DISABLED <-> BROWSER-PLUGINS obfuscated GlobalLink ConnectAndEnterRoom ActiveX exploit attempt (browser-plugins.rules)
 * 1:12775 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer obfuscated Ierpplug.dll ActiveX exploit attempt (browser-plugins.rules)
 * 1:12803 <-> DISABLED <-> BROWSER-PLUGINS VideoLAN VLC ActiveX clsid access (browser-plugins.rules)
 * 1:12805 <-> DISABLED <-> BROWSER-PLUGINS VideoLAN VLC ActiveX function call access (browser-plugins.rules)
 * 1:12807 <-> DISABLED <-> FILE-IDENTIFY Lotus 123 file attachment (file-identify.rules)
 * 1:12808 <-> DISABLED <-> NETBIOS DCERPC NCACN-IP-TCP spoolss OpenPrinter overflow attempt (netbios.rules)
 * 1:12910 <-> DISABLED <-> NETBIOS DCERPC NCACN-IP-TCP brightstor-arc3 CA opcode 4 attempt (netbios.rules)
 * 1:12916 <-> DISABLED <-> NETBIOS DCERPC NCACN-IP-TCP brightstor-arc3 CA opcode 12 attempt (netbios.rules)
 * 1:12922 <-> DISABLED <-> NETBIOS DCERPC NCACN-IP-TCP brightstor-arc3 CA opcode 16 attempt (netbios.rules)
 * 1:12928 <-> DISABLED <-> NETBIOS DCERPC NCACN-IP-TCP brightstor-arc3 CA opcode 18 attempt (netbios.rules)
 * 1:12934 <-> DISABLED <-> NETBIOS DCERPC NCACN-IP-TCP brightstor-arc3 CA opcode 19 attempt (netbios.rules)
 * 1:12946 <-> DISABLED <-> OS-WINDOWS SMB-DS SMBv2 protocol negotiation attempt (os-windows.rules)
 * 1:12947 <-> DISABLED <-> OS-WINDOWS SMB SMBv2 protocol negotiation attempt (os-windows.rules)
 * 1:12948 <-> DISABLED <-> BROWSER-PLUGINS Vantage Linguistics 1 ActiveX clsid access (browser-plugins.rules)
 * 1:12950 <-> DISABLED <-> BROWSER-PLUGINS Vantage Linguistics 2 ActiveX clsid access (browser-plugins.rules)
 * 1:12952 <-> DISABLED <-> BROWSER-PLUGINS Vantage Linguistics 3 ActiveX clsid access (browser-plugins.rules)
 * 1:12954 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DXLTPI.DLL ActiveX clsid access (browser-plugins.rules)
 * 1:12957 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSN Heartbeat 2 ActiveX clsid access (browser-plugins.rules)
 * 1:12959 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSN Heartbeat 3 ActiveX clsid access (browser-plugins.rules)
 * 1:12961 <-> DISABLED <-> BROWSER-PLUGINS Intuit QuickBooks Online Import 1 ActiveX clsid access (browser-plugins.rules)
 * 1:12963 <-> DISABLED <-> BROWSER-PLUGINS Intuit QuickBooks Online Import 2 ActiveX clsid access (browser-plugins.rules)
 * 1:12965 <-> DISABLED <-> BROWSER-PLUGINS Intuit QuickBooks Online Import 3 ActiveX clsid access (browser-plugins.rules)
 * 1:12967 <-> DISABLED <-> BROWSER-PLUGINS Intuit QuickBooks Online Import 4 ActiveX clsid access (browser-plugins.rules)
 * 1:12969 <-> DISABLED <-> BROWSER-PLUGINS Intuit QuickBooks Online Import 5 ActiveX clsid access (browser-plugins.rules)
 * 1:12971 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows DirectX directshow wav file overflow attempt (file-multimedia.rules)
 * 1:12972 <-> DISABLED <-> FILE-IDENTIFY Microsoft Media Player asf/wmv/wma file magic detected (file-identify.rules)
 * 1:13158 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Media Player asf streaming format interchange data integer overflow attempt (file-multimedia.rules)
 * 1:13159 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Media Player asf streaming format audio error masking integer overflow attempt (file-multimedia.rules)
 * 1:13160 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Media Player asf streaming audio spread error correction data length integer overflow attempt (file-multimedia.rules)
 * 1:13161 <-> DISABLED <-> SERVER-OTHER HP OpenView CGI parameter buffer overflow attempt (server-other.rules)
 * 1:13162 <-> DISABLED <-> NETBIOS DCERPC NCACN-IP-TCP spoolss EnumPrinters overflow attempt (netbios.rules)
 * 1:13216 <-> DISABLED <-> BROWSER-PLUGINS ShockwaveFlash.ShockwaveFlash ActiveX function call access (browser-plugins.rules)
 * 1:13219 <-> DISABLED <-> BROWSER-PLUGINS HP Software Update RulesEngine.dll ActiveX clsid access (browser-plugins.rules)
 * 1:13221 <-> DISABLED <-> SERVER-OTHER Motorola Timbuktu crafted login request buffer overflow attempt (server-other.rules)
 * 1:13222 <-> DISABLED <-> SERVER-OTHER Motorola Timbuktu crafted login request buffer overflow attempt (server-other.rules)
 * 1:13223 <-> DISABLED <-> PROTOCOL-RPC MIT Kerberos kadmind rpc library uninitialized pointer arbitrary code execution attempt (protocol-rpc.rules)
 * 1:13224 <-> DISABLED <-> BROWSER-PLUGINS Yahoo Toolbar YShortcut ActiveX clsid access (browser-plugins.rules)
 * 1:13226 <-> DISABLED <-> BROWSER-PLUGINS Yahoo Toolbar YShortcut ActiveX function call access (browser-plugins.rules)
 * 1:13250 <-> DISABLED <-> PROTOCOL-RPC portmap 390113 tcp request (protocol-rpc.rules)
 * 1:13251 <-> DISABLED <-> PROTOCOL-RPC portmap 390113 udp request (protocol-rpc.rules)
 * 1:13252 <-> DISABLED <-> PROTOCOL-RPC portmap 390113 tcp procedure 4 attempt (protocol-rpc.rules)
 * 1:13253 <-> DISABLED <-> PROTOCOL-RPC portmap 390113 udp procedure 4 attempt (protocol-rpc.rules)
 * 1:13256 <-> DISABLED <-> PROTOCOL-RPC portmap 390113 tcp procedure 5 attempt (protocol-rpc.rules)
 * 1:13257 <-> DISABLED <-> PROTOCOL-RPC portmap 390113 udp procedure 5 attempt (protocol-rpc.rules)
 * 1:13258 <-> DISABLED <-> BROWSER-PLUGINS IBM Lotus Domino Web Access 6 ActiveX clsid access (browser-plugins.rules)
 * 1:13260 <-> DISABLED <-> BROWSER-PLUGINS IBM Lotus Domino Web Access 6 ActiveX function call access (browser-plugins.rules)
 * 1:13262 <-> DISABLED <-> BROWSER-PLUGINS IBM Lotus Domino Web Access 7 ActiveX clsid access (browser-plugins.rules)
 * 1:13264 <-> DISABLED <-> BROWSER-PLUGINS IBM Lotus Domino Web Access 7 ActiveX function call access (browser-plugins.rules)
 * 1:13266 <-> DISABLED <-> BROWSER-PLUGINS SkyFex Client ActiveX clsid access (browser-plugins.rules)
 * 1:13273 <-> DISABLED <-> BROWSER-PLUGINS DivX Web Player ActiveX clsid access (browser-plugins.rules)
 * 1:13275 <-> DISABLED <-> BROWSER-PLUGINS DivX Web Player ActiveX function call access (browser-plugins.rules)
 * 1:13289 <-> DISABLED <-> BROWSER-PLUGINS Gatway CWebLaunchCtl ActiveX clsid access (browser-plugins.rules)
 * 1:13291 <-> DISABLED <-> SERVER-SAMBA Samba send_mailslot buffer overflow attempt (server-samba.rules)
 * 1:13292 <-> DISABLED <-> PUA-OTHER Skype skype4com URI handler memory corruption attempt (pua-other.rules)
 * 1:13294 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Rich TextBox ActiveX clsid access (browser-plugins.rules)
 * 1:13296 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Rich TextBox ActiveX clsid access (browser-plugins.rules)
 * 1:13298 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Rich TextBox ActiveX function call access (browser-plugins.rules)
 * 1:13300 <-> DISABLED <-> FILE-FLASH Adobe Flash Player embedded JPG image height overflow attempt (file-flash.rules)
 * 1:13303 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Visual FoxPro 2 ActiveX clsid access (browser-plugins.rules)
 * 1:13305 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Visual FoxPro 2 ActiveX function call access (browser-plugins.rules)
 * 1:13312 <-> DISABLED <-> BROWSER-PLUGINS StreamAudio ProxyManager ActiveX clsid access (browser-plugins.rules)
 * 1:13314 <-> DISABLED <-> BROWSER-PLUGINS StreamAudio ProxyManager ActiveX function call access (browser-plugins.rules)
 * 1:13316 <-> DISABLED <-> FILE-MULTIMEDIA 3ivx MP4 file parsing ART buffer overflow attempt (file-multimedia.rules)
 * 1:13317 <-> DISABLED <-> FILE-MULTIMEDIA 3ivx MP4 file parsing nam buffer overflow attempt (file-multimedia.rules)
 * 1:13318 <-> DISABLED <-> FILE-MULTIMEDIA 3ivx MP4 file parsing cmt buffer overflow attempt (file-multimedia.rules)
 * 1:13319 <-> DISABLED <-> FILE-MULTIMEDIA 3ivx MP4 file parsing des buffer overflow attempt (file-multimedia.rules)
 * 1:13320 <-> DISABLED <-> FILE-MULTIMEDIA 3ivx MP4 file parsing cpy buffer overflow attempt (file-multimedia.rules)
 * 1:13321 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Package and Deployment Wizard ActiveX clsid access (browser-plugins.rules)
 * 1:13323 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Package and Deployment Wizard ActiveX function call access (browser-plugins.rules)
 * 1:13325 <-> DISABLED <-> BROWSER-PLUGINS Macrovision FLEXnet Connect ActiveX clsid access (browser-plugins.rules)
 * 1:13327 <-> DISABLED <-> BROWSER-PLUGINS Macrovision FLEXnet Connect ActiveX function call access (browser-plugins.rules)
 * 1:13329 <-> DISABLED <-> BROWSER-PLUGINS Toshiba Surveillance Surveillix DVR ActiveX clsid access (browser-plugins.rules)
 * 1:13331 <-> DISABLED <-> BROWSER-PLUGINS Toshiba Surveillance Surveillix DVR ActiveX function call access (browser-plugins.rules)
 * 1:13333 <-> DISABLED <-> BROWSER-PLUGINS HP Virtual Rooms ActiveX clsid access (browser-plugins.rules)
 * 1:13335 <-> DISABLED <-> BROWSER-PLUGINS Lycos File Upload Component ActiveX clsid access (browser-plugins.rules)
 * 1:13337 <-> DISABLED <-> BROWSER-PLUGINS Comodo AntiVirus ActiveX clsid access (browser-plugins.rules)
 * 1:13348 <-> DISABLED <-> BROWSER-PLUGINS Move Networks Media Player ActiveX clsid access (browser-plugins.rules)
 * 1:13350 <-> DISABLED <-> BROWSER-PLUGINS Move Networks Media Player ActiveX function call access (browser-plugins.rules)
 * 1:13352 <-> DISABLED <-> BROWSER-PLUGINS Lycos File Upload Component ActiveX function call access (browser-plugins.rules)
 * 1:13354 <-> DISABLED <-> BROWSER-PLUGINS HP Virtual Rooms ActiveX function call access (browser-plugins.rules)
 * 1:13357 <-> DISABLED <-> SERVER-MYSQL failed Oracle Mysql login attempt (server-mysql.rules)
 * 1:13358 <-> DISABLED <-> SERVER-MYSQL Oracle Mysql login attempt from unauthorized location (server-mysql.rules)
 * 1:13363 <-> DISABLED <-> SERVER-OTHER Cisco Unified Communications Manager heap overflow attempt (server-other.rules)
 * 1:13364 <-> DISABLED <-> SERVER-MAIL Novell GroupWise client IMG SRC buffer overflow (server-mail.rules)
 * 1:13365 <-> DISABLED <-> SERVER-OTHER Trend Micro ServerProtect TMregChange buffer overflow attempt (server-other.rules)
 * 1:13366 <-> DISABLED <-> SERVER-ORACLE Oracle database SYS.LT.FINDRICSET SQL injection attempt (server-oracle.rules)
 * 1:13367 <-> DISABLED <-> NETBIOS DCERPC NCACN-IP-TCP spoolss GetPrinterData attempt (netbios.rules)
 * 1:13415 <-> DISABLED <-> SERVER-OTHER CA BrightStor cheyenneds mailslot overflow (server-other.rules)
 * 1:13419 <-> DISABLED <-> BROWSER-PLUGINS Facebook Photo Uploader ActiveX clsid access (browser-plugins.rules)
 * 1:13421 <-> DISABLED <-> BROWSER-PLUGINS Facebook Photo Uploader ActiveX function call access (browser-plugins.rules)
 * 1:13423 <-> DISABLED <-> BROWSER-PLUGINS SwiftView ActiveX clsid access (browser-plugins.rules)
 * 1:13426 <-> DISABLED <-> BROWSER-PLUGINS Yahoo Music JukeBox DataGrid ActiveX clsid access (browser-plugins.rules)
 * 1:13428 <-> DISABLED <-> BROWSER-PLUGINS Yahoo Music JukeBox DataGrid ActiveX function call access (browser-plugins.rules)
 * 1:13430 <-> DISABLED <-> BROWSER-PLUGINS Yahoo Music JukeBox MediaGrid ActiveX clsid access (browser-plugins.rules)
 * 1:13432 <-> DISABLED <-> BROWSER-PLUGINS Yahoo Music JukeBox MediaGrid ActiveX function call access (browser-plugins.rules)
 * 1:13446 <-> DISABLED <-> BROWSER-PLUGINS GlobalLink HanGamePlugin ActiveX clsid access (browser-plugins.rules)
 * 1:13453 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer DXLUTBuilder ActiveX clsid access (browser-ie.rules)
 * 1:13455 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer DXLUTBuilder ActiveX function call access (browser-ie.rules)
 * 1:13457 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Forms 2.0 ActiveX clsid access (browser-plugins.rules)
 * 1:13459 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Forms 2.0 ActiveX function call access (browser-plugins.rules)
 * 1:13465 <-> DISABLED <-> FILE-IDENTIFY Microsoft Works file download request (file-identify.rules)
 * 1:13466 <-> DISABLED <-> FILE-OFFICE Microsoft Works file converter file section length headers memory corruption attempt (file-office.rules)
 * 1:13470 <-> DISABLED <-> FILE-OFFICE Microsoft Office Publisher memory corruption attempt (file-office.rules)
 * 1:13477 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader collab.collectEmailInfo exploit attempt - compressed (file-pdf.rules)
 * 1:13478 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader collab.collectEmailInfo exploit attempt (file-pdf.rules)
 * 1:13515 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime user agent (file-multimedia.rules)
 * 1:13516 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime HTTP error response buffer overflow (file-multimedia.rules)
 * 1:13520 <-> DISABLED <-> SERVER-OTHER Nullsoft Winamp Ultravox streaming malicious metadata (server-other.rules)
 * 1:13521 <-> DISABLED <-> SERVER-OTHER Nullsoft Winamp Ultravox streaming malicious metadata (server-other.rules)
 * 1:13522 <-> DISABLED <-> SERVER-OTHER Firebird Database Server username handling buffer overflow (server-other.rules)
 * 1:13523 <-> ENABLED <-> BROWSER-PLUGINS Novell iPrint ActiveX clsid access (browser-plugins.rules)
 * 1:13525 <-> ENABLED <-> BROWSER-PLUGINS Novell iPrint ActiveX function call access (browser-plugins.rules)
 * 1:13527 <-> DISABLED <-> BROWSER-PLUGINS D-Link MPEG4 SHM Audio Control ActiveX clsid access (browser-plugins.rules)
 * 1:13529 <-> DISABLED <-> BROWSER-PLUGINS D-Link MPEG4 SHM Audio Control ActiveX function call access (browser-plugins.rules)
 * 1:13531 <-> DISABLED <-> BROWSER-PLUGINS 4xem VatCtrl ActiveX clsid access (browser-plugins.rules)
 * 1:13533 <-> DISABLED <-> BROWSER-PLUGINS 4xem VatCtrl ActiveX function call access (browser-plugins.rules)
 * 1:13535 <-> DISABLED <-> BROWSER-PLUGINS Vivotek RTSP MPEG4 SP Control ActiveX clsid access (browser-plugins.rules)
 * 1:13537 <-> DISABLED <-> BROWSER-PLUGINS Vivotek RTSP MPEG4 SP Control ActiveX function call access (browser-plugins.rules)
 * 1:13539 <-> DISABLED <-> BROWSER-PLUGINS Symantec Backup Exec ActiveX clsid access (browser-plugins.rules)
 * 1:13541 <-> DISABLED <-> BROWSER-PLUGINS Symantec Backup Exec ActiveX function call access (browser-plugins.rules)
 * 1:13543 <-> DISABLED <-> BROWSER-PLUGINS Learn2 STRunner ActiveX clsid access (browser-plugins.rules)
 * 1:13545 <-> DISABLED <-> BROWSER-PLUGINS Learn2 STRunner ActiveX function call access (browser-plugins.rules)
 * 1:13547 <-> DISABLED <-> BROWSER-PLUGINS Sony ImageStation ActiveX clsid access (browser-plugins.rules)
 * 1:13549 <-> DISABLED <-> BROWSER-PLUGINS Sony ImageStation ActiveX function call access (browser-plugins.rules)
 * 1:13551 <-> DISABLED <-> SERVER-ORACLE Oracle XDB.XDB_PITRIG_PKG sql injection attempt (server-oracle.rules)
 * 1:13571 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel dval record arbitrary code excecution attempt (file-office.rules)
 * 1:13572 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint malformed shapeid arbitrary code execution attempt (file-office.rules)
 * 1:13573 <-> DISABLED <-> FILE-OFFICE Microsoft Office Outlook arbitrary command line attempt (file-office.rules)
 * 1:13584 <-> ENABLED <-> FILE-IDENTIFY CSV file download request (file-identify.rules)
 * 1:13589 <-> DISABLED <-> PROTOCOL-VOIP OPTIONS message Via header request misplaced - after terminating newline (protocol-voip.rules)
 * 1:13590 <-> DISABLED <-> PROTOCOL-VOIP OPTIONS message Call-ID header request misplaced - after terminating newline (protocol-voip.rules)
 * 1:13591 <-> DISABLED <-> SERVER-WEBAPP Trend Micro OfficeScan CGI password decryption buffer overflow attempt (server-webapp.rules)
 * 1:13595 <-> DISABLED <-> BROWSER-PLUGINS ICQ Toolbar toolbaru.dll ActiveX clsid access (browser-plugins.rules)
 * 1:13597 <-> DISABLED <-> BROWSER-PLUGINS ICQ Toolbar toolbaru.dll ActiveX function call access (browser-plugins.rules)
 * 1:13599 <-> DISABLED <-> BROWSER-PLUGINS Kingsoft Antivirus Online Update Module ActiveX clsid access (browser-plugins.rules)
 * 1:13601 <-> DISABLED <-> BROWSER-PLUGINS Kingsoft Antivirus Online Update Module ActiveX function call access (browser-plugins.rules)
 * 1:13603 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer Download Handler ActiveX function call access (browser-plugins.rules)
 * 1:13605 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer RAM Download Handler ActiveX function call access (browser-plugins.rules)
 * 1:13607 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer RMOC3260.DLL Vulnerble Property ActiveX clsid access (browser-plugins.rules)
 * 1:13609 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer RMOC3260.DLL Vulnerble Property ActiveX function call access (browser-plugins.rules)
 * 1:13613 <-> DISABLED <-> OS-SOLARIS Oracle Solaris username overflow authentication bypass attempt (os-solaris.rules)
 * 1:13616 <-> DISABLED <-> SERVER-OTHER CVS Argument overflow (server-other.rules)
 * 1:13617 <-> DISABLED <-> SERVER-ORACLE Oracle database version 8 username buffer overflow attempt (server-oracle.rules)
 * 1:13619 <-> DISABLED <-> OS-WINDOWS Microsoft Windows getBulkRequest memory corruption attempt (os-windows.rules)
 * 1:13621 <-> DISABLED <-> BROWSER-PLUGINS CA BrightStor ListCtrl ActiveX clsid access (browser-plugins.rules)
 * 1:13623 <-> DISABLED <-> BROWSER-PLUGINS CA BrightStor ListCtrl ActiveX function call access (browser-plugins.rules)
 * 1:13631 <-> DISABLED <-> SERVER-OTHER McAfee ePolicy Orchestrator Framework Services log handling format string attempt (server-other.rules)
 * 1:13632 <-> DISABLED <-> SERVER-OTHER Zango adware installation request (server-other.rules)
 * 1:13656 <-> DISABLED <-> SERVER-WEBAPP Cisco Secure Access Control Server UCP Application CSuserCGI.exe buffer overflow attempt (server-webapp.rules)
 * 1:13657 <-> DISABLED <-> BROWSER-PLUGINS BusinessObjects RptViewerAx ActiveX clsid access (browser-plugins.rules)
 * 1:13659 <-> DISABLED <-> BROWSER-PLUGINS BusinessObjects RptViewerAx ActiveX function call access (browser-plugins.rules)
 * 1:13661 <-> DISABLED <-> BROWSER-PLUGINS VeralSoft HTTP File Upload ActiveX clsid access (browser-plugins.rules)
 * 1:13663 <-> DISABLED <-> SERVER-MAIL Alt-N MDaemon IMAP Server FETCH command buffer overflow attempt (server-mail.rules)
 * 1:13664 <-> DISABLED <-> PROTOCOL-VOIP Remote-Party-ID header hexadecimal characters in IP address field (protocol-voip.rules)
 * 1:13665 <-> DISABLED <-> FILE-OFFICE Microsoft Office Visio DXF file invalid memory allocation exploit attempt (file-office.rules)
 * 1:13668 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Help 2.0 Contents Control ActiveX clsid access (browser-plugins.rules)
 * 1:13670 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Help 2.0 Contents Control ActiveX function call access (browser-plugins.rules)
 * 1:13672 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Help 2.0 Contents Control 2 ActiveX clsid access (browser-plugins.rules)
 * 1:13674 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Help 2.0 Contents Control 2 ActiveX function call access (browser-plugins.rules)
 * 1:13677 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer data stream memory corruption attempt (browser-ie.rules)
 * 1:13679 <-> DISABLED <-> BROWSER-PLUGINS IBiz EBanking Integrator ActiveX clsid access (browser-plugins.rules)
 * 1:13681 <-> DISABLED <-> BROWSER-PLUGINS CDNetworks Nefficient Download ActiveX clsid access (browser-plugins.rules)
 * 1:13683 <-> DISABLED <-> BROWSER-PLUGINS CDNetworks Nefficient Download ActiveX function call access (browser-plugins.rules)
 * 1:13685 <-> DISABLED <-> BROWSER-PLUGINS Chilkat HTTP 1 ActiveX clsid access (browser-plugins.rules)
 * 1:13687 <-> DISABLED <-> BROWSER-PLUGINS Chilkat HTTP 1 ActiveX function call access (browser-plugins.rules)
 * 1:13689 <-> DISABLED <-> BROWSER-PLUGINS Chilkat HTTP 2 ActiveX clsid access (browser-plugins.rules)
 * 1:13691 <-> DISABLED <-> BROWSER-PLUGINS Chilkat HTTP 2 ActiveX function call access (browser-plugins.rules)
 * 1:13693 <-> DISABLED <-> PROTOCOL-VOIP Attribute header rtpmap field invalid payload type (protocol-voip.rules)
 * 1:13699 <-> DISABLED <-> BROWSER-PLUGINS CA DSM gui_cm_ctrls ActiveX clsid access (browser-plugins.rules)
 * 1:13714 <-> DISABLED <-> SERVER-MYSQL yaSSL SSLv3 Client Hello Message Cipher Specs Buffer Overflow attempt (server-mysql.rules)
 * 1:13715 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Network Node Manager HTTP handling buffer overflow attempt (server-webapp.rules)
 * 1:13720 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 3 ActiveX clsid access (browser-plugins.rules)
 * 1:13722 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 4 ActiveX clsid access (browser-plugins.rules)
 * 1:13724 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 5 ActiveX clsid access (browser-plugins.rules)
 * 1:13726 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 6 ActiveX clsid access (browser-plugins.rules)
 * 1:13728 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 7 ActiveX clsid access (browser-plugins.rules)
 * 1:13730 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 8 ActiveX clsid access (browser-plugins.rules)
 * 1:13732 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 9 ActiveX clsid access (browser-plugins.rules)
 * 1:13734 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 10 ActiveX clsid access (browser-plugins.rules)
 * 1:13736 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 11 ActiveX clsid access (browser-plugins.rules)
 * 1:13738 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 12 ActiveX clsid access (browser-plugins.rules)
 * 1:13740 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 13 ActiveX clsid access (browser-plugins.rules)
 * 1:13742 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 14 ActiveX clsid access (browser-plugins.rules)
 * 1:13744 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 15 ActiveX clsid access (browser-plugins.rules)
 * 1:13746 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 16 ActiveX clsid access (browser-plugins.rules)
 * 1:13748 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 17 ActiveX clsid access (browser-plugins.rules)
 * 1:13750 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 18 ActiveX clsid access (browser-plugins.rules)
 * 1:13752 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 19 ActiveX clsid access (browser-plugins.rules)
 * 1:13754 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 20 ActiveX clsid access (browser-plugins.rules)
 * 1:13756 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 21 ActiveX clsid access (browser-plugins.rules)
 * 1:13758 <-> DISABLED <-> BROWSER-PLUGINS Microsoft HeartbeatCtl ActiveX clsid access (browser-plugins.rules)
 * 1:13760 <-> DISABLED <-> BROWSER-PLUGINS Microsoft HeartbeatCtl ActiveX function call access (browser-plugins.rules)
 * 1:13764 <-> DISABLED <-> PUA-ADWARE Snoopware xpress remote outbound connection - init connection (pua-adware.rules)
 * 1:13783 <-> DISABLED <-> BROWSER-PLUGINS Yahoo Assistant ActiveX clsid access (browser-plugins.rules)
 * 1:13785 <-> DISABLED <-> BROWSER-PLUGINS Ourgame GLWorld ActiveX clsid access (browser-plugins.rules)
 * 1:13787 <-> DISABLED <-> BROWSER-PLUGINS Ourgame GLWorld ActiveX function call access (browser-plugins.rules)
 * 1:13791 <-> DISABLED <-> INDICATOR-OBFUSCATION oversized cast statement - possible sql injection obfuscation (indicator-obfuscation.rules)
 * 1:13800 <-> DISABLED <-> SERVER-OTHER ARCServe LGServer service data overflow attempt (server-other.rules)
 * 1:13816 <-> DISABLED <-> SERVER-WEBAPP xmlrpc.php command injection attempt (server-webapp.rules)
 * 1:13817 <-> DISABLED <-> SERVER-WEBAPP xmlrpc.php command injection attempt (server-webapp.rules)
 * 1:13818 <-> DISABLED <-> SERVER-WEBAPP alternate xmlrpc.php command injection attempt (server-webapp.rules)
 * 1:13820 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SWF scene and label data memory corruption attempt (file-flash.rules)
 * 1:13821 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SWF scene and label data memory corruption attempt (file-flash.rules)
 * 1:13822 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SWF scene and label data memory corruption attempt (file-flash.rules)
 * 1:13823 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows DirectX SAMI file parsing buffer overflow attempt (file-multimedia.rules)
 * 1:13824 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows DirectX malformed mjpeg arbitrary code execution attempt (file-multimedia.rules)
 * 1:13834 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer request header overwrite (browser-ie.rules)
 * 1:13838 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox IFRAME style change handling code execution (browser-firefox.rules)
 * 1:13839 <-> DISABLED <-> SERVER-OTHER CA ARCServ NetBackup remote file upload attempt (server-other.rules)
 * 1:13843 <-> DISABLED <-> SERVER-OTHER MaxDB WebDBM get buffer overflow (server-other.rules)
 * 1:13844 <-> DISABLED <-> SERVER-MAIL BDAT size longer than contents exploit attempt (server-mail.rules)
 * 1:13845 <-> DISABLED <-> SERVER-MAIL BDAT size public exploit attempt (server-mail.rules)
 * 1:13846 <-> DISABLED <-> SERVER-OTHER Veritas Backup Agent password overflow attempt (server-other.rules)
 * 1:13857 <-> DISABLED <-> BROWSER-PLUGINS HP Instant Support DataManager ActiveX clsid access (browser-plugins.rules)
 * 1:13859 <-> DISABLED <-> BROWSER-PLUGINS HP Instant Support DataManager ActiveX function call access (browser-plugins.rules)
 * 1:13861 <-> DISABLED <-> POLICY-SOCIAL Habbo chat client avatar control (policy-social.rules)
 * 1:13862 <-> DISABLED <-> POLICY-SOCIAL Habbo chat client item information download (policy-social.rules)
 * 1:13863 <-> DISABLED <-> POLICY-SOCIAL Habbo chat client successful login (policy-social.rules)
 * 1:13864 <-> DISABLED <-> POLICY-OTHER Microsoft Watson error reporting attempt (policy-other.rules)
 * 1:13865 <-> DISABLED <-> FILE-IMAGE BMP image handler buffer overflow attempt (file-image.rules)
 * 1:13883 <-> DISABLED <-> BROWSER-PLUGINS UUSee UUUpgrade ActiveX clsid access (browser-plugins.rules)
 * 1:13885 <-> DISABLED <-> BROWSER-PLUGINS UUSee UUUpgrade ActiveX function call access (browser-plugins.rules)
 * 1:13894 <-> DISABLED <-> SERVER-MAIL Microsoft Office Outlook Web Access From field cross-site scripting attempt  (server-mail.rules)
 * 1:13895 <-> DISABLED <-> SERVER-MAIL Micrsoft Office Outlook Web Access invalid CSS escape sequence script execution attempt  (server-mail.rules)
 * 1:13912 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer isComponentInstalled attack attempt (browser-ie.rules)
 * 1:13913 <-> DISABLED <-> BROWSER-PLUGINS AcroPDF.PDF ActiveX function call access (browser-plugins.rules)
 * 1:13917 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime MOV file string handling integer overflow attempt (file-multimedia.rules)
 * 1:13918 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime MOV file string handling integer overflow attempt (file-multimedia.rules)
 * 1:13919 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime MOV file string handling integer overflow attempt (file-multimedia.rules)
 * 1:13920 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime Obji Atom parsing stack buffer overflow attempt (file-multimedia.rules)
 * 1:13923 <-> DISABLED <-> SERVER-MAIL MailEnable SMTP HELO command denial of service attempt (server-mail.rules)
 * 1:13928 <-> DISABLED <-> SERVER-WEBAPP Adobe RoboHelp r0 SQL injection attempt (server-webapp.rules)
 * 1:13929 <-> DISABLED <-> SERVER-WEBAPP Adobe RoboHelp rx SQL injection attempt (server-webapp.rules)
 * 1:13949 <-> DISABLED <-> PROTOCOL-DNS excessive outbound NXDOMAIN replies - possible spoof of domain run by local DNS servers (protocol-dns.rules)
 * 1:13950 <-> DISABLED <-> FILE-JAVA Oracle Java Web Start JNLP attribute buffer overflow attempt (file-java.rules)
 * 1:13951 <-> DISABLED <-> SERVER-WEBAPP Oracle Database Server buffer overflow attempt (server-webapp.rules)
 * 1:13960 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer static text range overflow attempt (browser-ie.rules)
 * 1:13961 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer table layout access violation vulnerability (browser-ie.rules)
 * 1:13963 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer argument validation in print preview handling exploitation attempt (browser-ie.rules)
 * 1:13964 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer span frontier parsing memory corruption (browser-ie.rules)
 * 1:13965 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Message System ActiveX clsid access (browser-plugins.rules)
 * 1:13967 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Message System ActiveX function call access (browser-plugins.rules)
 * 1:13970 <-> DISABLED <-> FILE-OFFICE Microsoft Office eps filters memory corruption attempt (file-office.rules)
 * 1:13971 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint TxMasterStyle10Atom atom numLevels buffer overflow attempt (file-office.rules)
 * 1:13972 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel country record arbitrary code execution attempt (file-office.rules)
 * 1:13981 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel malformed chart arbitrary code execution attempt (file-office.rules)
 * 1:13983 <-> DISABLED <-> FILE-IDENTIFY EPS file download request (file-identify.rules)
 * 1:13987 <-> DISABLED <-> INDICATOR-OBFUSCATION oversized convert statement - possible sql injection obfuscation (indicator-obfuscation.rules)
 * 1:13988 <-> DISABLED <-> INDICATOR-OBFUSCATION large number of calls to ascii function - possible sql injection obfuscation (indicator-obfuscation.rules)
 * 1:13989 <-> DISABLED <-> INDICATOR-OBFUSCATION large number of calls to char function - possible sql injection obfuscation (indicator-obfuscation.rules)
 * 1:14008 <-> DISABLED <-> INDICATOR-OBFUSCATION large number of calls to concat function - possible sql injection obfuscation (indicator-obfuscation.rules)
 * 1:14021 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Visual Studio Msmask32 ActiveX clsid access (browser-plugins.rules)
 * 1:14023 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Visual Studio Msmask32 ActiveX function call access (browser-plugins.rules)
 * 1:14025 <-> DISABLED <-> BROWSER-PLUGINS Computer Associates gui_cm_ctrls ActiveX clsid access (browser-plugins.rules)
 * 1:14027 <-> DISABLED <-> BROWSER-PLUGINS CA DSM gui_cm_ctrls ActiveX function call access (browser-plugins.rules)
 * 1:14029 <-> DISABLED <-> BROWSER-PLUGINS Computer Associates gui_cm_ctrls ActiveX clsid access (browser-plugins.rules)
 * 1:14031 <-> DISABLED <-> BROWSER-PLUGINS Computer Associates gui_cm_ctrls ActiveX function call access (browser-plugins.rules)
 * 1:14037 <-> ENABLED <-> BROWSER-PLUGINS Novell iPrint ActiveX clsid access (browser-plugins.rules)
 * 1:14038 <-> ENABLED <-> BROWSER-PLUGINS Novell iPrint ActiveX function call access (browser-plugins.rules)
 * 1:14039 <-> DISABLED <-> FILE-OTHER GNOME Project libxslt RC4 key string buffer overflow attempt (file-other.rules)
 * 1:14040 <-> DISABLED <-> SERVER-OTHER GNOME Project libxslt RC4 key string buffer overflow attempt (server-other.rules)
 * 1:14041 <-> DISABLED <-> SERVER-OTHER GNOME Project libxslt RC4 key string buffer overflow attempt - 2 (server-other.rules)
 * 1:14042 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer General Property Page ActiveX clsid access (browser-plugins.rules)
 * 1:14044 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer Playback Handler ActiveX function call access (browser-plugins.rules)
 * 1:14046 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer RMP Download Handler ActiveX function call access (browser-plugins.rules)
 * 1:14048 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer RNX Download Handler ActiveX function call access (browser-plugins.rules)
 * 1:14050 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer SMIL Download Handler ActiveX function call access (browser-plugins.rules)
 * 1:14052 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer Stream Handler ActiveX function call access (browser-plugins.rules)
 * 1:14088 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 1 ActiveX clsid access (browser-plugins.rules)
 * 1:14090 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 2 ActiveX clsid access (browser-plugins.rules)
 * 1:14092 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 3 ActiveX clsid access (browser-plugins.rules)
 * 1:14094 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 4 ActiveX clsid access (browser-plugins.rules)
 * 1:14096 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 5 ActiveX clsid access (browser-plugins.rules)
 * 1:14098 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 6 ActiveX clsid access (browser-plugins.rules)
 * 1:14100 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 7 ActiveX clsid access (browser-plugins.rules)
 * 1:14102 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 8 ActiveX clsid access (browser-plugins.rules)
 * 1:14104 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 9 ActiveX clsid access (browser-plugins.rules)
 * 1:14106 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 10 ActiveX clsid access (browser-plugins.rules)
 * 1:14108 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 11 ActiveX clsid access (browser-plugins.rules)
 * 1:14110 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 12 ActiveX clsid access (browser-plugins.rules)
 * 1:14112 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 13 ActiveX clsid access (browser-plugins.rules)
 * 1:14114 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 14 ActiveX clsid access (browser-plugins.rules)
 * 1:14116 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 15 ActiveX clsid access (browser-plugins.rules)
 * 1:14118 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 16 ActiveX clsid access (browser-plugins.rules)
 * 1:14120 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 17 ActiveX clsid access (browser-plugins.rules)
 * 1:14122 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 18 ActiveX clsid access (browser-plugins.rules)
 * 1:14124 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 19 ActiveX clsid access (browser-plugins.rules)
 * 1:14126 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 20 ActiveX clsid access (browser-plugins.rules)
 * 1:14128 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 21 ActiveX clsid access (browser-plugins.rules)
 * 1:14130 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 22 ActiveX clsid access (browser-plugins.rules)
 * 1:14132 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 23 ActiveX clsid access (browser-plugins.rules)
 * 1:14134 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 24 ActiveX clsid access (browser-plugins.rules)
 * 1:14136 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 25 ActiveX clsid access (browser-plugins.rules)
 * 1:14138 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 26 ActiveX clsid access (browser-plugins.rules)
 * 1:14140 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 27 ActiveX clsid access (browser-plugins.rules)
 * 1:14142 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 28 ActiveX clsid access (browser-plugins.rules)
 * 1:14144 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 29 ActiveX clsid access (browser-plugins.rules)
 * 1:14146 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 30 ActiveX clsid access (browser-plugins.rules)
 * 1:14148 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 31 ActiveX clsid access (browser-plugins.rules)
 * 1:14150 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 32 ActiveX clsid access (browser-plugins.rules)
 * 1:14152 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 33 ActiveX clsid access (browser-plugins.rules)
 * 1:14154 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 34 ActiveX clsid access (browser-plugins.rules)
 * 1:14156 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 35 ActiveX clsid access (browser-plugins.rules)
 * 1:14158 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 36 ActiveX clsid access (browser-plugins.rules)
 * 1:14160 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 37 ActiveX clsid access (browser-plugins.rules)
 * 1:14162 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 38 ActiveX clsid access (browser-plugins.rules)
 * 1:14164 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 39 ActiveX clsid access (browser-plugins.rules)
 * 1:14166 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 40 ActiveX clsid access (browser-plugins.rules)
 * 1:14168 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 41 ActiveX clsid access (browser-plugins.rules)
 * 1:14170 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 42 ActiveX clsid access (browser-plugins.rules)
 * 1:14172 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 43 ActiveX clsid access (browser-plugins.rules)
 * 1:14174 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 44 ActiveX clsid access (browser-plugins.rules)
 * 1:14176 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 45 ActiveX clsid access (browser-plugins.rules)
 * 1:14178 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 46 ActiveX clsid access (browser-plugins.rules)
 * 1:14180 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 47 ActiveX clsid access (browser-plugins.rules)
 * 1:14182 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 48 ActiveX clsid access (browser-plugins.rules)
 * 1:14184 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 49 ActiveX clsid access (browser-plugins.rules)
 * 1:14186 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 50 ActiveX clsid access (browser-plugins.rules)
 * 1:14188 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 51 ActiveX clsid access (browser-plugins.rules)
 * 1:14190 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 52 ActiveX clsid access (browser-plugins.rules)
 * 1:14192 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 53 ActiveX clsid access (browser-plugins.rules)
 * 1:14194 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 54 ActiveX clsid access (browser-plugins.rules)
 * 1:14196 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 55 ActiveX clsid access (browser-plugins.rules)
 * 1:14198 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 56 ActiveX clsid access (browser-plugins.rules)
 * 1:14200 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 57 ActiveX clsid access (browser-plugins.rules)
 * 1:14202 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 58 ActiveX clsid access (browser-plugins.rules)
 * 1:14204 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 59 ActiveX clsid access (browser-plugins.rules)
 * 1:14206 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 60 ActiveX clsid access (browser-plugins.rules)
 * 1:14208 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 61 ActiveX clsid access (browser-plugins.rules)
 * 1:14210 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 62 ActiveX clsid access (browser-plugins.rules)
 * 1:14212 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 63 ActiveX clsid access (browser-plugins.rules)
 * 1:14214 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 64 ActiveX clsid access (browser-plugins.rules)
 * 1:14216 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 65 ActiveX clsid access (browser-plugins.rules)
 * 1:14218 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 66 ActiveX clsid access (browser-plugins.rules)
 * 1:14220 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 67 ActiveX clsid access (browser-plugins.rules)
 * 1:14222 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 68 ActiveX clsid access (browser-plugins.rules)
 * 1:14224 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 69 ActiveX clsid access (browser-plugins.rules)
 * 1:14226 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 70 ActiveX clsid access (browser-plugins.rules)
 * 1:14228 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 71 ActiveX clsid access (browser-plugins.rules)
 * 1:14230 <-> DISABLED <-> SERVER-WEBAPP SAP DB web server stack buffer overflow attempt (server-webapp.rules)
 * 1:14231 <-> DISABLED <-> BROWSER-PLUGINS SoftArtisans XFile FileManager ActiveX clsid access (browser-plugins.rules)
 * 1:14233 <-> DISABLED <-> BROWSER-PLUGINS SoftArtisans XFile FileManager ActiveX function call access (browser-plugins.rules)
 * 1:14235 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Media Services CallHTMLHelp ActiveX buffer overflow attempt (browser-plugins.rules)
 * 1:14237 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Media Services ActiveX function call access (browser-plugins.rules)
 * 1:14239 <-> DISABLED <-> BROWSER-PLUGINS Friendly Technologies fwRemoteConfig ActiveX clsid access (browser-plugins.rules)
 * 1:14241 <-> DISABLED <-> BROWSER-PLUGINS Friendly Technologies fwRemoteConfig ActiveX function call access (browser-plugins.rules)
 * 1:14243 <-> DISABLED <-> BROWSER-PLUGINS Najdi.si Toolbar ActiveX clsid access (browser-plugins.rules)
 * 1:14245 <-> DISABLED <-> BROWSER-PLUGINS Najdi.si Toolbar ActiveX function call access (browser-plugins.rules)
 * 1:14247 <-> DISABLED <-> BROWSER-PLUGINS Eyeball MessengerSDK ActiveX clsid access (browser-plugins.rules)
 * 1:14249 <-> DISABLED <-> BROWSER-PLUGINS Eyeball MessengerSDK ActiveX function call access (browser-plugins.rules)
 * 1:14261 <-> DISABLED <-> OS-WINDOWS Microsoft Windows GDI VML gradient size heap overflow attempt (os-windows.rules)
 * 1:14264 <-> DISABLED <-> FILE-IDENTIFY Microsoft Windows Media Player playlist download (file-identify.rules)
 * 1:14266 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Image Acquisition Logger ActiveX clsid access (browser-plugins.rules)
 * 1:14268 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Image Acquisition Logger ActiveX function call access (browser-plugins.rules)
 * 1:14270 <-> DISABLED <-> BROWSER-PLUGINS VieLib2.Vie2Locator ActiveX clsid access (browser-plugins.rules)
 * 1:14272 <-> DISABLED <-> BROWSER-PLUGINS VieLib2.Vie2Locator ActiveX function call access (browser-plugins.rules)
 * 1:14274 <-> DISABLED <-> BROWSER-PLUGINS Vie2Lib.Vie2LinuxVolume ActiveX clsid access (browser-plugins.rules)
 * 1:14276 <-> DISABLED <-> BROWSER-PLUGINS Vie2Lib.Vie2LinuxVolume ActiveX function call access (browser-plugins.rules)
 * 1:14278 <-> DISABLED <-> BROWSER-PLUGINS VieLib2.Vie2Process ActiveX clsid access (browser-plugins.rules)
 * 1:14280 <-> DISABLED <-> BROWSER-PLUGINS VieLib2.Vie2Process ActiveX function call access (browser-plugins.rules)
 * 1:14282 <-> DISABLED <-> BROWSER-PLUGINS IntraProcessLogging.Logger ActiveX clsid access (browser-plugins.rules)
 * 1:14284 <-> DISABLED <-> BROWSER-PLUGINS IntraProcessLogging.Logger ActiveX function call access (browser-plugins.rules)
 * 1:14286 <-> DISABLED <-> BROWSER-PLUGINS VMClientHosts Class ActiveX clsid access (browser-plugins.rules)
 * 1:14288 <-> DISABLED <-> BROWSER-PLUGINS VMClientHosts Class ActiveX function call access (browser-plugins.rules)
 * 1:14290 <-> DISABLED <-> BROWSER-PLUGINS VhdCvtCom.DiskLibCreateParamObj ActiveX clsid access (browser-plugins.rules)
 * 1:14292 <-> DISABLED <-> BROWSER-PLUGINS VhdCvtCom.DiskLibCreateParamObj ActiveX function call access (browser-plugins.rules)
 * 1:14294 <-> DISABLED <-> BROWSER-PLUGINS RemoteDirDlg Class ActiveX clsid access (browser-plugins.rules)
 * 1:14296 <-> DISABLED <-> BROWSER-PLUGINS RemoteDirDlg Class ActiveX function call access (browser-plugins.rules)
 * 1:14298 <-> DISABLED <-> BROWSER-PLUGINS TeamListViewWnd Class ActiveX clsid access (browser-plugins.rules)
 * 1:14300 <-> DISABLED <-> BROWSER-PLUGINS TeamListViewWnd Class ActiveX function call access (browser-plugins.rules)
 * 1:14302 <-> DISABLED <-> BROWSER-PLUGINS VMStatusbarCtl Class ActiveX clsid access (browser-plugins.rules)
 * 1:14304 <-> DISABLED <-> BROWSER-PLUGINS VMStatusbarCtl Class ActiveX function call access (browser-plugins.rules)
 * 1:14306 <-> DISABLED <-> BROWSER-PLUGINS Vmc2vmx.CoVPCConfiguration ActiveX clsid access (browser-plugins.rules)
 * 1:14308 <-> DISABLED <-> BROWSER-PLUGINS Vmc2vmx.CoVPCConfiguration ActiveX function call access (browser-plugins.rules)
 * 1:14310 <-> DISABLED <-> BROWSER-PLUGINS VmdbUpdate Class ActiveX clsid access (browser-plugins.rules)
 * 1:14312 <-> DISABLED <-> BROWSER-PLUGINS VmdbUpdate Class ActiveX function call access (browser-plugins.rules)
 * 1:14314 <-> DISABLED <-> BROWSER-PLUGINS VMWare unspecified 1 ActiveX clsid access (browser-plugins.rules)
 * 1:14316 <-> DISABLED <-> BROWSER-PLUGINS VmdbExecuteError Class ActiveX clsid access (browser-plugins.rules)
 * 1:14318 <-> DISABLED <-> BROWSER-PLUGINS VmdbExecuteError Class ActiveX function call access (browser-plugins.rules)
 * 1:1432 <-> DISABLED <-> PUA-P2P GNUTella client request (pua-p2p.rules)
 * 1:14320 <-> DISABLED <-> BROWSER-PLUGINS VMWare unspecified 2 ActiveX clsid access (browser-plugins.rules)
 * 1:14322 <-> DISABLED <-> BROWSER-PLUGINS reconfig.SysImageUti ActiveX clsid access (browser-plugins.rules)
 * 1:14324 <-> DISABLED <-> BROWSER-PLUGINS reconfig.SysImageUti ActiveX function call access (browser-plugins.rules)
 * 1:14326 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Visual Database Tools Query Designer V7.0 ActiveX clsid access (browser-plugins.rules)
 * 1:14328 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Visual Database Tools Query Designer V7.0 ActiveX function call access (browser-plugins.rules)
 * 1:14330 <-> DISABLED <-> BROWSER-PLUGINS VmdbContext Class ActiveX clsid access (browser-plugins.rules)
 * 1:14332 <-> DISABLED <-> BROWSER-PLUGINS VmdbContext Class ActiveX function call access (browser-plugins.rules)
 * 1:14334 <-> DISABLED <-> BROWSER-PLUGINS VMClientVMs Class ActiveX clsid access (browser-plugins.rules)
 * 1:14336 <-> DISABLED <-> BROWSER-PLUGINS VMClientVMs Class ActiveX function call access (browser-plugins.rules)
 * 1:14338 <-> DISABLED <-> BROWSER-PLUGINS vmappPropObj Class ActiveX clsid access (browser-plugins.rules)
 * 1:14340 <-> DISABLED <-> BROWSER-PLUGINS vmappPropObj Class ActiveX function call access (browser-plugins.rules)
 * 1:14342 <-> DISABLED <-> BROWSER-PLUGINS VMWare unspecified 3 ActiveX clsid access (browser-plugins.rules)
 * 1:14344 <-> DISABLED <-> BROWSER-PLUGINS VMMsg Class ActiveX clsid access (browser-plugins.rules)
 * 1:14346 <-> DISABLED <-> BROWSER-PLUGINS VMMsg Class ActiveX function call access (browser-plugins.rules)
 * 1:14348 <-> DISABLED <-> BROWSER-PLUGINS VMWare unspecified 4 ActiveX clsid access (browser-plugins.rules)
 * 1:14350 <-> DISABLED <-> BROWSER-PLUGINS reconfig.PopulatedDi ActiveX clsid access (browser-plugins.rules)
 * 1:14352 <-> DISABLED <-> BROWSER-PLUGINS reconfig.PopulatedDi ActiveX function call access (browser-plugins.rules)
 * 1:14354 <-> DISABLED <-> BROWSER-PLUGINS Elevated.ElevMgr ActiveX clsid access (browser-plugins.rules)
 * 1:14356 <-> DISABLED <-> BROWSER-PLUGINS Elevated.ElevMgr ActiveX function call access (browser-plugins.rules)
 * 1:14358 <-> DISABLED <-> BROWSER-PLUGINS VMWare unspecified 5 ActiveX clsid access (browser-plugins.rules)
 * 1:14360 <-> DISABLED <-> BROWSER-PLUGINS HardwareCtl Class ActiveX clsid access (browser-plugins.rules)
 * 1:14362 <-> DISABLED <-> BROWSER-PLUGINS HardwareCtl Class ActiveX function call access (browser-plugins.rules)
 * 1:14364 <-> DISABLED <-> BROWSER-PLUGINS VMWare unspecified 6 ActiveX clsid access (browser-plugins.rules)
 * 1:14366 <-> DISABLED <-> BROWSER-PLUGINS VmdbQuery Class ActiveX clsid access (browser-plugins.rules)
 * 1:14368 <-> DISABLED <-> BROWSER-PLUGINS VmdbQuery Class ActiveX function call access (browser-plugins.rules)
 * 1:14370 <-> DISABLED <-> BROWSER-PLUGINS vmappPropObj2 Class ActiveX clsid access (browser-plugins.rules)
 * 1:14372 <-> DISABLED <-> BROWSER-PLUGINS vmappPropObj2 Class ActiveX function call access (browser-plugins.rules)
 * 1:14374 <-> DISABLED <-> BROWSER-PLUGINS VmappPoll Class ActiveX clsid access (browser-plugins.rules)
 * 1:14376 <-> DISABLED <-> BROWSER-PLUGINS VmappPoll Class ActiveX function call access (browser-plugins.rules)
 * 1:14378 <-> DISABLED <-> BROWSER-PLUGINS VMClient Class ActiveX clsid access (browser-plugins.rules)
 * 1:14380 <-> DISABLED <-> BROWSER-PLUGINS VMClient Class ActiveX function call access (browser-plugins.rules)
 * 1:14382 <-> DISABLED <-> BROWSER-PLUGINS Pq2vcom.Pq2v ActiveX clsid access (browser-plugins.rules)
 * 1:14384 <-> DISABLED <-> BROWSER-PLUGINS Pq2vcom.Pq2v ActiveX function call access (browser-plugins.rules)
 * 1:14386 <-> DISABLED <-> BROWSER-PLUGINS VmdbSchema Class ActiveX clsid access (browser-plugins.rules)
 * 1:14388 <-> DISABLED <-> BROWSER-PLUGINS VmdbSchema Class ActiveX function call access (browser-plugins.rules)
 * 1:14394 <-> DISABLED <-> BROWSER-PLUGINS VixCOM.VixLib ActiveX clsid access (browser-plugins.rules)
 * 1:14396 <-> DISABLED <-> BROWSER-PLUGINS VixCOM.VixLib ActiveX function call access (browser-plugins.rules)
 * 1:14398 <-> DISABLED <-> BROWSER-PLUGINS vmappsdk.CuiObj ActiveX clsid access (browser-plugins.rules)
 * 1:14400 <-> DISABLED <-> BROWSER-PLUGINS vmappsdk.CuiObj ActiveX function call access (browser-plugins.rules)
 * 1:14402 <-> DISABLED <-> BROWSER-PLUGINS RemoteBrowseDlg Class ActiveX clsid access (browser-plugins.rules)
 * 1:14404 <-> DISABLED <-> BROWSER-PLUGINS RemoteBrowseDlg Class ActiveX function call access (browser-plugins.rules)
 * 1:14406 <-> DISABLED <-> BROWSER-PLUGINS RegVmsCtl Class ActiveX clsid access (browser-plugins.rules)
 * 1:14408 <-> DISABLED <-> BROWSER-PLUGINS RegVmsCtl Class ActiveX function call access (browser-plugins.rules)
 * 1:14410 <-> DISABLED <-> BROWSER-PLUGINS VmdbEnumTags Class ActiveX clsid access (browser-plugins.rules)
 * 1:14412 <-> DISABLED <-> BROWSER-PLUGINS VmdbEnumTags Class ActiveX function call access (browser-plugins.rules)
 * 1:14414 <-> DISABLED <-> BROWSER-PLUGINS VMWare unspecified 7 ActiveX clsid access (browser-plugins.rules)
 * 1:14420 <-> DISABLED <-> BROWSER-PLUGINS VmdbDatabase Class ActiveX clsid access (browser-plugins.rules)
 * 1:14422 <-> DISABLED <-> BROWSER-PLUGINS VmdbDatabase Class ActiveX function call access (browser-plugins.rules)
 * 1:14424 <-> DISABLED <-> BROWSER-PLUGINS VMAppSdkUtil Class ActiveX clsid access (browser-plugins.rules)
 * 1:14426 <-> DISABLED <-> BROWSER-PLUGINS VMAppSdkUtil Class ActiveX function call access (browser-plugins.rules)
 * 1:14428 <-> DISABLED <-> BROWSER-PLUGINS VMWare unspecified 8 ActiveX clsid access (browser-plugins.rules)
 * 1:14430 <-> DISABLED <-> BROWSER-PLUGINS VMEnumStrings Class ActiveX clsid access (browser-plugins.rules)
 * 1:14432 <-> DISABLED <-> BROWSER-PLUGINS VMEnumStrings Class ActiveX function call access (browser-plugins.rules)
 * 1:14434 <-> DISABLED <-> BROWSER-PLUGINS VMWare unspecified 9 ActiveX clsid access (browser-plugins.rules)
 * 1:14436 <-> DISABLED <-> BROWSER-PLUGINS VMClientHost Class ActiveX clsid access (browser-plugins.rules)
 * 1:14438 <-> DISABLED <-> BROWSER-PLUGINS VMClientHost Class ActiveX function call access (browser-plugins.rules)
 * 1:14440 <-> DISABLED <-> BROWSER-PLUGINS VMWare unspecified 10 ActiveX clsid access (browser-plugins.rules)
 * 1:14442 <-> DISABLED <-> BROWSER-PLUGINS VMWare unspecified 11 ActiveX clsid access (browser-plugins.rules)
 * 1:14444 <-> DISABLED <-> BROWSER-PLUGINS VMWare unspecified 12 ActiveX clsid access (browser-plugins.rules)
 * 1:14446 <-> DISABLED <-> BROWSER-PLUGINS VMWare unspecified 13 ActiveX clsid access (browser-plugins.rules)
 * 1:14448 <-> DISABLED <-> BROWSER-PLUGINS reconfig.SystemReconfigur ActiveX clsid access (browser-plugins.rules)
 * 1:14450 <-> DISABLED <-> BROWSER-PLUGINS reconfig.SystemReconfigur ActiveX function call access (browser-plugins.rules)
 * 1:14452 <-> DISABLED <-> BROWSER-PLUGINS vmhwcfg.NwzCompleted ActiveX clsid access (browser-plugins.rules)
 * 1:14454 <-> DISABLED <-> BROWSER-PLUGINS vmhwcfg.NwzCompleted ActiveX function call access (browser-plugins.rules)
 * 1:14456 <-> DISABLED <-> BROWSER-PLUGINS MksCompatCtl Class ActiveX clsid access (browser-plugins.rules)
 * 1:14458 <-> DISABLED <-> BROWSER-PLUGINS MksCompatCtl Class ActiveX function call access (browser-plugins.rules)
 * 1:14460 <-> DISABLED <-> BROWSER-PLUGINS VMWare unspecified 14 ActiveX clsid access (browser-plugins.rules)
 * 1:14466 <-> DISABLED <-> BROWSER-PLUGINS VMWare unspecified 15 ActiveX clsid access (browser-plugins.rules)
 * 1:14468 <-> DISABLED <-> BROWSER-PLUGINS Elevated.HostDeviceInfos ActiveX clsid access (browser-plugins.rules)
 * 1:14470 <-> DISABLED <-> BROWSER-PLUGINS Elevated.HostDeviceInfos ActiveX function call access (browser-plugins.rules)
 * 1:14472 <-> DISABLED <-> BROWSER-PLUGINS VMWare unspecified 16 ActiveX clsid access (browser-plugins.rules)
 * 1:14474 <-> DISABLED <-> BROWSER-PLUGINS VMWare unspecified 17 ActiveX clsid access (browser-plugins.rules)
 * 1:14476 <-> DISABLED <-> BROWSER-PLUGINS reconfig.GuestInfo ActiveX clsid access (browser-plugins.rules)
 * 1:14478 <-> DISABLED <-> BROWSER-PLUGINS reconfig.GuestInfo ActiveX function call access (browser-plugins.rules)
 * 1:14480 <-> DISABLED <-> BROWSER-PLUGINS VmappPropFrame Class ActiveX clsid access (browser-plugins.rules)
 * 1:14482 <-> DISABLED <-> BROWSER-PLUGINS VmappPropFrame Class ActiveX function call access (browser-plugins.rules)
 * 1:14484 <-> DISABLED <-> BROWSER-PLUGINS VhdCvtCom.VhdConverter ActiveX clsid access (browser-plugins.rules)
 * 1:14486 <-> DISABLED <-> BROWSER-PLUGINS VhdCvtCom.VhdConverter ActiveX function call access (browser-plugins.rules)
 * 1:14488 <-> DISABLED <-> BROWSER-PLUGINS VMSwitchCtl Class ActiveX clsid access (browser-plugins.rules)
 * 1:14490 <-> DISABLED <-> BROWSER-PLUGINS VMSwitchCtl Class ActiveX function call access (browser-plugins.rules)
 * 1:14492 <-> DISABLED <-> BROWSER-PLUGINS VMWare unspecified 18 ActiveX clsid access (browser-plugins.rules)
 * 1:14494 <-> DISABLED <-> BROWSER-PLUGINS VmdbUtil Class ActiveX clsid access (browser-plugins.rules)
 * 1:14496 <-> DISABLED <-> BROWSER-PLUGINS VmdbUtil Class ActiveX function call access (browser-plugins.rules)
 * 1:14498 <-> DISABLED <-> BROWSER-PLUGINS VMWare unspecified 19 ActiveX clsid access (browser-plugins.rules)
 * 1:14500 <-> DISABLED <-> BROWSER-PLUGINS VMwareVpcCvt.VpcC ActiveX clsid access (browser-plugins.rules)
 * 1:14502 <-> DISABLED <-> BROWSER-PLUGINS VMwareVpcCvt.VpcC ActiveX function call access (browser-plugins.rules)
 * 1:14504 <-> DISABLED <-> BROWSER-PLUGINS VmdbCnxUtil Class ActiveX clsid access (browser-plugins.rules)
 * 1:14506 <-> DISABLED <-> BROWSER-PLUGINS VmdbCnxUtil Class ActiveX function call access (browser-plugins.rules)
 * 1:14508 <-> DISABLED <-> BROWSER-PLUGINS Vmc2vmx.CoVPCDrive ActiveX clsid access (browser-plugins.rules)
 * 1:14510 <-> DISABLED <-> BROWSER-PLUGINS Vmc2vmx.CoVPCDrive ActiveX function call access (browser-plugins.rules)
 * 1:14512 <-> DISABLED <-> BROWSER-PLUGINS VMWare unspecified 20 ActiveX clsid access (browser-plugins.rules)
 * 1:14514 <-> DISABLED <-> BROWSER-PLUGINS VMClientVM Class ActiveX clsid access (browser-plugins.rules)
 * 1:14516 <-> DISABLED <-> BROWSER-PLUGINS VMClientVM Class ActiveX function call access (browser-plugins.rules)
 * 1:14518 <-> DISABLED <-> BROWSER-PLUGINS VMWare unspecified 21 ActiveX clsid access (browser-plugins.rules)
 * 1:14520 <-> DISABLED <-> BROWSER-PLUGINS Elevated.VMXCreator ActiveX clsid access (browser-plugins.rules)
 * 1:14522 <-> DISABLED <-> BROWSER-PLUGINS Elevated.VMXCreator ActiveX function call access (browser-plugins.rules)
 * 1:14524 <-> DISABLED <-> BROWSER-PLUGINS VMWare unspecified 22 ActiveX clsid access (browser-plugins.rules)
 * 1:14526 <-> DISABLED <-> BROWSER-PLUGINS HotfixWz Class ActiveX clsid access (browser-plugins.rules)
 * 1:14528 <-> DISABLED <-> BROWSER-PLUGINS HotfixWz Class ActiveX function call access (browser-plugins.rules)
 * 1:14530 <-> DISABLED <-> BROWSER-PLUGINS VmdbUpdates Class ActiveX clsid access (browser-plugins.rules)
 * 1:14532 <-> DISABLED <-> BROWSER-PLUGINS VmdbUpdates Class ActiveX function call access (browser-plugins.rules)
 * 1:14534 <-> DISABLED <-> BROWSER-PLUGINS VMListCtl Class ActiveX clsid access (browser-plugins.rules)
 * 1:14536 <-> DISABLED <-> BROWSER-PLUGINS VMListCtl Class ActiveX function call access (browser-plugins.rules)
 * 1:14538 <-> DISABLED <-> BROWSER-PLUGINS CheckedListViewWnd Class ActiveX clsid access (browser-plugins.rules)
 * 1:14540 <-> DISABLED <-> BROWSER-PLUGINS CheckedListViewWnd Class ActiveX function call access (browser-plugins.rules)
 * 1:14542 <-> DISABLED <-> BROWSER-PLUGINS VMWare unspecified 23 ActiveX clsid access (browser-plugins.rules)
 * 1:14544 <-> DISABLED <-> BROWSER-PLUGINS VmdbTreeCtl Class ActiveX clsid access (browser-plugins.rules)
 * 1:14546 <-> DISABLED <-> BROWSER-PLUGINS VmdbTreeCtl Class ActiveX function call access (browser-plugins.rules)
 * 1:14548 <-> DISABLED <-> BROWSER-PLUGINS Nwz Class ActiveX clsid access (browser-plugins.rules)
 * 1:14550 <-> DISABLED <-> BROWSER-PLUGINS Nwz Class ActiveX function call access (browser-plugins.rules)
 * 1:14552 <-> DISABLED <-> BROWSER-PLUGINS Vmc2vmx.CoVPCDrives ActiveX clsid access (browser-plugins.rules)
 * 1:14554 <-> DISABLED <-> BROWSER-PLUGINS Vmc2vmx.CoVPCDrives ActiveX function call access (browser-plugins.rules)
 * 1:14556 <-> DISABLED <-> BROWSER-PLUGINS MksCtl Class ActiveX clsid access (browser-plugins.rules)
 * 1:14558 <-> DISABLED <-> BROWSER-PLUGINS MksCtl Class ActiveX function call access (browser-plugins.rules)
 * 1:14560 <-> DISABLED <-> BROWSER-PLUGINS VmappPropPath Class ActiveX clsid access (browser-plugins.rules)
 * 1:14562 <-> DISABLED <-> BROWSER-PLUGINS VmappPropPath Class ActiveX function call access (browser-plugins.rules)
 * 1:14564 <-> DISABLED <-> BROWSER-PLUGINS VMWare unspecified 24 ActiveX clsid access (browser-plugins.rules)
 * 1:14566 <-> DISABLED <-> BROWSER-PLUGINS PolicyCtl Class ActiveX clsid access (browser-plugins.rules)
 * 1:14568 <-> DISABLED <-> BROWSER-PLUGINS PolicyCtl Class ActiveX function call access (browser-plugins.rules)
 * 1:14570 <-> DISABLED <-> BROWSER-PLUGINS VmdbParseError Class ActiveX clsid access (browser-plugins.rules)
 * 1:14572 <-> DISABLED <-> BROWSER-PLUGINS VmdbParseError Class ActiveX function call access (browser-plugins.rules)
 * 1:14574 <-> DISABLED <-> BROWSER-PLUGINS NavigationCtl Class ActiveX clsid access (browser-plugins.rules)
 * 1:14576 <-> DISABLED <-> BROWSER-PLUGINS NavigationCtl Class ActiveX function call access (browser-plugins.rules)
 * 1:14578 <-> DISABLED <-> BROWSER-PLUGINS VMList Class ActiveX clsid access (browser-plugins.rules)
 * 1:14580 <-> DISABLED <-> BROWSER-PLUGINS VMList Class ActiveX function call access (browser-plugins.rules)
 * 1:14582 <-> DISABLED <-> BROWSER-PLUGINS VMWare unspecified 25 ActiveX clsid access (browser-plugins.rules)
 * 1:14584 <-> DISABLED <-> BROWSER-PLUGINS VMWare unspecified 26 ActiveX clsid access (browser-plugins.rules)
 * 1:14586 <-> DISABLED <-> BROWSER-PLUGINS CurrentVMCtl Class ActiveX clsid access (browser-plugins.rules)
 * 1:14588 <-> DISABLED <-> BROWSER-PLUGINS CurrentVMCtl Class ActiveX function call access (browser-plugins.rules)
 * 1:14590 <-> DISABLED <-> BROWSER-PLUGINS VhdCvtCom.DiskLibHelper ActiveX clsid access (browser-plugins.rules)
 * 1:14592 <-> DISABLED <-> BROWSER-PLUGINS VhdCvtCom.DiskLibHelper ActiveX function call access (browser-plugins.rules)
 * 1:14594 <-> DISABLED <-> BROWSER-PLUGINS Peachtree Accounting 2004 ActiveX clsid access (browser-plugins.rules)
 * 1:14596 <-> DISABLED <-> BROWSER-PLUGINS ComponentOne VSFlexGrid ActiveX clsid access (browser-plugins.rules)
 * 1:14598 <-> DISABLED <-> BROWSER-PLUGINS ComponentOne VSFlexGrid ActiveX function call access (browser-plugins.rules)
 * 1:14603 <-> DISABLED <-> BROWSER-PLUGINS Data Dynamics ActiveReport ARViewer2 ActiveX clsid access (browser-plugins.rules)
 * 1:14605 <-> DISABLED <-> BROWSER-PLUGINS Data Dynamics ActiveReport ARViewer2 ActiveX function call access (browser-plugins.rules)
 * 1:14607 <-> DISABLED <-> SERVER-OTHER CA Brightstor SUN RPC malformed string buffer overflow attempt (server-other.rules)
 * 1:14610 <-> DISABLED <-> SERVER-WEBAPP Joomla invalid token administrative password reset attempt (server-webapp.rules)
 * 1:14611 <-> DISABLED <-> BROWSER-PLUGINS VMWare VMCtl Class ActiveX clsid access (browser-plugins.rules)
 * 1:14613 <-> DISABLED <-> BROWSER-PLUGINS VMWare VMCtl Class ActiveX function call access (browser-plugins.rules)
 * 1:14615 <-> DISABLED <-> SERVER-OTHER Oracle Java web console format string attempt (server-other.rules)
 * 1:14631 <-> DISABLED <-> BROWSER-PLUGINS Husdawg System Requirements Lab Control ActiveX clsid access (browser-plugins.rules)
 * 1:14633 <-> DISABLED <-> BROWSER-PLUGINS PhotoStockPlus ActiveX clsid access (browser-plugins.rules)
 * 1:14635 <-> DISABLED <-> BROWSER-PLUGINS Microsoft RSClientPrint ActiveX clsid access (browser-plugins.rules)
 * 1:14637 <-> DISABLED <-> BROWSER-PLUGINS Microsoft PicturePusher ActiveX clsid access (browser-plugins.rules)
 * 1:14639 <-> DISABLED <-> BROWSER-PLUGINS Microsoft PicturePusher ActiveX function call access (browser-plugins.rules)
 * 1:1464 <-> DISABLED <-> INDICATOR-COMPROMISE oracle one hour install (indicator-compromise.rules)
 * 1:14641 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel invalid FRTWrapper record buffer overflow attempt (file-office.rules)
 * 1:14643 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer location and location.href cross domain security bypass vulnerability (browser-ie.rules)
 * 1:14645 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer cross domain setExpression exploit attempt (browser-ie.rules)
 * 1:14647 <-> DISABLED <-> OS-WINDOWS SMB Search Search filename size integer underflow attempt (os-windows.rules)
 * 1:14648 <-> DISABLED <-> OS-WINDOWS SMB Search unicode Search filename size integer underflow attempt (os-windows.rules)
 * 1:14649 <-> DISABLED <-> OS-WINDOWS SMB Search Search filename size integer underflow attempt (os-windows.rules)
 * 1:14650 <-> DISABLED <-> OS-WINDOWS SMB Search unicode Search filename size integer underflow attempt (os-windows.rules)
 * 1:14651 <-> DISABLED <-> OS-WINDOWS SMB Search andx Search filename size integer underflow attempt (os-windows.rules)
 * 1:14652 <-> DISABLED <-> OS-WINDOWS SMB Search unicode andx Search filename size integer underflow attempt (os-windows.rules)
 * 1:14656 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer XSS mouseevent PII disclosure attempt (browser-ie.rules)
 * 1:14657 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer cross domain componentFromPoint memory corruption attempt (browser-ie.rules)
 * 1:14725 <-> DISABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP mqqm QMGetRemoteQueueName overflow attempt (os-windows.rules)
 * 1:14726 <-> DISABLED <-> OS-WINDOWS DCERPC NCADG-IP-UDP mqqm QMGetRemoteQueueName overflow attempt (os-windows.rules)
 * 1:14737 <-> DISABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP host-integration bind attempt (os-windows.rules)
 * 1:14741 <-> DISABLED <-> SERVER-OTHER Symantec Veritas Foundation Service NULL service authentication attempt (server-other.rules)
 * 1:14744 <-> DISABLED <-> BROWSER-PLUGINS Hummingbird HostExplorer ActiveX clsid access (browser-plugins.rules)
 * 1:14746 <-> DISABLED <-> BROWSER-PLUGINS Autodesk DWF Viewer ActiveX clsid access (browser-plugins.rules)
 * 1:14748 <-> DISABLED <-> BROWSER-PLUGINS Autodesk LiveUpdate ActiveX clsid access (browser-plugins.rules)
 * 1:14750 <-> DISABLED <-> BROWSER-PLUGINS Autodesk LiveUpdate ActiveX function call access (browser-plugins.rules)
 * 1:14752 <-> DISABLED <-> BROWSER-PLUGINS Novell ZENworks Desktop Management ActiveX clsid access (browser-plugins.rules)
 * 1:14754 <-> DISABLED <-> BROWSER-PLUGINS Novell ZENworks Desktop Management ActiveX function call access (browser-plugins.rules)
 * 1:14756 <-> DISABLED <-> BROWSER-PLUGINS Microsoft SQL Server 2000 Client Components ActiveX clsid access (browser-plugins.rules)
 * 1:14758 <-> DISABLED <-> BROWSER-PLUGINS Microsoft SQL Server 2000 Client Components ActiveX function call access (browser-plugins.rules)
 * 1:14764 <-> DISABLED <-> BROWSER-PLUGINS Macrovision InstallShield Update Service Agent ActiveX clsid access attempt (browser-plugins.rules)
 * 1:14765 <-> DISABLED <-> BROWSER-PLUGINS Macrovision InstallShield Update Service Agent ActiveX function call (browser-plugins.rules)
 * 1:14768 <-> DISABLED <-> SERVER-OTHER Symantec Veritas Storage Scheduler Service NULL Session auth bypass attempt (server-other.rules)
 * 1:14769 <-> ENABLED <-> SERVER-OTHER DATAC RealWin SCADA System buffer overflow attempt (server-other.rules)
 * 1:14770 <-> DISABLED <-> PROTOCOL-FTP Ipswitch WS_FTP client format string attempt (protocol-ftp.rules)
 * 1:14773 <-> DISABLED <-> SERVER-OTHER CA ARCserve LGServer handshake buffer overflow attempt (server-other.rules)
 * 1:14778 <-> DISABLED <-> BROWSER-PLUGINS Dart Communications PowerTCP FTP ActiveX clsid access (browser-plugins.rules)
 * 1:14780 <-> DISABLED <-> BROWSER-PLUGINS Dart Communications PowerTCP FTP ActiveX function call access (browser-plugins.rules)
 * 1:14782 <-> ENABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP srvsvc NetrpPathCanonicalize path canonicalization stack overflow attempt (os-windows.rules)
 * 1:14783 <-> DISABLED <-> OS-WINDOWS DCERPC NCADG-IP-UDP srvsvc NetrpPathCanonicalize path canonicalization stack overflow attempt (os-windows.rules)
 * 1:14896 <-> DISABLED <-> OS-WINDOWS SMB v4 srvsvc NetrpPathCononicalize unicode path cononicalization stack overflow attempt (os-windows.rules)
 * 1:14897 <-> DISABLED <-> BROWSER-PLUGINS HP Software Update RulesEngine.dll ActiveX function call access (browser-plugins.rules)
 * 1:14900 <-> DISABLED <-> NETBIOS DCERPC NCACN-IP-TCP netdfs NetrDfsEnum overflow attempt (netbios.rules)
 * 1:14986 <-> DISABLED <-> INDICATOR-SHELLCODE x86 fldz get eip shellcode (indicator-shellcode.rules)
 * 1:14988 <-> DISABLED <-> NETBIOS DCERPC NCADG-IP-UDP netdfs NetrDfsEnum overflow attempt (netbios.rules)
 * 1:14989 <-> DISABLED <-> SERVER-WEBAPP Novell eDirectory SOAP Accept Language header overflow attempt (server-webapp.rules)
 * 1:14992 <-> DISABLED <-> SERVER-WEBAPP Openwsman HTTP basic authentication buffer overflow attempt (server-webapp.rules)
 * 1:14993 <-> DISABLED <-> BROWSER-PLUGINS Visagesoft eXPert PDF Viewer ActiveX clsid access (browser-plugins.rules)
 * 1:14995 <-> DISABLED <-> BROWSER-PLUGINS Visagesoft eXPert PDF Viewer ActiveX function call access (browser-plugins.rules)
 * 1:14997 <-> DISABLED <-> BROWSER-PLUGINS DjVu MSOffice Converter ActiveX clsid access (browser-plugins.rules)
 * 1:14999 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Debug Diagnostic Tool ActiveX clsid access (browser-plugins.rules)
 * 1:15001 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Debug Diagnostic Tool ActiveX function call access (browser-plugins.rules)
 * 1:15003 <-> DISABLED <-> BROWSER-PLUGINS Chilkat Crypt 2 ActiveX clsid access (browser-plugins.rules)
 * 1:15005 <-> DISABLED <-> BROWSER-PLUGINS Chilkat Crypt 2 ActiveX function call access (browser-plugins.rules)
 * 1:15007 <-> DISABLED <-> BROWSER-PLUGINS NOS Microsystems / Adobe getPlus Download Manager ActiveX clsid access (browser-plugins.rules)
 * 1:15014 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader util.printf buffer overflow attempt (file-pdf.rules)
 * 1:15015 <-> DISABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP wkssvc NetrUseAdd/NetrUseGetInfo/NetrUseDel overflow attempt (os-windows.rules)
 * 1:15069 <-> DISABLED <-> BROWSER-PLUGINS SAP AG SAPgui mdrmsap ActiveX clsid access (browser-plugins.rules)
 * 1:15079 <-> DISABLED <-> FILE-IDENTIFY WAV file download request (file-identify.rules)
 * 1:15080 <-> DISABLED <-> FILE-MULTIMEDIA VideoLAN VLC Media Player WAV processing integer overflow attempt (file-multimedia.rules)
 * 1:15081 <-> DISABLED <-> FILE-JAVA Oracle Java Web Start xml encoding buffer overflow attempt (file-java.rules)
 * 1:15082 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word rtf malformed dpcallout buffer overflow attempt (file-office.rules)
 * 1:15083 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word .rtf file double free attempt (file-office.rules)
 * 1:15084 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Common Controls Animation Object ActiveX clsid access (browser-plugins.rules)
 * 1:15086 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Common Controls Animation Object ActiveX function call access (browser-plugins.rules)
 * 1:15088 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Visual Basic Charts ActiveX clsid access (browser-plugins.rules)
 * 1:15090 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Visual Basic Charts ActiveX function call access (browser-plugins.rules)
 * 1:15092 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Visual Basic DataGrid ActiveX clsid access (browser-plugins.rules)
 * 1:15094 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Visual Basic DataGrid ActiveX function call access (browser-plugins.rules)
 * 1:15096 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Visual Basic FlexGrid ActiveX clsid access (browser-plugins.rules)
 * 1:15098 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Visual Basic FlexGrid ActiveX function call access (browser-plugins.rules)
 * 1:15100 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Visual Basic Hierarchical FlexGrid ActiveX clsid access (browser-plugins.rules)
 * 1:15102 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Visual Basic Hierarchical FlexGrid ActiveX function call access (browser-plugins.rules)
 * 1:16196 <-> DISABLED <-> SERVER-OTHER Symantec Backup Exec System Recovery Manager unauthorized file upload attempt (server-other.rules)
 * 1:15104 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows Visual Basic 6.0 malformed AVI buffer overflow attempt (file-multimedia.rules)
 * 1:15105 <-> DISABLED <-> FILE-IMAGE Microsoft GDI WMF file parsing integer overflow attempt (file-image.rules)
 * 1:15106 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word .rtf file integer overflow attempt (file-office.rules)
 * 1:15107 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word .rtf file stylesheet buffer overflow attempt (file-office.rules)
 * 1:15108 <-> DISABLED <-> SERVER-WEBAPP Microsoft Office SharePoint Server elevation of privilege exploit attempt (server-webapp.rules)
 * 1:15109 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Shell.Explorer 1 ActiveX clsid access (browser-plugins.rules)
 * 1:15112 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Shell.Explorer 2 ActiveX function call access (browser-plugins.rules)
 * 1:15114 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer embed src buffer overflow attempt (browser-ie.rules)
 * 1:15116 <-> DISABLED <-> OS-WINDOWS Microsoft Windows search protocol remote command injection attempt (os-windows.rules)
 * 1:15122 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Shell.Explorer 2 ActiveX clsid access (browser-plugins.rules)
 * 1:15126 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer nested tag memory corruption attempt (browser-ie.rules)
 * 1:15127 <-> DISABLED <-> OS-WINDOWS SMB sp_replwritetovarbin vulnerable function WriteAndX andx attempt (os-windows.rules)
 * 1:15128 <-> DISABLED <-> OS-WINDOWS SMB sp_replwritetovarbin vulnerable function WriteAndX attempt (os-windows.rules)
 * 1:15129 <-> DISABLED <-> OS-WINDOWS SMB sp_replwritetovarbin vulnerable function WriteAndX unicode andx attempt (os-windows.rules)
 * 1:15130 <-> DISABLED <-> OS-WINDOWS SMB sp_replwritetovarbin vulnerable function WriteAndX unicode attempt (os-windows.rules)
 * 1:15131 <-> DISABLED <-> OS-WINDOWS SMB sp_replwritetovarbin vulnerable function andx attempt (os-windows.rules)
 * 1:15132 <-> DISABLED <-> OS-WINDOWS SMB sp_replwritetovarbin vulnerable function attempt (os-windows.rules)
 * 1:15133 <-> DISABLED <-> OS-WINDOWS SMB sp_replwritetovarbin vulnerable function unicode andx attempt (os-windows.rules)
 * 1:15134 <-> DISABLED <-> OS-WINDOWS SMB sp_replwritetovarbin vulnerable function unicode attempt (os-windows.rules)
 * 1:15135 <-> DISABLED <-> OS-WINDOWS SMB sp_replwritetovarbin vulnerable function WriteAndX andx attempt (os-windows.rules)
 * 1:15136 <-> DISABLED <-> OS-WINDOWS SMB sp_replwritetovarbin vulnerable function WriteAndX attempt (os-windows.rules)
 * 1:15137 <-> DISABLED <-> OS-WINDOWS SMB sp_replwritetovarbin vulnerable function WriteAndX unicode andx attempt (os-windows.rules)
 * 1:15138 <-> DISABLED <-> OS-WINDOWS SMB sp_replwritetovarbin vulnerable function WriteAndX unicode attempt (os-windows.rules)
 * 1:15139 <-> DISABLED <-> OS-WINDOWS SMB sp_replwritetovarbin vulnerable function andx attempt (os-windows.rules)
 * 1:15140 <-> DISABLED <-> OS-WINDOWS SMB sp_replwritetovarbin vulnerable function attempt (os-windows.rules)
 * 1:15141 <-> DISABLED <-> OS-WINDOWS SMB sp_replwritetovarbin vulnerable function unicode andx attempt (os-windows.rules)
 * 1:15142 <-> DISABLED <-> OS-WINDOWS SMB sp_replwritetovarbin vulnerable function unicode attempt (os-windows.rules)
 * 1:15143 <-> DISABLED <-> SERVER-MSSQL sp_replwritetovarbin unicode vulnerable function attempt (server-mssql.rules)
 * 1:15144 <-> DISABLED <-> SERVER-MSSQL sp_replwritetovarbin vulnerable function attempt (server-mssql.rules)
 * 1:15145 <-> DISABLED <-> SERVER-OTHER Apple CUPS TrueColor PNG filter overly large image height integer overflow attempt (server-other.rules)
 * 1:15146 <-> DISABLED <-> SERVER-OTHER Apple CUPS RGB+Alpha PNG filter overly large image height integer overflow attempt (server-other.rules)
 * 1:15147 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer malformed iframe buffer overflow attempt (browser-ie.rules)
 * 1:15150 <-> DISABLED <-> PUA-OTHER Jive Software Openfire Jabber Server login Authentication bypass attempt (pua-other.rules)
 * 1:15151 <-> DISABLED <-> PUA-OTHER Jive Software Openfire Jabber Server logout Authentication bypass attempt (pua-other.rules)
 * 1:15152 <-> DISABLED <-> PUA-OTHER Jive Software Openfire Jabber Server setup-index Authentication bypass attempt (pua-other.rules)
 * 1:15153 <-> DISABLED <-> PUA-OTHER Jive Software Openfire Jabber Server setup Authentication bypass attempt (pua-other.rules)
 * 1:15154 <-> DISABLED <-> PUA-OTHER Jive Software Openfire Jabber Server gif Authentication bypass attempt (pua-other.rules)
 * 1:15155 <-> DISABLED <-> PUA-OTHER Jive Software Openfire Jabber Server png Authentication bypass attempt (pua-other.rules)
 * 1:15156 <-> DISABLED <-> PUA-OTHER Jive Software Openfire Jabber Server serverdown Authentication bypass attempt (pua-other.rules)
 * 1:15157 <-> DISABLED <-> FILE-MULTIMEDIA VideoLAN VLC Media Player XSPF memory corruption attempt (file-multimedia.rules)
 * 1:15158 <-> DISABLED <-> FILE-IDENTIFY XML Shareable Playlist Format file download request (file-identify.rules)
 * 1:15159 <-> DISABLED <-> BROWSER-PLUGINS Evans FTP ActiveX clsid access (browser-plugins.rules)
 * 1:15161 <-> DISABLED <-> BROWSER-PLUGINS Evans FTP ActiveX function call access (browser-plugins.rules)
 * 1:15163 <-> DISABLED <-> FILE-OFFICE Microsoft Office Visio Object Header Buffer Overflow attempt (file-office.rules)
 * 1:15164 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Products SVG Layout Engine Index Parameter memory corruption attempt (browser-firefox.rules)
 * 1:15166 <-> DISABLED <-> FILE-MULTIMEDIA VideoLAN VLC Media Player RealText buffer overflow attempt (file-multimedia.rules)
 * 1:15167 <-> DISABLED <-> INDICATOR-COMPROMISE Suspicious .cn dns query (indicator-compromise.rules)
 * 1:15168 <-> DISABLED <-> INDICATOR-COMPROMISE Suspicious .ru dns query (indicator-compromise.rules)
 * 1:15169 <-> DISABLED <-> POLICY-SOCIAL XBOX Live Kerberos authentication request (policy-social.rules)
 * 1:15170 <-> DISABLED <-> POLICY-SOCIAL XBOX Netflix client activity (policy-social.rules)
 * 1:15171 <-> DISABLED <-> POLICY-SOCIAL XBOX Marketplace http request (policy-social.rules)
 * 1:15172 <-> DISABLED <-> POLICY-SOCIAL XBOX avatar retrieval request (policy-social.rules)
 * 1:15173 <-> DISABLED <-> BROWSER-PLUGINS Phoenician Casino ActiveX clsid access (browser-plugins.rules)
 * 1:15175 <-> DISABLED <-> BROWSER-PLUGINS Phoenician Casino ActiveX function call access (browser-plugins.rules)
 * 1:15177 <-> DISABLED <-> BROWSER-PLUGINS Trend Micro HouseCall ActiveX clsid access (browser-plugins.rules)
 * 1:15179 <-> DISABLED <-> BROWSER-PLUGINS Trend Micro HouseCall ActiveX function call access (browser-plugins.rules)
 * 1:15181 <-> DISABLED <-> BROWSER-PLUGINS SaschArt SasCam Webcam Server ActiveX clsid access (browser-plugins.rules)
 * 1:15183 <-> DISABLED <-> POLICY-SOCIAL Yahoo messenger http link transmission attempt (policy-social.rules)
 * 1:15184 <-> DISABLED <-> POLICY-SOCIAL Microsoft MSN messenger http link transmission attempt (policy-social.rules)
 * 1:15186 <-> DISABLED <-> SERVER-OTHER Multiple vendors CUPS HPGL filter remote code execution attempt (server-other.rules)
 * 1:15188 <-> DISABLED <-> SERVER-OTHER Multiple vendors CUPS HPGL filter remote code execution attempt (server-other.rules)
 * 1:15190 <-> DISABLED <-> SERVER-WEBAPP Youngzsoft CCProxy CONNECT Request buffer overflow attempt (server-webapp.rules)
 * 1:15191 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox animated PNG processing integer overflow (browser-firefox.rules)
 * 1:15192 <-> DISABLED <-> BROWSER-PLUGINS SizerOne ActiveX clsid access (browser-plugins.rules)
 * 1:15194 <-> DISABLED <-> BROWSER-PLUGINS SizerOne ActiveX function call access (browser-plugins.rules)
 * 1:15196 <-> DISABLED <-> OS-WINDOWS SMB NT Trans NT CREATE unicode param_count underflow attempt (os-windows.rules)
 * 1:15197 <-> DISABLED <-> OS-WINDOWS SMB NT Trans NT CREATE param_count underflow attempt (os-windows.rules)
 * 1:15198 <-> DISABLED <-> OS-WINDOWS SMB NT Trans NT CREATE unicode param_count underflow attempt (os-windows.rules)
 * 1:15199 <-> DISABLED <-> OS-WINDOWS SMB NT Trans NT CREATE param_count underflow attempt (os-windows.rules)
 * 1:15200 <-> DISABLED <-> OS-WINDOWS SMB NT Trans NT CREATE unicode andx param_count underflow attempt (os-windows.rules)
 * 1:15201 <-> DISABLED <-> OS-WINDOWS SMB NT Trans NT CREATE andx param_count underflow attempt (os-windows.rules)
 * 1:15202 <-> DISABLED <-> OS-WINDOWS SMB NT Trans NT CREATE unicode andx param_count underflow attempt (os-windows.rules)
 * 1:15203 <-> DISABLED <-> OS-WINDOWS SMB NT Trans NT CREATE andx param_count underflow attempt (os-windows.rules)
 * 1:15204 <-> DISABLED <-> OS-WINDOWS SMB NT Trans NT CREATE unicode max_param_count underflow attempt (os-windows.rules)
 * 1:15205 <-> DISABLED <-> OS-WINDOWS SMB NT Trans NT CREATE unicode max_param_count underflow attempt (os-windows.rules)
 * 1:15206 <-> DISABLED <-> OS-WINDOWS SMB NT Trans NT CREATE max_param_count underflow attempt (os-windows.rules)
 * 1:15207 <-> DISABLED <-> OS-WINDOWS SMB NT Trans NT CREATE max_param_count underflow attempt (os-windows.rules)
 * 1:15208 <-> DISABLED <-> OS-WINDOWS SMB NT Trans NT CREATE unicode andx max_param_count underflow attempt (os-windows.rules)
 * 1:15209 <-> DISABLED <-> OS-WINDOWS SMB NT Trans NT CREATE unicode andx max_param_count underflow attempt (os-windows.rules)
 * 1:15210 <-> DISABLED <-> OS-WINDOWS SMB NT Trans NT CREATE andx max_param_count underflow attempt (os-windows.rules)
 * 1:15211 <-> DISABLED <-> OS-WINDOWS SMB NT Trans NT CREATE andx max_param_count underflow attempt (os-windows.rules)
 * 1:15212 <-> DISABLED <-> OS-WINDOWS SMB Trans2 OPEN2 max_param_count underflow attempt (os-windows.rules)
 * 1:15213 <-> DISABLED <-> OS-WINDOWS SMB Trans2 OPEN2 unicode max_param_count underflow attempt (os-windows.rules)
 * 1:15214 <-> DISABLED <-> OS-WINDOWS SMB Trans2 OPEN2 max_param_count underflow attempt (os-windows.rules)
 * 1:15215 <-> DISABLED <-> OS-WINDOWS SMB Trans2 OPEN2 unicode max_param_count underflow attempt (os-windows.rules)
 * 1:15216 <-> DISABLED <-> OS-WINDOWS SMB Trans2 OPEN2 andx max_param_count underflow attempt (os-windows.rules)
 * 1:15217 <-> DISABLED <-> OS-WINDOWS SMB Trans2 OPEN2 unicode andx max_param_count underflow attempt (os-windows.rules)
 * 1:15218 <-> DISABLED <-> OS-WINDOWS SMB Trans2 OPEN2 andx max_param_count underflow attempt (os-windows.rules)
 * 1:15219 <-> DISABLED <-> OS-WINDOWS SMB Trans2 OPEN2 unicode andx max_param_count underflow attempt (os-windows.rules)
 * 1:15220 <-> DISABLED <-> OS-WINDOWS SMB Trans2 OPEN2 unicode param_count underflow attempt (os-windows.rules)
 * 1:15221 <-> DISABLED <-> OS-WINDOWS SMB Trans2 OPEN2 param_count underflow attempt (os-windows.rules)
 * 1:15222 <-> DISABLED <-> OS-WINDOWS SMB Trans2 OPEN2 param_count underflow attempt (os-windows.rules)
 * 1:15223 <-> DISABLED <-> OS-WINDOWS SMB Trans2 OPEN2 unicode param_count underflow attempt (os-windows.rules)
 * 1:15224 <-> DISABLED <-> OS-WINDOWS SMB Trans2 OPEN2 unicode andx param_count underflow attempt (os-windows.rules)
 * 1:15225 <-> DISABLED <-> OS-WINDOWS SMB Trans2 OPEN2 andx param_count underflow attempt (os-windows.rules)
 * 1:15226 <-> DISABLED <-> OS-WINDOWS SMB Trans2 OPEN2 andx param_count underflow attempt (os-windows.rules)
 * 1:15227 <-> DISABLED <-> OS-WINDOWS SMB Trans2 OPEN2 unicode andx param_count underflow attempt (os-windows.rules)
 * 1:15228 <-> DISABLED <-> BROWSER-PLUGINS Ciansoft PDFBuilderX ActiveX clsid access (browser-plugins.rules)
 * 1:15230 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Office Viewer 2 ActiveX clsid access (browser-plugins.rules)
 * 1:15232 <-> DISABLED <-> BROWSER-PLUGINS Easy Grid ActiveX clsid access (browser-plugins.rules)
 * 1:15234 <-> DISABLED <-> BROWSER-PLUGINS Easy Grid ActiveX function call access (browser-plugins.rules)
 * 1:15236 <-> DISABLED <-> FILE-IMAGE ACD Systems ACDSee XPM file format overflow attempt (file-image.rules)
 * 1:15238 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime for Java toQTPointer function memory corruption attempt (file-multimedia.rules)
 * 1:15239 <-> DISABLED <-> FILE-IDENTIFY RealNetworks RealMedia format file download request (file-identify.rules)
 * 1:15240 <-> DISABLED <-> FILE-IDENTIFY RealNetworks RealMedia format file download request (file-identify.rules)
 * 1:15241 <-> DISABLED <-> FILE-MULTIMEDIA VideoLAN VLC real.c ReadRealIndex real demuxer integer overflow attempt (file-multimedia.rules)
 * 1:15243 <-> DISABLED <-> BROWSER-PLUGINS AXIS Camera ActiveX clsid access (browser-plugins.rules)
 * 1:15245 <-> DISABLED <-> BROWSER-PLUGINS AXIS Camera ActiveX function call access (browser-plugins.rules)
 * 1:15247 <-> DISABLED <-> BROWSER-PLUGINS JamDTA ActiveX clsid access (browser-plugins.rules)
 * 1:15249 <-> DISABLED <-> BROWSER-PLUGINS SmartVMD ActiveX clsid access (browser-plugins.rules)
 * 1:15251 <-> DISABLED <-> BROWSER-PLUGINS MetaProducts MetaTreeX ActiveX clsid access (browser-plugins.rules)
 * 1:15253 <-> DISABLED <-> BROWSER-PLUGINS MetaProducts MetaTreeX ActiveX function call access (browser-plugins.rules)
 * 1:15255 <-> DISABLED <-> SERVER-ORACLE Secure Backup msgid 0x901 username field overflow attempt (server-oracle.rules)
 * 1:15256 <-> DISABLED <-> SERVER-ORACLE BPEL process manager XSS injection attempt (server-oracle.rules)
 * 1:15257 <-> DISABLED <-> SERVER-ORACLE Secure Backup common.php variable based command injection attempt (server-oracle.rules)
 * 1:15258 <-> DISABLED <-> SERVER-ORACLE Secure Backup login.php variable based command injection attempt (server-oracle.rules)
 * 1:15261 <-> DISABLED <-> SERVER-ORACLE Secure Backup exec_qr command injection attempt (server-oracle.rules)
 * 1:15262 <-> DISABLED <-> SERVER-ORACLE Secure Backup POST exec_qr command injection attempt (server-oracle.rules)
 * 1:15264 <-> DISABLED <-> SERVER-WEBAPP Oracle TimesTen In-Memory Database evtdump CGI module format string exploit attempt (server-webapp.rules)
 * 1:15266 <-> DISABLED <-> BROWSER-PLUGINS MW6 Technologies Barcode ActiveX clsid access (browser-plugins.rules)
 * 1:15268 <-> DISABLED <-> BROWSER-PLUGINS MW6 Technologies Barcode ActiveX function call access (browser-plugins.rules)
 * 1:15270 <-> DISABLED <-> BROWSER-PLUGINS MW6 Technologies PDF417 ActiveX clsid access (browser-plugins.rules)
 * 1:15272 <-> DISABLED <-> BROWSER-PLUGINS MW6 Technologies PDF417 ActiveX function call access (browser-plugins.rules)
 * 1:15274 <-> DISABLED <-> BROWSER-PLUGINS MW6 Technologies DataMatrix ActiveX clsid access (browser-plugins.rules)
 * 1:15276 <-> DISABLED <-> BROWSER-PLUGINS MW6 Technologies DataMatrix ActiveX function call access (browser-plugins.rules)
 * 1:15278 <-> DISABLED <-> BROWSER-PLUGINS MW6 Technologies Aztec ActiveX clsid access (browser-plugins.rules)
 * 1:15280 <-> DISABLED <-> BROWSER-PLUGINS MW6 Technologies Aztec ActiveX function call access (browser-plugins.rules)
 * 1:15282 <-> DISABLED <-> BROWSER-PLUGINS FlexCell Grid ActiveX clsid access (browser-plugins.rules)
 * 1:15284 <-> DISABLED <-> BROWSER-PLUGINS NCTAudioGrabber2 ActiveX clsid access (browser-plugins.rules)
 * 1:15286 <-> DISABLED <-> BROWSER-PLUGINS NCTAudioGrabber2 ActiveX function call access (browser-plugins.rules)
 * 1:15288 <-> DISABLED <-> BROWSER-PLUGINS NCTAudioInformation2 ActiveX clsid access (browser-plugins.rules)
 * 1:15290 <-> DISABLED <-> BROWSER-PLUGINS NCTAudioInformation2 ActiveX function call access (browser-plugins.rules)
 * 1:15292 <-> DISABLED <-> POLICY-SOCIAL QQ protocol detected - version 2006 (policy-social.rules)
 * 1:15293 <-> DISABLED <-> POLICY-SOCIAL QQ protocol detected - version 2008 (policy-social.rules)
 * 1:15299 <-> DISABLED <-> FILE-OFFICE Microsoft Office Visio invalid ho tag attempt (file-office.rules)
 * 1:15303 <-> DISABLED <-> FILE-OFFICE Microsoft Office Visio Malformed IconBitsComponent arbitrary code execution attempt (file-office.rules)
 * 1:15304 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer object clone deletion memory corruption attempt (browser-ie.rules)
 * 1:15305 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer dynamic style update memory corruption attempt (browser-ie.rules)
 * 1:15307 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Animation Control ActiveX clsid access (browser-plugins.rules)
 * 1:15309 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Animation Control ActiveX function call access (browser-plugins.rules)
 * 1:15311 <-> DISABLED <-> BROWSER-PLUGINS Research In Motion AxLoader ActiveX clsid access (browser-plugins.rules)
 * 1:15313 <-> DISABLED <-> BROWSER-PLUGINS Research In Motion AxLoader ActiveX function call access (browser-plugins.rules)
 * 1:15315 <-> DISABLED <-> BROWSER-PLUGINS Akamai DownloadManager ActiveX clsid access (browser-plugins.rules)
 * 1:15317 <-> DISABLED <-> BROWSER-PLUGINS Akamai DownloadManager ActiveX function call access (browser-plugins.rules)
 * 1:15330 <-> DISABLED <-> BROWSER-PLUGINS Nokia Phoenix Service 1 ActiveX clsid access (browser-plugins.rules)
 * 1:15332 <-> DISABLED <-> BROWSER-PLUGINS Nokia Phoenix Service 2 ActiveX clsid access (browser-plugins.rules)
 * 1:15334 <-> DISABLED <-> BROWSER-PLUGINS GeoVision LiveX 7000 ActiveX clsid access (browser-plugins.rules)
 * 1:15336 <-> DISABLED <-> BROWSER-PLUGINS GeoVision LiveX 7000 ActiveX function call access (browser-plugins.rules)
 * 1:15338 <-> DISABLED <-> BROWSER-PLUGINS GeoVision LiveX 8120 ActiveX clsid access (browser-plugins.rules)
 * 1:15340 <-> DISABLED <-> BROWSER-PLUGINS GeoVision LiveX 8120 ActiveX function call access (browser-plugins.rules)
 * 1:15342 <-> DISABLED <-> BROWSER-PLUGINS GeoVision LiveX 8200 ActiveX clsid access (browser-plugins.rules)
 * 1:15344 <-> DISABLED <-> BROWSER-PLUGINS GeoVision LiveX 8200 ActiveX function call access (browser-plugins.rules)
 * 1:15346 <-> DISABLED <-> BROWSER-PLUGINS Synactis ALL In-The-Box ActiveX clsid access (browser-plugins.rules)
 * 1:15348 <-> DISABLED <-> BROWSER-PLUGINS Synactis ALL In-The-Box ActiveX function call access (browser-plugins.rules)
 * 1:15350 <-> DISABLED <-> BROWSER-PLUGINS Web on Windows ActiveX clsid access (browser-plugins.rules)
 * 1:15352 <-> DISABLED <-> BROWSER-PLUGINS Web on Windows ActiveX function call access (browser-plugins.rules)
 * 1:15357 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader JBIG2 remote code execution attempt (file-pdf.rules)
 * 1:15358 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader JBIG2 remote code execution attempt (file-pdf.rules)
 * 1:15362 <-> DISABLED <-> INDICATOR-OBFUSCATION obfuscated javascript excessive fromCharCode - potential attack (indicator-obfuscation.rules)
 * 1:15363 <-> DISABLED <-> INDICATOR-OBFUSCATION Potential obfuscated javascript eval unescape attack attempt (indicator-obfuscation.rules)
 * 1:15367 <-> DISABLED <-> FILE-OFFICE Microsoft Office Outlook web access script injection attempt (file-office.rules)
 * 1:15368 <-> DISABLED <-> BROWSER-PLUGINS FathFTP ActiveX clsid access (browser-plugins.rules)
 * 1:15370 <-> DISABLED <-> BROWSER-PLUGINS FathFTP ActiveX function call access (browser-plugins.rules)
 * 1:15372 <-> DISABLED <-> BROWSER-PLUGINS iDefense COMRaider ActiveX clsid access (browser-plugins.rules)
 * 1:15374 <-> DISABLED <-> BROWSER-PLUGINS iDefense COMRaider ActiveX function call access (browser-plugins.rules)
 * 1:15376 <-> DISABLED <-> BROWSER-PLUGINS Sopcast SopCore ActiveX clsid access (browser-plugins.rules)
 * 1:15378 <-> DISABLED <-> BROWSER-PLUGINS Sopcast SopCore ActiveX function call access (browser-plugins.rules)
 * 1:15380 <-> DISABLED <-> BROWSER-PLUGINS HP Virtual Rooms v7 ActiveX clsid access (browser-plugins.rules)
 * 1:15382 <-> DISABLED <-> SERVER-OTHER X.Org X Font Server QueryXBitmaps and QueryXExtents Handlers integer overflow attempt (server-other.rules)
 * 1:15383 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox XBL Event Handler Tags Removal memory corruption attempt (browser-firefox.rules)
 * 1:15384 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime pict image poly structure memory corruption attempt (file-multimedia.rules)
 * 1:15386 <-> DISABLED <-> OS-WINDOWS Microsoft Windows wpad dynamic update request  (os-windows.rules)
 * 1:15387 <-> DISABLED <-> OS-WINDOWS udp WINS WPAD registration attempt (os-windows.rules)
 * 1:15415 <-> DISABLED <-> CONTENT-REPLACE AIM or ICQ deny unencrypted login connection (content-replace.rules)
 * 1:15416 <-> DISABLED <-> CONTENT-REPLACE ICQ deny http proxy login (content-replace.rules)
 * 1:15420 <-> DISABLED <-> CONTENT-REPLACE MSN deny login (content-replace.rules)
 * 1:15421 <-> DISABLED <-> CONTENT-REPLACE AIM or ICQ deny login for unencrypted connection (content-replace.rules)
 * 1:15422 <-> DISABLED <-> SERVER-OTHER Sun One web proxy server overflow attempt (server-other.rules)
 * 1:15424 <-> DISABLED <-> SERVER-WEBAPP phpBB mod shoutbox sql injection attempt (server-webapp.rules)
 * 1:15425 <-> DISABLED <-> SERVER-WEBAPP phpBB mod tag board sql injection attempt (server-webapp.rules)
 * 1:15427 <-> ENABLED <-> FILE-IDENTIFY SVG file download request (file-identify.rules)
 * 1:15428 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox SVG data processing memory corruption attempt (browser-firefox.rules)
 * 1:15430 <-> DISABLED <-> FILE-OTHER Microsoft EMF+ GpFont.SetData buffer overflow attempt (file-other.rules)
 * 1:15431 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox 3 xsl parsing heap overflow attempt (browser-firefox.rules)
 * 1:15432 <-> DISABLED <-> SERVER-WEBAPP wordpress cat parameter arbitrary file execution attempt (server-webapp.rules)
 * 1:15434 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Network Node Manager OvOSLocale parameter buffer overflow attempt (server-webapp.rules)
 * 1:15438 <-> DISABLED <-> CONTENT-REPLACE QQ 2009 deny udp login (content-replace.rules)
 * 1:15439 <-> DISABLED <-> CONTENT-REPLACE QQ 2009 deny tcp login (content-replace.rules)
 * 1:15440 <-> DISABLED <-> CONTENT-REPLACE QQ 2008 deny udp login (content-replace.rules)
 * 1:15441 <-> DISABLED <-> CONTENT-REPLACE QQ 2009 deny tcp login (content-replace.rules)
 * 1:15442 <-> DISABLED <-> SERVER-MYSQL XML Functions ExtractValue Scalar XPath denial of service attempt (server-mysql.rules)
 * 1:15443 <-> DISABLED <-> SERVER-MYSQL XML Functions UpdateXML Scalar XPath denial of service attempt (server-mysql.rules)
 * 1:15445 <-> DISABLED <-> SERVER-ORACLE Application Server BPEL module cross site scripting attempt (server-oracle.rules)
 * 1:15446 <-> DISABLED <-> SERVER-WEBAPP Novell eDirectory management console Accept-Language buffer overflow attempt (server-webapp.rules)
 * 1:15455 <-> DISABLED <-> FILE-OFFICE Microsoft Office WordPad and Office Text Converters XST parsing buffer overflow attempt (file-office.rules)
 * 1:15457 <-> DISABLED <-> OS-WINDOWS Microsoft Windows DirectShow MJPEG arbitrary code execution attempt (os-windows.rules)
 * 1:15458 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer navigating between pages race condition attempt (browser-ie.rules)
 * 1:15459 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer deleted/unitialized object memory corruption attempt (browser-ie.rules)
 * 1:15460 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer ActiveX load/unload race condition attempt (browser-ie.rules)
 * 1:15462 <-> DISABLED <-> BROWSER-OTHER Multiple web browsers HTTP chunked transfer-encoding memory corruption attempt (browser-other.rules)
 * 1:15466 <-> DISABLED <-> FILE-OFFICE Microsoft Office WordPad WordPerfect 6.x converter buffer overflow attempt (file-office.rules)
 * 1:15467 <-> DISABLED <-> FILE-OFFICE Microsoft Office WordPad and Office Text Converters PlcPcd aCP buffer overflow attempt (file-office.rules)
 * 1:15475 <-> DISABLED <-> OS-WINDOWS Microsoft Windows ISA Server cross-site scripting attempt (os-windows.rules)
 * 1:15476 <-> DISABLED <-> PUA-ADWARE Waledac spam bot HTTP POST request (pua-adware.rules)
 * 1:15478 <-> DISABLED <-> FILE-FLASH Adobe Flash Player invalid object reference code execution attempt (file-flash.rules)
 * 1:15480 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime movie record invalid version number exploit attempt (file-multimedia.rules)
 * 1:15482 <-> DISABLED <-> SERVER-OTHER Oracle Java System sockd authentication buffer overflow attempt (server-other.rules)
 * 1:15484 <-> DISABLED <-> PROTOCOL-IMAP CRAM-MD5 authentication method buffer overflow (protocol-imap.rules)
 * 1:15485 <-> DISABLED <-> SERVER-MAIL IBM Lotus Notes DOC attachment viewer buffer overflow (server-mail.rules)
 * 1:15487 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime SMIL qtnext redirect file execution attempt (file-multimedia.rules)
 * 1:15488 <-> DISABLED <-> SERVER-ORACLE Oracle Database Application Express Component APEX password hash disclosure attempt (server-oracle.rules)
 * 1:15489 <-> DISABLED <-> PUA-OTHER Cerulean Studios Trillian image filename handling XML tag overflow attempt (pua-other.rules)
 * 1:1549 <-> DISABLED <-> SERVER-MAIL HELO overflow attempt (server-mail.rules)
 * 1:15490 <-> DISABLED <-> OS-LINUX Linux SCTP malformed forward-tsn chunk arbitrary code execution attempt (os-linux.rules)
 * 1:15492 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader spell.customDictionaryOpen exploit attempt (file-pdf.rules)
 * 1:15493 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader getAnnots exploit attempt (file-pdf.rules)
 * 1:15499 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint PP7 Component buffer overflow attempt (file-office.rules)
 * 1:15500 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint LinkedSlide memory corruption (file-office.rules)
 * 1:15501 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint ParaBuildAtom memory corruption attempt (file-office.rules)
 * 1:15502 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint DiagramBuildContainer memory corruption attempt (file-office.rules)
 * 1:15504 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint Download of version 4.0 file (file-office.rules)
 * 1:15505 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint HashCode10Atom memory corruption attempt (file-office.rules)
 * 1:15506 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint CurrentUserAtom remote code execution attempt (file-office.rules)
 * 1:15509 <-> DISABLED <-> SERVER-OTHER IBM DB2 database server CONNECT denial of service attempt (server-other.rules)
 * 1:15510 <-> DISABLED <-> SERVER-OTHER Trend Micro OfficeScan Server cgiRecvFile overflow attempt (server-other.rules)
 * 1:15512 <-> DISABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP rpcss2_RemoteGetClassObject attempt (os-windows.rules)
 * 1:15513 <-> DISABLED <-> OS-WINDOWS DCERPC NCADG-IP-UDP rpcss2_RemoteGetClassObject attempt (os-windows.rules)
 * 1:15515 <-> DISABLED <-> SERVER-ORACLE Oracle Database Server RollbackWorkspace SQL injection attempt (server-oracle.rules)
 * 1:15518 <-> DISABLED <-> FILE-IDENTIFY Embedded Open Type Font file download request (file-identify.rules)
 * 1:15523 <-> DISABLED <-> OS-WINDOWS Microsoft Windows srvsvc NetrShareEnum netname overflow attempt (os-windows.rules)
 * 1:15524 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word remote code execution attempt (file-office.rules)
 * 1:15525 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word remote code execution attempt (file-office.rules)
 * 1:15526 <-> DISABLED <-> FILE-OFFICE Microsoft Works 4.x converter font name buffer overflow attempt (file-office.rules)
 * 1:15527 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Active Directory LDAP denial of service attempt (os-windows.rules)
 * 1:15529 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer cross-domain navigation cookie stealing attempt (browser-ie.rules)
 * 1:15534 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer XML HttpRequest race condition exploit attempt (browser-ie.rules)
 * 1:15535 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer setCapture heap corruption exploit attempt (browser-ie.rules)
 * 1:15540 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer DOM memory corruption attempt (browser-ie.rules)
 * 1:15541 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel SST record remote code execution attempt (file-office.rules)
 * 1:15542 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel Qsir and Qsif record remote code execution attempt (file-office.rules)
 * 1:15543 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Communications Control v6 ActiveX clsid access (browser-plugins.rules)
 * 1:15545 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Communications Control v6 ActiveX function call access (browser-plugins.rules)
 * 1:15547 <-> DISABLED <-> BROWSER-PLUGINS eBay Picture Uploads control 1 ActiveX clsid access (browser-plugins.rules)
 * 1:15549 <-> DISABLED <-> BROWSER-PLUGINS eBay Picture Uploads control 1 ActiveX function call access (browser-plugins.rules)
 * 1:15551 <-> DISABLED <-> BROWSER-PLUGINS eBay Picture Uploads control 2 ActiveX clsid access (browser-plugins.rules)
 * 1:15554 <-> DISABLED <-> SERVER-ORACLE Application Server 10g OPMN service format string vulnerability exploit attempt (server-oracle.rules)
 * 1:15555 <-> DISABLED <-> SERVER-OTHER Symantec Alert Management System Intel Alert Originator Service buffer overflow attempt (server-other.rules)
 * 1:15557 <-> DISABLED <-> BROWSER-PLUGINS SAP AG SAPgui EnjoySAP ActiveX clsid access (browser-plugins.rules)
 * 1:15559 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime movie file clipping region handling heap buffer overflow attempt (file-multimedia.rules)
 * 1:15560 <-> DISABLED <-> POLICY-SOCIAL Yahoo Messenger web client activity (policy-social.rules)
 * 1:15561 <-> DISABLED <-> POLICY-SOCIAL AOL Aimexpress web client login (policy-social.rules)
 * 1:15566 <-> DISABLED <-> PUA-ADWARE Gumblar HTTP GET request attempt (pua-adware.rules)
 * 1:15567 <-> DISABLED <-> PUA-ADWARE Martuz HTTP GET request attempt (pua-adware.rules)
 * 1:15570 <-> DISABLED <-> CONTENT-REPLACE Google Talk deny login (content-replace.rules)
 * 1:15572 <-> DISABLED <-> SERVER-OTHER Curse of Silence Nokia SMS DoS attempt (server-other.rules)
 * 1:15573 <-> DISABLED <-> SERVER-OTHER RealNetworks Helix Server RTSP SET_PARAMETER heap buffer overflow attempt (server-other.rules)
 * 1:15574 <-> DISABLED <-> SERVER-MAIL MAIL FROM command overflow attempt (server-mail.rules)
 * 1:15576 <-> DISABLED <-> POLICY-SOCIAL Microsoft MSN Messenger web client login (policy-social.rules)
 * 1:15577 <-> DISABLED <-> POLICY-SOCIAL Microsoft MSN Messenger web client activity (policy-social.rules)
 * 1:15579 <-> DISABLED <-> SERVER-OTHER Squid NTLM fakeauth_auth Helper denial of service attempt (server-other.rules)
 * 1:15580 <-> DISABLED <-> SERVER-OTHER Squid oversized reply header handling exploit attempt (server-other.rules)
 * 1:15583 <-> DISABLED <-> FILE-OTHER F-Secure AntiVirus library heap overflow attempt (file-other.rules)
 * 1:15588 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 1 ActiveX clsid access (browser-plugins.rules)
 * 1:15590 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 10 ActiveX clsid access (browser-plugins.rules)
 * 1:15592 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 11 ActiveX clsid access (browser-plugins.rules)
 * 1:15594 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 12 ActiveX clsid access (browser-plugins.rules)
 * 1:15596 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 13 ActiveX clsid access (browser-plugins.rules)
 * 1:15598 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 14 ActiveX clsid access (browser-plugins.rules)
 * 1:15600 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 15 ActiveX clsid access (browser-plugins.rules)
 * 1:15602 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 16 ActiveX clsid access (browser-plugins.rules)
 * 1:15604 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 17 ActiveX clsid access (browser-plugins.rules)
 * 1:15606 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 18 ActiveX clsid access (browser-plugins.rules)
 * 1:15608 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 19 ActiveX clsid access (browser-plugins.rules)
 * 1:15610 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 2 ActiveX clsid access (browser-plugins.rules)
 * 1:15612 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 20 ActiveX clsid access (browser-plugins.rules)
 * 1:15614 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 21 ActiveX clsid access (browser-plugins.rules)
 * 1:15616 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 22 ActiveX clsid access (browser-plugins.rules)
 * 1:15618 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 23 ActiveX clsid access (browser-plugins.rules)
 * 1:15620 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 24 ActiveX clsid access (browser-plugins.rules)
 * 1:15622 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 25 ActiveX clsid access (browser-plugins.rules)
 * 1:15624 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 26 ActiveX clsid access (browser-plugins.rules)
 * 1:15626 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 27 ActiveX clsid access (browser-plugins.rules)
 * 1:15628 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 28 ActiveX clsid access (browser-plugins.rules)
 * 1:15630 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 29 ActiveX clsid access (browser-plugins.rules)
 * 1:15632 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 3 ActiveX clsid access (browser-plugins.rules)
 * 1:15634 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 30 ActiveX clsid access (browser-plugins.rules)
 * 1:15636 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 31 ActiveX clsid access (browser-plugins.rules)
 * 1:15638 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 32 ActiveX clsid access (browser-plugins.rules)
 * 1:15640 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 33 ActiveX clsid access (browser-plugins.rules)
 * 1:15642 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 34 ActiveX clsid access (browser-plugins.rules)
 * 1:15644 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 35 ActiveX clsid access (browser-plugins.rules)
 * 1:15646 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 36 ActiveX clsid access (browser-plugins.rules)
 * 1:15648 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 37 ActiveX clsid access (browser-plugins.rules)
 * 1:15650 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 38 ActiveX clsid access (browser-plugins.rules)
 * 1:15652 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 39 ActiveX clsid access (browser-plugins.rules)
 * 1:15654 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 4 ActiveX clsid access (browser-plugins.rules)
 * 1:15656 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 40 ActiveX clsid access (browser-plugins.rules)
 * 1:15658 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 41 ActiveX clsid access (browser-plugins.rules)
 * 1:15660 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 42 ActiveX clsid access (browser-plugins.rules)
 * 1:15662 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 43 ActiveX clsid access (browser-plugins.rules)
 * 1:15664 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 44 ActiveX clsid access (browser-plugins.rules)
 * 1:15666 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 45 ActiveX clsid access (browser-plugins.rules)
 * 1:15668 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 5 ActiveX clsid access (browser-plugins.rules)
 * 1:15670 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 6 ActiveX clsid access (browser-plugins.rules)
 * 1:15671 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 6 ActiveX function call (browser-plugins.rules)
 * 1:15672 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 7 ActiveX clsid access (browser-plugins.rules)
 * 1:15674 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 8 ActiveX clsid access (browser-plugins.rules)
 * 1:15676 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 9 ActiveX clsid access (browser-plugins.rules)
 * 1:15678 <-> DISABLED <-> BROWSER-PLUGINS Microsoft DirectShow ActiveX exploit via JavaScript (browser-plugins.rules)
 * 1:15679 <-> DISABLED <-> BROWSER-PLUGINS Microsoft DirectShow ActiveX exploit via JavaScript - unicode encoding (browser-plugins.rules)
 * 1:15680 <-> DISABLED <-> OS-WINDOWS Microsoft DirectShow QuickTime file atom size parsing heap corruption attempt (os-windows.rules)
 * 1:15681 <-> DISABLED <-> FILE-OFFICE Microsoft Office Publisher 2007 file format arbitrary code execution attempt (file-office.rules)
 * 1:15682 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows DirectShow QuickTime file stsc atom parsing heap corruption attempt (file-multimedia.rules)
 * 1:15685 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Office Web Components 10 Spreadsheet ActiveX clsid access (browser-plugins.rules)
 * 1:15687 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Office Web Components 10 Spreadsheet ActiveX function call access (browser-plugins.rules)
 * 1:15689 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Office Web Components 11 Spreadsheet ActiveX clsid access (browser-plugins.rules)
 * 1:15691 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Office Web Components 11 Spreadsheet ActiveX function call access (browser-plugins.rules)
 * 1:15693 <-> DISABLED <-> FILE-OTHER Microsoft Windows Embedded Open Type Font malformed name table overflow attempt (file-other.rules)
 * 1:15697 <-> DISABLED <-> INDICATOR-OBFUSCATION rename of javascript unescape function detected (indicator-obfuscation.rules)
 * 1:15698 <-> DISABLED <-> INDICATOR-SHELLCODE Possible generic javascript heap spray attempt (indicator-shellcode.rules)
 * 1:15699 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox 3.5 unicode stack overflow attempt (browser-firefox.rules)
 * 1:15701 <-> DISABLED <-> OS-WINDOWS Microsoft Windows 2000 domain authentication bypass attempt (os-windows.rules)
 * 1:15702 <-> DISABLED <-> NETBIOS DCERPC NCACN-IP-TCP brightstor opcode 0x13 overflow attempt (netbios.rules)
 * 1:15703 <-> DISABLED <-> FILE-MULTIMEDIA Apple iTunes ITMS protocol handler stack buffer overflow attempt (file-multimedia.rules)
 * 1:15704 <-> DISABLED <-> FILE-MULTIMEDIA Apple iTunes ITMSS protocol handler stack buffer overflow attempt (file-multimedia.rules)
 * 1:15705 <-> DISABLED <-> FILE-MULTIMEDIA Apple iTunes PCAST protocol handler stack buffer overflow attempt (file-multimedia.rules)
 * 1:15706 <-> DISABLED <-> FILE-MULTIMEDIA Apple iTunes DAAP protocol handler stack buffer overflow attempt (file-multimedia.rules)
 * 1:15707 <-> DISABLED <-> FILE-MULTIMEDIA Apple iTunes ITPC protocol handler stack buffer overflow attempt (file-multimedia.rules)
 * 1:15709 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader FlateDecode integer overflow attempt (file-pdf.rules)
 * 1:15710 <-> DISABLED <-> NETBIOS DCERPC NCACN-IP-TCP brightstor opcode 0x3B null strings attempt (netbios.rules)
 * 1:15711 <-> DISABLED <-> PUA-OTHER mIRC PRIVMSG message processing overflow attempt (pua-other.rules)
 * 1:15722 <-> DISABLED <-> SERVER-ORACLE Oracle database server Workspace Manager multiple SQL injection attempt (server-oracle.rules)
 * 1:15723 <-> DISABLED <-> SERVER-ORACLE Oracle database server CompressWorkspaceTree SQL injection attempt (server-oracle.rules)
 * 1:15724 <-> DISABLED <-> SERVER-ORACLE Oracle database server MergeWorkspace SQL injection attempt (server-oracle.rules)
 * 1:15725 <-> DISABLED <-> SERVER-ORACLE Oracle database server RemoveWorkspace SQL injection attempt (server-oracle.rules)
 * 1:15726 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Network Node Manager URI rping stack buffer overflow attempt (server-webapp.rules)
 * 1:15728 <-> DISABLED <-> FILE-PDF Possible Adobe Reader ActionScript byte_array heap spray attempt (file-pdf.rules)
 * 1:15729 <-> DISABLED <-> FILE-FLASH Possible Adobe Flash ActionScript byte_array heap spray attempt (file-flash.rules)
 * 1:15731 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer javascript deleted reference arbitrary code execution attempt (browser-ie.rules)
 * 1:15732 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CSS handling memory corruption attempt (browser-ie.rules)
 * 1:15733 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer empty table tag memory corruption attempt (browser-ie.rules)
 * 1:15849 <-> DISABLED <-> OS-WINDOWS Microsoft Windows WINS replication inform2 request memory corruption attempt (os-windows.rules)
 * 1:15852 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Office Web Components Datasource ActiveX clsid access (browser-plugins.rules)
 * 1:15854 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows AVIFile media file processing memory corruption attempt (file-multimedia.rules)
 * 1:15860 <-> DISABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP wkssvc NetrGetJoinInformation attempt (os-windows.rules)
 * 1:15861 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Remote Desktop Client ActiveX clsid access (browser-plugins.rules)
 * 1:15863 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Remote Desktop Client ActiveX function call access (browser-plugins.rules)
 * 1:15866 <-> DISABLED <-> FILE-OTHER libxml2 file processing long entity overflow attempt (file-other.rules)
 * 1:15867 <-> DISABLED <-> FILE-PDF Adobe Acrobat PDF font processing memory corruption attempt (file-pdf.rules)
 * 1:15869 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ASnative command execution attempet (file-flash.rules)
 * 1:15870 <-> DISABLED <-> FILE-IDENTIFY 4XM file download request (file-identify.rules)
 * 1:15871 <-> DISABLED <-> FILE-MULTIMEDIA FFmpeg 4xm processing memory corruption attempt (file-multimedia.rules)
 * 1:15872 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox defineSetter function pointer memory corruption attempt (browser-firefox.rules)
 * 1:15873 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox location spoofing attempt via invalid window.open characters (browser-firefox.rules)
 * 1:15878 <-> DISABLED <-> BROWSER-PLUGINS AcerCtrls.APlunch ActiveX clsid access (browser-plugins.rules)
 * 1:15880 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer popup window object tag code execution attempt (browser-ie.rules)
 * 1:15882 <-> DISABLED <-> SERVER-OTHER McAfee E-Business Server remote preauth code execution attempt (server-other.rules)
 * 1:15883 <-> DISABLED <-> SERVER-OTHER SAPLPD 0x01 command buffer overflow attempt (server-other.rules)
 * 1:15884 <-> DISABLED <-> SERVER-OTHER SAPLPD 0x02 command buffer overflow attempt (server-other.rules)
 * 1:15886 <-> DISABLED <-> SERVER-OTHER SAPLPD 0x04 command buffer overflow attempt (server-other.rules)
 * 1:15887 <-> DISABLED <-> SERVER-OTHER SAPLPD 0x05 command buffer overflow attempt (server-other.rules)
 * 1:15888 <-> DISABLED <-> SERVER-OTHER SAPLPD 0x31 command buffer overflow attempt (server-other.rules)
 * 1:15889 <-> DISABLED <-> SERVER-OTHER SAPLPD 0x32 command buffer overflow attempt (server-other.rules)
 * 1:15890 <-> DISABLED <-> SERVER-OTHER SAPLPD 0x33 command buffer overflow attempt (server-other.rules)
 * 1:15891 <-> DISABLED <-> SERVER-OTHER SAPLPD 0x34 command buffer overflow attempt (server-other.rules)
 * 1:15892 <-> DISABLED <-> SERVER-OTHER SAPLPD 0x53 command denial of service attempt (server-other.rules)
 * 1:15894 <-> DISABLED <-> OS-WINDOWS Microsoft Color Management Module remote code execution attempt (os-windows.rules)
 * 1:15902 <-> DISABLED <-> INDICATOR-SHELLCODE x86 win2k-2k3 decoder base shellcode (indicator-shellcode.rules)
 * 1:15909 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime VR Track Header Atom heap corruption attempt (file-multimedia.rules)
 * 1:15913 <-> DISABLED <-> OS-WINDOWS Microsoft Windows javascript arguments keyword override rce attempt (os-windows.rules)
 * 1:15921 <-> DISABLED <-> FILE-IDENTIFY Microsoft multimedia format file download request (file-identify.rules)
 * 1:15922 <-> DISABLED <-> FILE-IDENTIFY MP3 file download request (file-identify.rules)
 * 1:15924 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DHTML Editing ActiveX function call access (browser-plugins.rules)
 * 1:15926 <-> DISABLED <-> BROWSER-PLUGINS PPStream PPSMediaList ActiveX clsid access (browser-plugins.rules)
 * 1:15928 <-> DISABLED <-> BROWSER-PLUGINS PPStream PPSMediaList ActiveX function call access (browser-plugins.rules)
 * 1:15930 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB malformed process ID high field remote code execution attempt (os-windows.rules)
 * 1:15932 <-> DISABLED <-> PROTOCOL-FTP LIST globbing denial of service attack (protocol-ftp.rules)
 * 1:15939 <-> DISABLED <-> SERVER-OTHER MSN Messenger IRC bot calling home attempt (server-other.rules)
 * 1:15940 <-> DISABLED <-> FILE-MULTIMEDIA RealNetworks RealPlayer Multiple Products RA file processing overflow attempt (file-multimedia.rules)
 * 1:15941 <-> DISABLED <-> SERVER-OTHER Squid Proxy TRACE request remote DoS attempt (server-other.rules)
 * 1:15944 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Active Directory crafted LDAP request denial of service attempt (os-windows.rules)
 * 1:15946 <-> DISABLED <-> FILE-OTHER Microsoft Windows Vista Feed Headlines Gagdet code execution attempt (file-other.rules)
 * 1:15948 <-> DISABLED <-> SERVER-OTHER CA License Software invalid command overflow attempt (server-other.rules)
 * 1:15950 <-> DISABLED <-> SERVER-OTHER McAfee LHA Type-2 file handling overflow attempt (server-other.rules)
 * 1:15952 <-> DISABLED <-> SERVER-MYSQL create function libc arbitrary code execution attempt (server-mysql.rules)
 * 1:15953 <-> DISABLED <-> SERVER-WEBAPP Ipswitch IMail Calendaring arbitrary file read attempt (server-webapp.rules)
 * 1:15954 <-> DISABLED <-> SERVER-MAIL SpamAssassin malformed email header DoS attempt (server-mail.rules)
 * 1:15955 <-> DISABLED <-> SERVER-ORACLE Application Server 9i Webcache file corruption attempt (server-oracle.rules)
 * 1:15957 <-> DISABLED <-> FILE-OTHER Sophos Anti-Virus zip file handling DoS attempt (file-other.rules)
 * 1:15958 <-> DISABLED <-> SERVER-OTHER Novell ZENworks Remote Management overflow attempt (server-other.rules)
 * 1:15961 <-> DISABLED <-> SERVER-OTHER 3Com Network Supervisor directory traversal attempt (server-other.rules)
 * 1:15962 <-> DISABLED <-> SERVER-WEBAPP Sybase EAServer WebConsole overflow attempt (server-webapp.rules)
 * 1:15964 <-> DISABLED <-> SERVER-MAIL Microsoft Windows Exchange OWA XSS and spoofing attempt (server-mail.rules)
 * 1:15965 <-> DISABLED <-> OS-WINDOWS Microsoft Explorer long share name buffer overflow attempt (os-windows.rules)
 * 1:15966 <-> DISABLED <-> FILE-OTHER F-Secure Anti-Virus LHA processing buffer overflow attempt (file-other.rules)
 * 1:15967 <-> DISABLED <-> SERVER-OTHER ICQ SRV_MULTI/SRV_META_USER overflow attempt (server-other.rules)
 * 1:15969 <-> DISABLED <-> SERVER-OTHER Symantec Multiple Products ISAKMPd denial of service attempt (server-other.rules)
 * 1:15970 <-> DISABLED <-> SERVER-OTHER Subversion svn pProtocol string parsing heap overflow attempt (server-other.rules)
 * 1:15977 <-> DISABLED <-> SERVER-WEBAPP PHP strip_tags bypass vulnerability exploit attempt (server-webapp.rules)
 * 1:15978 <-> DISABLED <-> SERVER-WEBAPP Macromedia JRun 4 mod_jrun buffer overflow attempt (server-webapp.rules)
 * 1:15981 <-> DISABLED <-> FILE-OTHER zlib Denial of Service (file-other.rules)
 * 1:15982 <-> DISABLED <-> SERVER-WEBAPP Ipswitch WhatsUp Gold DOS Device HTTP request denial of service attempt (server-webapp.rules)
 * 1:15983 <-> DISABLED <-> SERVER-SAMBA Samba arbitrary file access exploit attempt (server-samba.rules)
 * 1:15984 <-> DISABLED <-> SERVER-SAMBA Samba Printer Change Notification Request DoS attempt (server-samba.rules)
 * 1:15985 <-> DISABLED <-> OS-WINDOWS Microsoft ASP.NET canonicalization exploit attempt (os-windows.rules)
 * 1:15986 <-> DISABLED <-> SERVER-SAMBA Samba unicode filename buffer overflow attempt (server-samba.rules)
 * 1:15993 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript intrf_count integer overflow attempt (file-flash.rules)
 * 1:15994 <-> DISABLED <-> SERVER-OTHER Squid strListGetItem denial of service attempt (server-other.rules)
 * 1:15995 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows DirectX malformed avi file mjpeg compression arbitrary code execution attempt (file-multimedia.rules)
 * 1:15996 <-> DISABLED <-> OS-WINDOWS Microsoft Negotiate SSP buffer overflow attempt (os-windows.rules)
 * 1:15997 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox JIT escape function memory corruption attempt (browser-firefox.rules)
 * 1:15998 <-> DISABLED <-> SERVER-OTHER HP OpenView Client Configuration Manager Radia Notify Daemon code execution attempt (server-other.rules)
 * 1:15999 <-> DISABLED <-> BROWSER-FIREFOX Mozilla products frame comment objects manipulation memory corruption attempt (browser-firefox.rules)
 * 1:16000 <-> DISABLED <-> FILE-IMAGE Sun Microsystems Java gif handling memory corruption attempt (file-image.rules)
 * 1:16001 <-> DISABLED <-> FILE-IMAGE Apple QuickDraw PICT images ARGB records handling memory corruption attempt (file-image.rules)
 * 1:16005 <-> DISABLED <-> BROWSER-FIREFOX Mozilla browsers JavaScript argument passing code execution attempt (browser-firefox.rules)
 * 1:16007 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer colgroup tag uninitialized memory exploit attempt (browser-ie.rules)
 * 1:16009 <-> DISABLED <-> BROWSER-FIREFOX Mozilla products overflow event handling memory corruption attempt (browser-firefox.rules)
 * 1:16013 <-> DISABLED <-> SERVER-OTHER IBM solidDB logging function format string exploit attempt (server-other.rules)
 * 1:16017 <-> DISABLED <-> SERVER-OTHER IBM Lotus Domino LDAP server invalid DN message buffer overflow attempt (server-other.rules)
 * 1:16019 <-> DISABLED <-> SERVER-OTHER Novell Distributed Print Services integer overflow attempt (server-other.rules)
 * 1:16020 <-> DISABLED <-> SERVER-MYSQL login handshake information disclosure attempt (server-mysql.rules)
 * 1:16024 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox Javascript Function focus overflow attempt (browser-firefox.rules)
 * 1:16025 <-> DISABLED <-> SERVER-MAIL MailEnable SMTP service SPF lookup buffer overflow attempt (server-mail.rules)
 * 1:16027 <-> DISABLED <-> FILE-MULTIMEDIA Nullsoft Winamp midi file header overflow attempt (file-multimedia.rules)
 * 1:16028 <-> DISABLED <-> SERVER-WEBAPP Novell Groupwise Messenger parameters invalid memory access attempt (server-webapp.rules)
 * 1:16029 <-> DISABLED <-> OS-WINDOWS Microsoft Windows DNS client ATMA buffer overrun attempt (os-windows.rules)
 * 1:16030 <-> DISABLED <-> OS-WINDOWS Microsoft Windows DNS client TXT buffer overrun attempt (os-windows.rules)
 * 1:16031 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer nested object tag memory corruption attempt (browser-ie.rules)
 * 1:16032 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer HTML Decoding memory corruption attempt (browser-ie.rules)
 * 1:16033 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer compressed content attempt (browser-ie.rules)
 * 1:16034 <-> DISABLED <-> SERVER-SAMBA Samba spools RPC smb_io_notify_option_type_data request handling buffer overflow attempt (server-samba.rules)
 * 1:16035 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer createTextRange code execution attempt (browser-ie.rules)
 * 1:16036 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Products QueryInterface method memory corruption attempt (browser-firefox.rules)
 * 1:16037 <-> DISABLED <-> BROWSER-FIREFOX Mozilla products graphics and XML features integer overflows attempt (browser-firefox.rules)
 * 1:16038 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Thunderbird WYSIWYG engine filtering IFRAME JavaScript execution attempt (browser-firefox.rules)
 * 1:16039 <-> DISABLED <-> SERVER-OTHER EMC Dantz Retrospect Backup Agent denial of service attempt (server-other.rules)
 * 1:16040 <-> DISABLED <-> SERVER-OTHER SpamAssassin spamd vpopmail and paranoid options code execution attempt (server-other.rules)
 * 1:16041 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime FLIC animation file buffer overflow attempt (file-multimedia.rules)
 * 1:16042 <-> DISABLED <-> BROWSER-FIREFOX Mozilla browsers CSS moz-binding cross domain scripting attempt (browser-firefox.rules)
 * 1:16043 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer html tag memory corruption attempt (browser-ie.rules)
 * 1:16044 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox CSS Letter-Spacing overflow attempt (browser-firefox.rules)
 * 1:16045 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer cross domain information disclosure attempt (browser-ie.rules)
 * 1:16046 <-> DISABLED <-> FILE-MULTIMEDIA RealNetworks RealPlayer RealMedia file format processing heap corruption attempt (file-multimedia.rules)
 * 1:16047 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox layout frame constructor memory corruption attempt (browser-firefox.rules)
 * 1:16048 <-> DISABLED <-> SERVER-OTHER Microsoft ASP.NET application folder info disclosure attempt (server-other.rules)
 * 1:16049 <-> DISABLED <-> SERVER-OTHER GNU Radius SQL accounting format string exploit attempt (server-other.rules)
 * 1:16050 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox tag order memory corruption attempt (browser-firefox.rules)
 * 1:16051 <-> DISABLED <-> FILE-OFFICE Microsoft Office Publisher 2007 conversion library code execution attempt (file-office.rules)
 * 1:16052 <-> DISABLED <-> SERVER-OTHER Novell iManager Tree parameter denial of service attempt (server-other.rules)
 * 1:16053 <-> DISABLED <-> FILE-OTHER GNU tar PAX extended headers handling overflow attempt (file-other.rules)
 * 1:16054 <-> DISABLED <-> FILE-IMAGE Apple QuickTime bitmap multiple header overflow (file-image.rules)
 * 1:16055 <-> DISABLED <-> FILE-MULTIMEDIA Apple iTunes AAC file handling integer overflow attempt (file-multimedia.rules)
 * 1:16056 <-> DISABLED <-> SERVER-WEBAPP Symantec Scan Engine authentication bypass attempt (server-webapp.rules)
 * 1:16060 <-> DISABLED <-> SERVER-OTHER IBM Lotus Domino LDAP server memory exception attempt (server-other.rules)
 * 1:16061 <-> DISABLED <-> FILE-IDENTIFY X PixMap file download request (file-identify.rules)
 * 1:16063 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer isindex buffer overflow attempt (browser-ie.rules)
 * 1:16064 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer onBeforeUnload address bar spoofing attempt (browser-ie.rules)
 * 1:16065 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer location.replace memory corruption attempt (browser-ie.rules)
 * 1:16067 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer DOM object cache management memory corruption attempt (browser-ie.rules)
 * 1:16068 <-> DISABLED <-> BROWSER-PLUGINS Yahoo Music Jukebox ActiveX exploit (browser-plugins.rules)
 * 1:16069 <-> DISABLED <-> SERVER-OTHER IBM Informix server argument processing overflow attempt (server-other.rules)
 * 1:16070 <-> DISABLED <-> FILE-OTHER X.org PCF parsing buffer overflow attempt (file-other.rules)
 * 1:16071 <-> DISABLED <-> SERVER-OTHER CA ARCServe Backup Discovery Service denial of service attempt (server-other.rules)
 * 1:16072 <-> DISABLED <-> SERVER-OTHER CUPS server query metacharacter buffer overflow attempt (server-other.rules)
 * 1:16073 <-> DISABLED <-> OS-WINDOWS MS-SQL convert function unicode overflow (os-windows.rules)
 * 1:16076 <-> DISABLED <-> SERVER-OTHER Tripwire format string vulnerability nfs exploit attempt (server-other.rules)
 * 1:16077 <-> DISABLED <-> SERVER-OTHER Tripwire format string vulnerability ftp exploit attempt (server-other.rules)
 * 1:16079 <-> DISABLED <-> SERVER-WEBAPP uselang code injection (server-webapp.rules)
 * 1:16080 <-> DISABLED <-> SERVER-OTHER KAME racoon X509 certificate verification bypass attempt (server-other.rules)
 * 1:16087 <-> DISABLED <-> FILE-OTHER Multiple vendor AV gateway virus detection bypass attempt (file-other.rules)
 * 1:16089 <-> DISABLED <-> OS-WINDOWS Microsoft Windows embedded web font handling buffer overflow attempt (os-windows.rules)
 * 1:16090 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Core XML core services XMLHTTP control open method code execution attempt (browser-plugins.rules)
 * 1:16091 <-> DISABLED <-> SERVER-OTHER Macromedia Flash Media Server administration service denial of service attempt (server-other.rules)
 * 1:16142 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox PKCS11 module installation code execution attempt (browser-firefox.rules)
 * 1:16143 <-> DISABLED <-> FILE-IDENTIFY Microsoft asf file magic detected (file-identify.rules)
 * 1:16145 <-> DISABLED <-> BROWSER-WEBKIT Apple Safari Webkit floating point buffer overflow attempt (browser-webkit.rules)
 * 1:16147 <-> DISABLED <-> SERVER-IIS Microsoft Windows IIS malformed URL .dll denial of service attempt (server-iis.rules)
 * 1:16148 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime and iTunes heap memory corruption attempt (file-multimedia.rules)
 * 1:16149 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer data stream header remote code execution attempt (browser-ie.rules)
 * 1:16151 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer unitialized or deleted object access attempt (browser-ie.rules)
 * 1:16152 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer table layout unitialized or deleted object access attempt (browser-ie.rules)
 * 1:16157 <-> DISABLED <-> OS-WINDOWS Microsoft Windows malformed ASF voice codec memory corruption attempt (os-windows.rules)
 * 1:16159 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Office Excel Add-in for SQL Analysis Services 1 ActiveX clsid access (browser-plugins.rules)
 * 1:16161 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Office Excel Add-in for SQL Analysis Services 2 ActiveX clsid access (browser-plugins.rules)
 * 1:16163 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Office Excel Add-in for SQL Analysis Services 3 ActiveX clsid access (browser-plugins.rules)
 * 1:16165 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Office Excel Add-in for SQL Analysis Services 4 ActiveX clsid access (browser-plugins.rules)
 * 1:16168 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMBv2 integer overflow denial of service attempt (os-windows.rules)
 * 1:16169 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer dynamic style update memory corruption attempt (browser-ie.rules)
 * 1:16172 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader U3D line set heap corruption attempt (file-pdf.rules)
 * 1:16173 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader U3D progressive mesh continuation pointer overwrite attempt (file-pdf.rules)
 * 1:16174 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader U3D progressive mesh continuation off by one index attempt (file-pdf.rules)
 * 1:16175 <-> DISABLED <-> FILE-PDF Adobe collab.removeStateModel denial of service attempt (file-pdf.rules)
 * 1:16176 <-> DISABLED <-> FILE-PDF Adobe collab.addStateModel remote corruption attempt (file-pdf.rules)
 * 1:16177 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word GDI+ Office Art Property Table remote code execution attempt (file-office.rules)
 * 1:16178 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel GDI+ Office Art Property Table remote code execution attempt (file-office.rules)
 * 1:16181 <-> DISABLED <-> OS-WINDOWS Microsoft Windows CryptoAPI ASN.1 integer overflow attempt (os-windows.rules)
 * 1:16183 <-> DISABLED <-> FILE-EXECUTABLE Microsoft Windows .NET MSIL CombineImpl suspicious usage attempt (file-executable.rules)
 * 1:16184 <-> DISABLED <-> FILE-IMAGE Microsoft Windows GDI+ TIFF file parsing heap overflow attempt (file-image.rules)
 * 1:16185 <-> DISABLED <-> OS-WINDOWS Microsoft Windows GDI+ compressed TIFF file parsing remote code execution attempt (os-windows.rules)
 * 1:16186 <-> DISABLED <-> FILE-IMAGE Microsoft Windows GDI+ interlaced PNG file parsing heap overflow attempt (file-image.rules)
 * 1:16187 <-> DISABLED <-> OS-WINDOWS Microsoft Windows DirectShow MJPEG arbitrary code execution attempt (os-windows.rules)
 * 1:16189 <-> DISABLED <-> SERVER-ORACLE Database REPCAT_RPC.VALIDATE_REMOTE_RC SQL injection attempt (server-oracle.rules)
 * 1:16190 <-> DISABLED <-> SERVER-ORACLE Oracle Secure Backup Administration server property_box.php command injection attempt (server-oracle.rules)
 * 1:16191 <-> DISABLED <-> SERVER-ORACLE Oracle Secure Backup Administration server authentication bypass attempt - via GET (server-oracle.rules)
 * 1:16192 <-> DISABLED <-> SERVER-ORACLE Secure Backup Administration server authentication bypass attempt (server-oracle.rules)
 * 1:16193 <-> DISABLED <-> SERVER-MAIL Novell GroupWise Internet Agent SMTP AUTH LOGIN command buffer overflow attempt (server-mail.rules)
 * 1:16194 <-> DISABLED <-> SERVER-WEBAPP Novell eDirectory HTTP request content-length heap buffer overflow attempt (server-webapp.rules)
 * 1:16195 <-> DISABLED <-> SERVER-WEBAPP Novell eDirectory HTTP request content-length heap buffer overflow attempt (server-webapp.rules)
 * 1:16197 <-> DISABLED <-> SERVER-OTHER OpenLDAP ber_get_next BER decoding denial of service attempt (server-other.rules)
 * 1:16198 <-> DISABLED <-> SERVER-APACHE Apache mod_auth_pgsql module logging facility format string exploit attempt (server-apache.rules)
 * 1:16199 <-> DISABLED <-> SERVER-MAIL SpamAssassin long message header denial of service attempt (server-mail.rules)
 * 1:16200 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox command line URL shell command injection attempt (browser-firefox.rules)
 * 1:16201 <-> DISABLED <-> SERVER-MAIL Ipswitch Collaboration Suite SMTP format string exploit attempt (server-mail.rules)
 * 1:16204 <-> DISABLED <-> SERVER-OTHER HP OpenView Network Node Manager ovlaunch host field overflow attempt (server-other.rules)
 * 1:16205 <-> ENABLED <-> FILE-IDENTIFY BMP file download request (file-identify.rules)
 * 1:16206 <-> DISABLED <-> OS-WINDOWS Microsoft Windows DNS server spoofing attempt (os-windows.rules)
 * 1:16207 <-> DISABLED <-> SERVER-WEBAPP MIT Kerberos V% KAdminD klog_vsyslog server overflow attempt (server-webapp.rules)
 * 1:16208 <-> DISABLED <-> SERVER-MSSQL Microsoft SQL Server Distributed Management Objects overflow attempt (server-mssql.rules)
 * 1:16209 <-> DISABLED <-> SERVER-OTHER FreeRADIUS RADIUS server rad_decode remote denial of service attempt (server-other.rules)
 * 1:16214 <-> DISABLED <-> SERVER-OTHER Squid Proxy invalid HTTP response code denial of service attempt (server-other.rules)
 * 1:16215 <-> DISABLED <-> SERVER-ORACLE Oracle Application Server Portal cross site scripting attempt (server-oracle.rules)
 * 1:16216 <-> DISABLED <-> SERVER-OTHER IBM Tivoli Provisioning Manager for OS deployment HTTP server buffer attempt (server-other.rules)
 * 1:16217 <-> DISABLED <-> SERVER-OTHER HP OpenView Network Node Manager ovalarmsrv opcode 45 integer overflow (server-other.rules)
 * 1:16220 <-> DISABLED <-> FILE-OTHER Adobe Shockwave director file malformed lcsr block memory corruption attempt (file-other.rules)
 * 1:16223 <-> DISABLED <-> FILE-OTHER Adobe Shockwave tSAC pointer overwrite attempt (file-other.rules)
 * 1:16225 <-> DISABLED <-> FILE-OTHER Adobe Shockwave Flash arbitrary memory access attempt (file-other.rules)
 * 1:16226 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel integer field in row record improper validation remote code execution attempt (file-office.rules)
 * 1:16229 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel oversized ib memory corruption attempt (file-office.rules)
 * 1:16231 <-> DISABLED <-> FILE-PDF Microsoft Windows kernel-mode drivers core font parsing integer overflow attempt (file-pdf.rules)
 * 1:16233 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel oversized ptgFuncVar cparams value buffer overflow attempt (file-office.rules)
 * 1:16234 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word Document remote code execution attempt (file-office.rules)
 * 1:16235 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel file SXDB record exploit attempt (file-office.rules)
 * 1:16236 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel file SxView record exploit attempt (file-office.rules)
 * 1:16238 <-> DISABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP llsrpc2 LlsrLicenseRequestW overflow attempt (os-windows.rules)
 * 1:16239 <-> DISABLED <-> OS-WINDOWS DCERPC NCADG-IP-UDP llsrpc2 LlsrLicenseRequestW overflow attempt (os-windows.rules)
 * 1:16240 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel file Window/Pane record exploit attempt (file-office.rules)
 * 1:16241 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel FeatHdr BIFF record remote code execution attempt (file-office.rules)
 * 1:16281 <-> DISABLED <-> PUA-P2P BitTorrent scrape request (pua-p2p.rules)
 * 1:16284 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox ClearTextRun exploit attempt (browser-firefox.rules)
 * 1:16285 <-> DISABLED <-> PROTOCOL-RPC AIX ttdbserv function 15 buffer overflow attempt (protocol-rpc.rules)
 * 1:16287 <-> DISABLED <-> OS-WINDOWS SMB Negotiate Protocol response DoS attempt (os-windows.rules)
 * 1:16288 <-> DISABLED <-> FILE-JAVA Oracle Java Runtime AWT setDiffICM stack buffer overflow attempt (file-java.rules)
 * 1:16290 <-> DISABLED <-> SERVER-ORACLE Oracle database server CREATE_TABLES SQL injection attempt (server-oracle.rules)
 * 1:16291 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Network Security Services regexp heap overflow attempt (browser-firefox.rules)
 * 1:16293 <-> DISABLED <-> FILE-OTHER Adobe Shockwave Flash memory corruption attempt (file-other.rules)
 * 1:16295 <-> DISABLED <-> FILE-OTHER Kaspersky antivirus library heap buffer overflow - without optional fields (file-other.rules)
 * 1:16296 <-> DISABLED <-> FILE-OTHER Kaspersky antivirus library heap buffer overflow - with optional fields (file-other.rules)
 * 1:16305 <-> DISABLED <-> BROWSER-PLUGINS Symantec Altiris Deployment Solution ActiveX clsid access (browser-plugins.rules)
 * 1:16307 <-> DISABLED <-> BROWSER-PLUGINS Symantec Altiris Deployment Solution ActiveX function call access (browser-plugins.rules)
 * 1:16309 <-> DISABLED <-> SERVER-ORACLE auth_sesskey buffer overflow attempt (server-oracle.rules)
 * 1:1631 <-> DISABLED <-> POLICY-SOCIAL AIM login (policy-social.rules)
 * 1:16310 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 6/7 outerHTML invalid reference arbitrary code execution attempt (browser-ie.rules)
 * 1:16311 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 6/7 single line outerHTML invalid reference arbitrary code execution attempt (browser-ie.rules)
 * 1:16312 <-> DISABLED <-> SERVER-IIS ADFS custom header arbitrary code execution attempt  (server-iis.rules)
 * 1:16314 <-> DISABLED <-> FILE-OFFICE Microsoft Windows WordPad and Office text converter integer overflow attempt (file-office.rules)
 * 1:16316 <-> DISABLED <-> FILE-FLASH Adobe Flash Player malformed getPropertyLate actioncode attempt (file-flash.rules)
 * 1:16317 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer mouse move during refresh memory corruption attempt (browser-ie.rules)
 * 1:16318 <-> DISABLED <-> FILE-OFFICE Microsoft Office Visio invalid ho tag attempt (file-office.rules)
 * 1:16319 <-> DISABLED <-> BROWSER-IE Apple Safari-Internet Explorer SearchPath blended threat attempt (browser-ie.rules)
 * 1:16321 <-> DISABLED <-> FILE-IMAGE Adobe tiff oversized image length attempt (file-image.rules)
 * 1:16322 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader oversized object width attempt (file-pdf.rules)
 * 1:16323 <-> DISABLED <-> FILE-PDF Adobe JPEG2k uninitialized QCC memory corruption attempt (file-pdf.rules)
 * 1:16324 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader doc.export arbitrary file write attempt (file-pdf.rules)
 * 1:16325 <-> DISABLED <-> FILE-PDF Adobe JPEG2k uninitialized QCC memory corruption attempt (file-pdf.rules)
 * 1:16327 <-> DISABLED <-> OS-WINDOWS Microsoft Windows GDI+ TIFF RLE compressed data buffer overflow attempt (os-windows.rules)
 * 1:16328 <-> DISABLED <-> FILE-OFFICE Microsoft Office Project file parsing arbitrary memory access attempt (file-office.rules)
 * 1:16333 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader media.newPlayer memory corruption attempt (file-pdf.rules)
 * 1:16334 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader compressed media.newPlayer memory corruption attempt (file-pdf.rules)
 * 1:16335 <-> DISABLED <-> FILE-PDF XPDF ObjectStream integer overflow (file-pdf.rules)
 * 1:16339 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer object clone deletion memory corruption attempt - obfuscated (browser-ie.rules)
 * 1:16340 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Media Player DHTML Editing ActiveX clsid access (browser-plugins.rules)
 * 1:16341 <-> DISABLED <-> SERVER-OTHER IBM DB2 Database Server invalid data stream denial of service attempt (server-other.rules)
 * 1:16342 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows AVIFile truncated media file processing memory corruption attempt (file-multimedia.rules)
 * 1:16344 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox top-level script object offset calculation memory corruption attempt (browser-firefox.rules)
 * 1:16345 <-> DISABLED <-> FILE-OTHER IBM Informix Client SDK NFX file HostList processing stack buffer overflow attempt (file-other.rules)
 * 1:16346 <-> DISABLED <-> FILE-OTHER IBM Informix Client SDK NFX file InformixServerList processing stack buffer overflow attempt (file-other.rules)
 * 1:16347 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox browser engine memory corruption attempt (browser-firefox.rules)
 * 1:16348 <-> DISABLED <-> SERVER-MYSQL database PROCEDURE ANALYSE denial of service attempt - 1 (server-mysql.rules)
 * 1:16349 <-> DISABLED <-> SERVER-MYSQL database Procedure Analyse denial of service attempt - 2 (server-mysql.rules)
 * 1:16352 <-> DISABLED <-> OS-LINUX Linux Kernel NFSD Subsystem overflow attempt (os-linux.rules)
 * 1:16353 <-> DISABLED <-> FILE-MULTIMEDIA FFmpeg OGV file format memory corruption attempt (file-multimedia.rules)
 * 1:16354 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader start-of-file alternate header obfuscation (file-pdf.rules)
 * 1:16355 <-> DISABLED <-> FILE-PDF Xpdf Splash DrawImage integer overflow attempt (file-pdf.rules)
 * 1:16356 <-> DISABLED <-> SERVER-IIS multiple extension code execution attempt (server-iis.rules)
 * 1:16357 <-> DISABLED <-> PROTOCOL-FTP multiple extension code execution attempt (protocol-ftp.rules)
 * 1:16359 <-> DISABLED <-> FILE-OTHER Adobe Illustrator DSC comment overflow attempt (file-other.rules)
 * 1:16360 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime Image Description Atom sign extension memory corruption attempt (file-multimedia.rules)
 * 1:16361 <-> DISABLED <-> FILE-OFFICE Microsoft Office BMP header biClrUsed integer overflow attempt (file-office.rules)
 * 1:16362 <-> ENABLED <-> MALWARE-CNC SpyForms malware call home (malware-cnc.rules)
 * 1:16364 <-> DISABLED <-> SERVER-OTHER IBM DB2 database server SQLSTT denial of service attempt (server-other.rules)
 * 1:16365 <-> DISABLED <-> PUA-ADWARE OnlineGames download attempt (pua-adware.rules)
 * 1:16367 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer invalid object access memory corruption attempt (browser-ie.rules)
 * 1:16369 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer deleted object access memory corruption attempt - public exploit (browser-ie.rules)
 * 1:16373 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader U3D CLODMeshContinuation code execution attempt (file-pdf.rules)
 * 1:16376 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer onPropertyChange deleteTable memory corruption attempt (browser-ie.rules)
 * 1:16377 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer DOM mergeAttributes memory corruption attempt (browser-ie.rules)
 * 1:16378 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer deleted object cells reference memory corruption vulnerability (browser-ie.rules)
 * 1:16379 <-> DISABLED <-> BROWSER-PLUGINS SAP AG SAPgui sapirrfc ActiveX clsid access (browser-plugins.rules)
 * 1:16383 <-> DISABLED <-> SERVER-ORACLE MDSYS drop table trigger injection attempt (server-oracle.rules)
 * 1:16384 <-> DISABLED <-> SERVER-OTHER VMware Server ISAPI Extension remote denial of service attempt (server-other.rules)
 * 1:16385 <-> DISABLED <-> SERVER-MYSQL yaSSL library cert parsing stack overflow attempt (server-mysql.rules)
 * 1:16390 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader alternate file magic obfuscation (file-pdf.rules)
 * 1:16392 <-> DISABLED <-> SERVER-WEBAPP Oracle Java System Web Server 7.0u7 authorization digest heap overflow (server-webapp.rules)
 * 1:16409 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint improper filename remote code execution attempt (file-office.rules)
 * 1:16410 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint file LinkedSlide10Atom record parsing heap corruption attempt (file-office.rules)
 * 1:16414 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Shell Handler remote code execution attempt (os-windows.rules)
 * 1:16417 <-> DISABLED <-> OS-WINDOWS SMB Negotiate Protocol Response overflow attempt (os-windows.rules)
 * 1:16423 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 7/8 execute local file in Internet zone redirect attempt (browser-ie.rules)
 * 1:16424 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Script Host Shell Object ActiveX clsid access (browser-plugins.rules)
 * 1:16429 <-> DISABLED <-> SERVER-WEBAPP Novell iManager eDirectory plugin schema buffer overflow attempt - GET request (server-webapp.rules)
 * 1:16430 <-> DISABLED <-> SERVER-WEBAPP Novell iManager eDirectory plugin schema buffer overflow attempt - POST request (server-webapp.rules)
 * 1:16432 <-> DISABLED <-> BROWSER-PLUGINS Trend Micro Web Deployment ActiveX clsid access (browser-plugins.rules)
 * 1:16437 <-> DISABLED <-> SERVER-OTHER CVS Entry line flag remote heap overflow attempt (server-other.rules)
 * 1:16438 <-> DISABLED <-> SERVER-ORACLE WebLogic Server Node Manager arbitrary command execution attempt (server-oracle.rules)
 * 1:16444 <-> DISABLED <-> SERVER-OTHER HP StorageWorks storage mirroring double take service code execution attempt (server-other.rules)
 * 1:16445 <-> DISABLED <-> PROTOCOL-VOIP Digium Asterisk IAX2 ack response denial of service attempt (protocol-voip.rules)
 * 1:16452 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer .hlp samba share download attempt (browser-ie.rules)
 * 1:16454 <-> DISABLED <-> OS-WINDOWS SMB Negotiate Protocol response DoS attempt - empty SMB 2 (os-windows.rules)
 * 1:16462 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel BIFF8 formulas from records parsing code execution attempt (file-office.rules)
 * 1:16463 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel BIFF5 formulas from records parsing code execution attempt (file-office.rules)
 * 1:16466 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel uninitialized stack variable code execution attempt (file-office.rules)
 * 1:16467 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel 2007 invalid comments.xml uninitialized pointer access attempt 1 (file-office.rules)
 * 1:16468 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel 2007 invalid comments.xml uninitialized pointer access attempt 2 (file-office.rules)
 * 1:16469 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel DbOrParamQry.fOdbcConn parsing remote code execution attempt (file-office.rules)
 * 1:16470 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel DbOrParamQry.fWeb parsing remote code execution attempt (file-office.rules)
 * 1:16471 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel DbOrParamQry.fWeb parsing remote code execution attempt (file-office.rules)
 * 1:16473 <-> DISABLED <-> FILE-IDENTIFY Microsoft Windows Movie Maker project file download request (file-identify.rules)
 * 1:16474 <-> DISABLED <-> FILE-IDENTIFY Microsoft Compound File Binary v3 file magic detected (file-identify.rules)
 * 1:16479 <-> DISABLED <-> SERVER-APACHE Apache mod_isapi dangling pointer exploit attempt - public shell code (server-apache.rules)
 * 1:16480 <-> DISABLED <-> SERVER-APACHE Apache mod_isapi dangling pointer exploit attempt (server-apache.rules)
 * 1:16481 <-> DISABLED <-> BROWSER-OTHER Opera Content-Length header integer overflow attempt (browser-other.rules)
 * 1:16482 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer userdata behavior memory corruption attempt (browser-ie.rules)
 * 1:16490 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malformed TIFF remote code execution attempt (file-pdf.rules)
 * 1:16494 <-> DISABLED <-> PUA-ADWARE Cutwail spambot server communication attempt (pua-adware.rules)
 * 1:16498 <-> DISABLED <-> PUA-ADWARE PC Antispyware 2010 FakeAV download/update attempt (pua-adware.rules)
 * 1:16501 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox WOFF font processing integer overflow attempt - TrueType (browser-firefox.rules)
 * 1:16502 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox WOFF font processing integer overflow attempt - CFF-based (browser-firefox.rules)
 * 1:16506 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer innerHTML against incomplete element heap corruption attempt (browser-ie.rules)
 * 1:16508 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 8 non-IE8 compatibility mode htmltime remote code execution attempt (browser-ie.rules)
 * 1:16510 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Tabular Control ActiveX overflow by CLSID (browser-plugins.rules)
 * 1:16511 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Tabular Control ActiveX overflow by ProgID (browser-plugins.rules)
 * 1:16512 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer malformed span/div html document heap corruption attempt (browser-ie.rules)
 * 1:16514 <-> DISABLED <-> PUA-OTHER Trillian AIM XML tag handling heap buffer overflow attempt (pua-other.rules)
 * 1:16516 <-> DISABLED <-> SERVER-ORACLE Database sys.olapimpl_t package odcitablestart overflow attempt (server-oracle.rules)
 * 1:16517 <-> DISABLED <-> FILE-OTHER Free Download Manager .torrent parsing comment overflow attempt (file-other.rules)
 * 1:16518 <-> DISABLED <-> FILE-OTHER Free Download Manager .torrent parsing announce overflow attempt (file-other.rules)
 * 1:16519 <-> DISABLED <-> FILE-OTHER Free Download Manager .torrent parsing name overflow attempt (file-other.rules)
 * 1:16520 <-> DISABLED <-> FILE-OTHER Free Download Manager .torrent parsing path overflow attempt (file-other.rules)
 * 1:16522 <-> DISABLED <-> SERVER-OTHER Novell QuickFinder server cross-site-scripting attempt (server-other.rules)
 * 1:16523 <-> DISABLED <-> FILE-PDF PDF with click-to-launch executable (file-pdf.rules)
 * 1:16524 <-> DISABLED <-> PROTOCOL-FTP ProFTPD username sql injection attempt (protocol-ftp.rules)
 * 1:16525 <-> DISABLED <-> POLICY-SOCIAL Microsoft MSN Messenger web login attempt (policy-social.rules)
 * 1:16535 <-> DISABLED <-> FILE-OFFICE Microsoft Office Visio improper attribute code execution attempt (file-office.rules)
 * 1:16536 <-> DISABLED <-> FILE-OFFICE Microsoft Office Visio off-by-one in array index code execution attempt (file-office.rules)
 * 1:16537 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Media Player ActiveX unknow compression algorithm use arbitrary code execution attempt (browser-plugins.rules)
 * 1:16538 <-> DISABLED <-> NETBIOS NT QUERY SECURITY DESC flowbit (netbios.rules)
 * 1:16539 <-> DISABLED <-> OS-WINDOWS SMBv1 BytesNeeded ring0 buffer overflow attempt (os-windows.rules)
 * 1:16540 <-> DISABLED <-> OS-WINDOWS SMB2 client NetBufferList NULL entry remote code execution attempt (os-windows.rules)
 * 1:16541 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Media Service stack overflow attempt (os-windows.rules)
 * 1:16543 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows Media Player codec code execution attempt (file-multimedia.rules)
 * 1:16546 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader/Acrobat Pro CFF font parsing heap overflow attempt (file-pdf.rules)
 * 1:16549 <-> DISABLED <-> FILE-OTHER Oracle JRE Java Platform SE and Java Deployment Toolkit plugins code execution attempt - npruntime-scriptable-plugin (file-other.rules)
 * 1:16550 <-> DISABLED <-> FILE-OTHER Oracle JRE Java Platform SE and Java Deployment Toolkit plugins code execution attempt - java-deployment-toolkit (file-other.rules)
 * 1:16552 <-> DISABLED <-> FILE-IDENTIFY Adobe .pfb file download request (file-identify.rules)
 * 1:16553 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel ptg index parsing code execution attempt (file-office.rules)
 * 1:16554 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader javascript getIcon method buffer overflow attempt (file-pdf.rules)
 * 1:16555 <-> DISABLED <-> SERVER-WEBAPP HP Openview Network Node Manager OvAcceptLang overflow attempt (server-webapp.rules)
 * 1:16560 <-> DISABLED <-> SERVER-WEBAPP Microsoft Office SharePoint XSS attempt (server-webapp.rules)
 * 1:16565 <-> DISABLED <-> BROWSER-PLUGINS Ultra Shareware Office Control ActiveX clsid access (browser-plugins.rules)
 * 1:16568 <-> DISABLED <-> BROWSER-PLUGINS Altnet Download Manager ADM4 ActiveX clsid access (browser-plugins.rules)
 * 1:16569 <-> DISABLED <-> BROWSER-PLUGINS EnjoySAP kweditcontrol ActiveX clsid access (browser-plugins.rules)
 * 1:16571 <-> DISABLED <-> BROWSER-PLUGINS EnjoySAP kweditcontrol ActiveX function call access (browser-plugins.rules)
 * 1:16573 <-> DISABLED <-> BROWSER-PLUGINS obfuscated ActiveX object instantiation via unescape (browser-plugins.rules)
 * 1:16574 <-> DISABLED <-> BROWSER-PLUGINS obfuscated ActiveX object instantiation via fromCharCode (browser-plugins.rules)
 * 1:16575 <-> DISABLED <-> BROWSER-PLUGINS RKD Software BarCode ActiveX buffer overflow attempt (browser-plugins.rules)
 * 1:16576 <-> DISABLED <-> SERVER-OTHER RealNetworks Helix AgentX receive_agentx stack buffer overflow attempt (server-other.rules)
 * 1:16578 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Media Encoder 9 ActiveX buffer overflow attempt (os-windows.rules)
 * 1:16580 <-> DISABLED <-> BROWSER-PLUGINS NCTAudioFile2 ActiveX clsid access via object tag (browser-plugins.rules)
 * 1:16582 <-> DISABLED <-> FILE-OTHER Un4seen Developments XMPlay crafted ASX file buffer overflow attempt (file-other.rules)
 * 1:16584 <-> DISABLED <-> BROWSER-IE Oracle Java Web Start arbitrary command execution attempt - Internet Explorer (browser-ie.rules)
 * 1:16586 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word Document remote code execution attempt (file-office.rules)
 * 1:16587 <-> DISABLED <-> FILE-OTHER Symantec multiple products AeXNSConsoleUtilities buffer overflow attempt (file-other.rules)
 * 1:16588 <-> DISABLED <-> BROWSER-PLUGINS iseemedia LPViewer ActiveX clsid access (browser-plugins.rules)
 * 1:16589 <-> DISABLED <-> BROWSER-PLUGINS iseemedia LPViewer ActiveX function call access (browser-plugins.rules)
 * 1:16590 <-> DISABLED <-> BROWSER-PLUGINS Oracle EasyMail Objects ActiveX exploit attempt (browser-plugins.rules)
 * 1:16592 <-> DISABLED <-> BROWSER-OTHER Opera asynchronous document modifications attempted memory corruption (browser-other.rules)
 * 1:16593 <-> DISABLED <-> FILE-OFFICE Microsoft VBE6.dll stack corruption attempt (file-office.rules)
 * 1:16595 <-> DISABLED <-> SERVER-MAIL Microsoft Windows Mail remote code execution attempt (server-mail.rules)
 * 1:16597 <-> DISABLED <-> SERVER-MAIL Novell GroupWise Internet Agent Email address processing buffer overflow attempt (server-mail.rules)
 * 1:16598 <-> DISABLED <-> SERVER-OTHER Green Dam URL handling overflow attempt (server-other.rules)
 * 1:16599 <-> DISABLED <-> BROWSER-PLUGINS AtHocGov IWSAlerts ActiveX control buffer overflow attempt (browser-plugins.rules)
 * 1:16602 <-> DISABLED <-> BROWSER-PLUGINS Microsoft DirectShow 3 ActiveX exploit via JavaScript (browser-plugins.rules)
 * 1:16604 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Network Node Manager ovalarm.exe Accept-Language buffer overflow attempt (server-webapp.rules)
 * 1:16605 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer nested SPAN tag memory corruption attempt (browser-ie.rules)
 * 1:16606 <-> DISABLED <-> SERVER-ORACLE BEA WebLogic Server Plug-ins Certificate overflow attempt (server-oracle.rules)
 * 1:16607 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer RAM Download Handler ActiveX control access attempt (browser-plugins.rules)
 * 1:16608 <-> DISABLED <-> BROWSER-PLUGINS HP Mercury Quality Center SPIDERLib ActiveX control access attempt (browser-plugins.rules)
 * 1:16609 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer ActiveX Import playlist name buffer overflow attempt (browser-plugins.rules)
 * 1:1661 <-> DISABLED <-> SERVER-IIS cmd32.exe access (server-iis.rules)
 * 1:16610 <-> DISABLED <-> BROWSER-PLUGINS IBM Access Support ActiveX GetXMLValue method buffer overflow attempt (browser-plugins.rules)
 * 1:16611 <-> DISABLED <-> SERVER-APACHE Apache 413 error HTTP request method cross-site scripting attack (server-apache.rules)
 * 1:16613 <-> DISABLED <-> INDICATOR-COMPROMISE c99shell.php command request - cmd (indicator-compromise.rules)
 * 1:16614 <-> DISABLED <-> INDICATOR-COMPROMISE c99shell.php command request - search (indicator-compromise.rules)
 * 1:16615 <-> DISABLED <-> INDICATOR-COMPROMISE c99shell.php command request - upload (indicator-compromise.rules)
 * 1:16616 <-> DISABLED <-> INDICATOR-COMPROMISE c99shell.php command request - about (indicator-compromise.rules)
 * 1:16617 <-> DISABLED <-> INDICATOR-COMPROMISE c99shell.php command request - encoder (indicator-compromise.rules)
 * 1:16618 <-> DISABLED <-> INDICATOR-COMPROMISE c99shell.php command request - bind (indicator-compromise.rules)
 * 1:16619 <-> DISABLED <-> INDICATOR-COMPROMISE c99shell.php command request - ps_aux (indicator-compromise.rules)
 * 1:16620 <-> DISABLED <-> INDICATOR-COMPROMISE c99shell.php command request - ftpquickbrute (indicator-compromise.rules)
 * 1:16621 <-> DISABLED <-> INDICATOR-COMPROMISE c99shell.php command request - security (indicator-compromise.rules)
 * 1:16622 <-> DISABLED <-> INDICATOR-COMPROMISE c99shell.php command request - sql (indicator-compromise.rules)
 * 1:16623 <-> DISABLED <-> INDICATOR-COMPROMISE c99shell.php command request - eval (indicator-compromise.rules)
 * 1:16624 <-> DISABLED <-> INDICATOR-COMPROMISE c99shell.php command request - feedback (indicator-compromise.rules)
 * 1:16625 <-> DISABLED <-> INDICATOR-COMPROMISE c99shell.php command request - selfremove (indicator-compromise.rules)
 * 1:16626 <-> DISABLED <-> INDICATOR-COMPROMISE c99shell.php command request - fsbuff (indicator-compromise.rules)
 * 1:16627 <-> DISABLED <-> INDICATOR-COMPROMISE c99shell.php command request - ls (indicator-compromise.rules)
 * 1:16628 <-> DISABLED <-> INDICATOR-COMPROMISE c99shell.php command request - phpinfo (indicator-compromise.rules)
 * 1:16631 <-> DISABLED <-> BROWSER-WEBKIT Apple Safari image use after remove attempt (browser-webkit.rules)
 * 1:16632 <-> DISABLED <-> BROWSER-WEBKIT Apple Safari image use after reparent attempt (browser-webkit.rules)
 * 1:16633 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader File containing Flash use-after-free attack attempt (file-pdf.rules)
 * 1:16634 <-> DISABLED <-> FILE-FLASH Adobe Flash use-after-free attack attempt (file-flash.rules)
 * 1:16636 <-> DISABLED <-> OS-WINDOWS Microsoft Windows .NET framework XMLDsig data tampering attempt  (os-windows.rules)
 * 1:16637 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer security zone restriction bypass attempt (browser-ie.rules)
 * 1:16638 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel OBJ record stack buffer overflow attempt (file-office.rules)
 * 1:16639 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel OBJ record stack buffer overflow attempt - with macro (file-office.rules)
 * 1:16640 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel OBJ record stack buffer overflow attempt - with linkFmla (file-office.rules)
 * 1:16641 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel OBJ record stack buffer overflow attempt - with macro and linkFmla (file-office.rules)
 * 1:16643 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel Chart Sheet Substream memory corruption attempt (file-office.rules)
 * 1:16644 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel WOpt record memory corruption attempt (file-office.rules)
 * 1:16645 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel SxView record memory pointer corruption attempt (file-office.rules)
 * 1:16646 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel RealTimeData record stack buffer overflow attempt (file-office.rules)
 * 1:16647 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel RealTimeData record heap memory corruption attempt - 2 (file-office.rules)
 * 1:16648 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel RealTimeData record heap memory corruption attempt - 1 (file-office.rules)
 * 1:16650 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel ExternName record stack buffer overflow attempt - 1 (file-office.rules)
 * 1:16651 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel ExternName record stack buffer overflow attempt - 2 (file-office.rules)
 * 1:16652 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel ExternName record stack buffer overflow attempt - 3 (file-office.rules)
 * 1:16653 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel ExternName record stack buffer overflow attempt - 4 (file-office.rules)
 * 1:16654 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel Publisher record heap buffer overflow attempt (file-office.rules)
 * 1:16655 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel Lbl record stack overflow attempt (file-office.rules)
 * 1:16656 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel BIFF5 ExternSheet record stack overflow attempt (file-office.rules)
 * 1:16657 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel DBQueryExt record memory corruption attempt (file-office.rules)
 * 1:16659 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer style sheet array memory corruption attempt (browser-ie.rules)
 * 1:16660 <-> DISABLED <-> SERVER-WEBAPP Microsoft Office SharePoint Server 2007 help.aspx denial of service attempt (server-webapp.rules)
 * 1:16661 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows DirectX quartz.dll MJPEG content processing memory corruption attempt (file-multimedia.rules)
 * 1:16664 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader authplay.dll vulnerability exploit attempt (file-pdf.rules)
 * 1:16665 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Help Centre escape sequence XSS attempt (os-windows.rules)
 * 1:16666 <-> DISABLED <-> BROWSER-WEBKIT Apple Safari window.parent.close unspecified remote code execution vulnerability (browser-webkit.rules)
 * 1:16667 <-> DISABLED <-> BROWSER-CHROME Google Chrome GURL cross origin bypass attempt - 1 (browser-chrome.rules)
 * 1:16668 <-> DISABLED <-> BROWSER-CHROME Google Chrome GURL cross origin bypass attempt - 2 (browser-chrome.rules)
 * 1:16671 <-> DISABLED <-> BROWSER-PLUGINS IBM Lotus Domino Web Access ActiveX exploit attempt (browser-plugins.rules)
 * 1:16672 <-> DISABLED <-> BROWSER-PLUGINS Symantec Backup Exec ActiveX control buffer overflow attempt (browser-plugins.rules)
 * 1:16674 <-> ENABLED <-> SERVER-WEBAPP HP OpenView CGI parameter buffer overflow attempt (server-webapp.rules)
 * 1:16675 <-> DISABLED <-> BROWSER-PLUGINS CA BrightStor ListCtrl ActiveX control access (browser-plugins.rules)
 * 1:16676 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malformed FlateDecode colors declaration (file-pdf.rules)
 * 1:16677 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malformed FlateDecode colors declaration (file-pdf.rules)
 * 1:16678 <-> DISABLED <-> SERVER-WEBAPP Tandberg VCS local file disclosure attempt (server-webapp.rules)
 * 1:16679 <-> DISABLED <-> OS-WINDOWS Microsoft Windows GDIplus integer overflow attempt (os-windows.rules)
 * 1:16681 <-> DISABLED <-> SERVER-WEBAPP Basic Authorization string overflow attempt (server-webapp.rules)
 * 1:16682 <-> DISABLED <-> SERVER-WEBAPP Oracle ONE Web Server JSP source code disclosure attempt (server-webapp.rules)
 * 1:16683 <-> DISABLED <-> FILE-MULTIMEDIA Nullsoft Winamp CAF file processing integer overflow attempt (file-multimedia.rules)
 * 1:16685 <-> DISABLED <-> SERVER-OTHER IBM Tivoli Storage Manager Client dsmagent.exe NodeName length buffer overflow attempt (server-other.rules)
 * 1:16686 <-> DISABLED <-> SERVER-OTHER IBM WebSphere application server cross site scripting attempt (server-other.rules)
 * 1:16687 <-> DISABLED <-> BROWSER-PLUGINS Juniper Networks SSL-VPN Client JuniperSetup ActiveX control buffer overflow attempt (browser-plugins.rules)
 * 1:16689 <-> DISABLED <-> SERVER-OTHER Palo Alto Networks Firewall editUser.esp XSS attempt (server-other.rules)
 * 1:16690 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer createTextRange code execution attempt (browser-ie.rules)
 * 1:16694 <-> DISABLED <-> SERVER-OTHER RealNetworks Helix Server RTSP SETUP request denial of service attempt (server-other.rules)
 * 1:16695 <-> ENABLED <-> MALWARE-CNC Rogue AV download/update (malware-cnc.rules)
 * 1:16696 <-> DISABLED <-> FILE-OTHER Astonsoft Deepburner db file path buffer overflow attempt (file-other.rules)
 * 1:16699 <-> DISABLED <-> PROTOCOL-RPC Linux Kernel nfsd v2 udp CAP_MKNOD security bypass attempt (protocol-rpc.rules)
 * 1:16700 <-> DISABLED <-> PROTOCOL-RPC Linux Kernel nfsd v2 tcp CAP_MKNOD security bypass attempt (protocol-rpc.rules)
 * 1:16701 <-> DISABLED <-> PROTOCOL-RPC Linux Kernel nfsd v3 udp CAP_MKNOD security bypass attempt (protocol-rpc.rules)
 * 1:16702 <-> DISABLED <-> PROTOCOL-RPC Linux Kernel nfsd v3 tcp CAP_MKNOD security bypass attempt (protocol-rpc.rules)
 * 1:16703 <-> DISABLED <-> SERVER-MYSQL Database COM_FIELD_LIST Buffer Overflow attempt (server-mysql.rules)
 * 1:16705 <-> DISABLED <-> PROTOCOL-RPC Oracle Solaris sadmind UDP array size buffer overflow attempt (protocol-rpc.rules)
 * 1:16706 <-> DISABLED <-> PROTOCOL-RPC Oracle Solaris sadmind TCP array size buffer overflow attempt (protocol-rpc.rules)
 * 1:16707 <-> DISABLED <-> SERVER-MYSQL mysql_log COM_CREATE_DB format string vulnerability exploit attempt (server-mysql.rules)
 * 1:16708 <-> DISABLED <-> SERVER-MYSQL mysql_log COM_DROP_DB format string vulnerability exploit attempt (server-mysql.rules)
 * 1:16709 <-> DISABLED <-> SERVER-OTHER RealNetworks Helix Server RTSP SET_PARAMETERS empty DataConvertBuffer header denial of service attempt (server-other.rules)
 * 1:16710 <-> DISABLED <-> SERVER-OTHER Oracle BEA Weblogic server console-help.portal cross-site scripting attempt (server-other.rules)
 * 1:16711 <-> DISABLED <-> BROWSER-PLUGINS E-Book Systems FlipViewer FlipViewerX.dll activex clsid access ActiveX clsid access (browser-plugins.rules)
 * 1:16712 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Network Node Manager ovwebsnmpsrv.exe OVwSelection buffer overflow attempt - GET (server-webapp.rules)
 * 1:16713 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Network Node Manager ovwebsnmpsrv.exe OVwSelection buffer overflow attempt - POST (server-webapp.rules)
 * 1:16714 <-> DISABLED <-> BROWSER-PLUGINS SoftArtisans XFile FileManager ActiveX Control access attempt (browser-plugins.rules)
 * 1:16715 <-> DISABLED <-> BROWSER-PLUGINS SaschArt SasCam Webcam Server ActiveX control exploit attempt (browser-plugins.rules)
 * 1:16716 <-> DISABLED <-> FILE-IMAGE Oracle Java Web Start Splashscreen PNG processing buffer overflow attempt (file-image.rules)
 * 1:16717 <-> DISABLED <-> SERVER-ORACLE Oracle Secure Enterprise Search search_p_groups cross-site scripting attempt (server-oracle.rules)
 * 1:16718 <-> DISABLED <-> PUA-OTHER Skype URI handler input validation exploit attempt (pua-other.rules)
 * 1:16719 <-> DISABLED <-> FILE-OTHER CA multiple product AV engine CAB header parsing stack overflow attempt (file-other.rules)
 * 1:16720 <-> DISABLED <-> FILE-MULTIMEDIA VideoLAN VLC Media Player TY processing buffer overflow attempt (file-multimedia.rules)
 * 1:16721 <-> DISABLED <-> FILE-OTHER Orbital Viewer .orb stack buffer overflow attempt (file-other.rules)
 * 1:16722 <-> DISABLED <-> SERVER-ORACLE Oracle Database Server DBMS_CDC_PUBLISH.DROP_CHANGE_SOURCE procedure SQL injection attempt (server-oracle.rules)
 * 1:16723 <-> DISABLED <-> SERVER-ORACLE Oracle Database Server DBMS_CDC_PUBLISH.ALTER_CHANGE_SOURCE procedure SQL injection attempt (server-oracle.rules)
 * 1:16725 <-> DISABLED <-> BROWSER-PLUGINS ActivePDF WebGrabber APWebGrb.ocx GetStatus method overflow attempt (browser-plugins.rules)
 * 1:16726 <-> DISABLED <-> FILE-OTHER gAlan malformed file stack overflow attempt (file-other.rules)
 * 1:16727 <-> DISABLED <-> FILE-OTHER IDEAL Administration IPJ file handling stack overflow attempt (file-other.rules)
 * 1:16729 <-> DISABLED <-> BROWSER-PLUGINS McAfee Remediation client ActiveX control access attempt (browser-plugins.rules)
 * 1:16730 <-> DISABLED <-> FILE-OTHER ProShow Gold PSH file handling overflow attempt (file-other.rules)
 * 1:16731 <-> DISABLED <-> FILE-OTHER ProShow Gold PSH file handling overflow attempt (file-other.rules)
 * 1:16732 <-> DISABLED <-> FILE-OTHER SafeNet SoftRemote multiple policy file local overflow attempt (file-other.rules)
 * 1:16733 <-> DISABLED <-> FILE-OTHER UltraISO CCD file handling overflow attempt (file-other.rules)
 * 1:16734 <-> DISABLED <-> FILE-OTHER UltraISO CUE file handling stack buffer overflow attempt (file-other.rules)
 * 1:16735 <-> DISABLED <-> FILE-OTHER URSoft W32Dasm Import/Export function buffer overflow attempt (file-other.rules)
 * 1:16736 <-> DISABLED <-> FILE-OTHER VariCAD multiple products DWB file handling overflow attempt (file-other.rules)
 * 1:16738 <-> DISABLED <-> FILE-MULTIMEDIA Xenorate Media Player XPL file handling overflow attempt - 2 (file-multimedia.rules)
 * 1:16740 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Works WkImgSrv.dll ActiveX control code execution attempt (browser-plugins.rules)
 * 1:16745 <-> DISABLED <-> BROWSER-PLUGINS DjVu ActiveX control access attempt (browser-plugins.rules)
 * 1:16746 <-> DISABLED <-> BROWSER-PLUGINS IBM Access Support ActiveX clsid access (browser-plugins.rules)
 * 1:16748 <-> DISABLED <-> BROWSER-PLUGINS IBM Access Support ActiveX function call access (browser-plugins.rules)
 * 1:16751 <-> DISABLED <-> FILE-MULTIMEDIA VideoLAN VLC Media Player SMB module Win32AddConnection buffer overflow attempt (file-multimedia.rules)
 * 1:16752 <-> DISABLED <-> FILE-MULTIMEDIA VideoLAN VLC Media Player SMB module Win32AddConnection buffer overflow attempt (file-multimedia.rules)
 * 1:16753 <-> DISABLED <-> SERVER-WEBAPP VideoLAN VLC Media Player SMB module Win32AddConnection buffer overflow attempt (server-webapp.rules)
 * 1:16754 <-> DISABLED <-> NETBIOS SMB /PlughNTCommand andx create tree attempt (netbios.rules)
 * 1:16755 <-> DISABLED <-> NETBIOS SMB /PlughNTCommand create tree attempt (netbios.rules)
 * 1:16756 <-> DISABLED <-> NETBIOS SMB /PlughNTCommand unicode andx create tree attempt (netbios.rules)
 * 1:16757 <-> DISABLED <-> NETBIOS SMB /PlughNTCommand unicode create tree attempt (netbios.rules)
 * 1:16758 <-> DISABLED <-> NETBIOS SMB /PlughNTCommand andx create tree attempt (netbios.rules)
 * 1:16759 <-> DISABLED <-> NETBIOS SMB /PlughNTCommand create tree attempt (netbios.rules)
 * 1:16760 <-> DISABLED <-> NETBIOS SMB /PlughNTCommand unicode andx create tree attempt (netbios.rules)
 * 1:16761 <-> DISABLED <-> NETBIOS SMB /PlughNTCommand unicode create tree attempt (netbios.rules)
 * 1:16763 <-> DISABLED <-> NETBIOS SMB Timbuktu Pro overflow WriteAndX attempt (netbios.rules)
 * 1:16765 <-> DISABLED <-> NETBIOS SMB Timbuktu Pro overflow WriteAndX unicode attempt (netbios.rules)
 * 1:16771 <-> DISABLED <-> BROWSER-PLUGINS AwingSoft Web3D Player WindsPlayerIE.View.1 ActiveX SceneURL method overflow attempt (browser-plugins.rules)
 * 1:16772 <-> ENABLED <-> BROWSER-PLUGINS EMC Captiva QuickScan Pro ActiveX clsid access (browser-plugins.rules)
 * 1:16774 <-> ENABLED <-> BROWSER-PLUGINS EMC Captiva QuickScan Pro ActiveX function call access (browser-plugins.rules)
 * 1:16776 <-> ENABLED <-> BROWSER-PLUGINS KeyWorks KeyHelp ActiveX control JumpURL method access attempt (browser-plugins.rules)
 * 1:16777 <-> DISABLED <-> SERVER-ORACLE Secure Backup NDMP packet handling DoS attempt (server-oracle.rules)
 * 1:16778 <-> DISABLED <-> SERVER-ORACLE Secure Backup NDMP packet handling DoS attempt (server-oracle.rules)
 * 1:16779 <-> DISABLED <-> BROWSER-PLUGINS EasyMail IMAP4 ActiveX clsid access (browser-plugins.rules)
 * 1:16781 <-> DISABLED <-> BROWSER-PLUGINS EasyMail IMAP4 ActiveX function call access (browser-plugins.rules)
 * 1:16783 <-> DISABLED <-> BROWSER-PLUGINS Autodesk iDrop ActiveX clsid access (browser-plugins.rules)
 * 1:16784 <-> DISABLED <-> BROWSER-PLUGINS Autodesk iDrop ActiveX function call access (browser-plugins.rules)
 * 1:16785 <-> DISABLED <-> BROWSER-PLUGINS AwingSoft Winds3D Player SceneURL method command execution attempt (browser-plugins.rules)
 * 1:16786 <-> DISABLED <-> FILE-OFFICE Microsoft Office Web Components Spreadsheet ActiveX buffer overflow attempt (file-office.rules)
 * 1:16787 <-> DISABLED <-> FILE-OTHER Symantec multiple products AeXNSConsoleUtilities RunCMD buffer overflow attempt (file-other.rules)
 * 1:16788 <-> DISABLED <-> SERVER-OTHER RealVNC VNC Server ClientCutText message memory corruption attempt (server-other.rules)
 * 1:16789 <-> DISABLED <-> BROWSER-PLUGINS Chilkat Crypt 2 ActiveX object access attempt (browser-plugins.rules)
 * 1:16790 <-> DISABLED <-> BROWSER-PLUGINS Chilkat Crypt 2 ActiveX clsid access attempt (browser-plugins.rules)
 * 1:16791 <-> DISABLED <-> BROWSER-PLUGINS SAP AG SAPgui EAI WebViewer3D ActiveX clsid access (browser-plugins.rules)
 * 1:16793 <-> DISABLED <-> BROWSER-PLUGINS SAP AG SAPgui EAI WebViewer3D ActiveX function call access (browser-plugins.rules)
 * 1:16796 <-> DISABLED <-> PROTOCOL-RPC Oracle Solaris sadmind UDP data length integer overflow attempt (protocol-rpc.rules)
 * 1:16797 <-> DISABLED <-> PROTOCOL-RPC Oracle Solaris sadmind TCP data length integer overflow attempt (protocol-rpc.rules)
 * 1:16798 <-> DISABLED <-> FILE-OTHER Orbit Downloader long URL buffer overflow attempt (file-other.rules)
 * 1:16799 <-> DISABLED <-> SERVER-MAIL Eureka Mail 2.2q server error response overflow attempt (server-mail.rules)
 * 1:16800 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel FRTWrapper record buffer overflow attempt (file-office.rules)
 * 1:16801 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader CoolType.dll remote memory corruption denial of service attempt (file-pdf.rules)
 * 1:16802 <-> DISABLED <-> BROWSER-PLUGINS WinDVD IASystemInfo.dll ActiveX clsid access (browser-plugins.rules)
 * 1:17034 <-> DISABLED <-> FILE-OFFICE Microsoft Office Outlook AttachMethods local file execution attempt  (file-office.rules)
 * 1:17035 <-> DISABLED <-> FILE-OFFICE Microsoft Office Outlook AttachMethods local file execution attempt  (file-office.rules)
 * 1:17036 <-> DISABLED <-> FILE-OFFICE Microsoft Office Outlook AttachMethods local file execution attempt  (file-office.rules)
 * 1:17038 <-> DISABLED <-> FILE-OFFICE Microsoft Office Access ACCWIZ library release after free attempt - 1 (file-office.rules)
 * 1:17039 <-> DISABLED <-> FILE-OFFICE Microsoft Office Access ACCWIZ library release after free attempt - 2 (file-office.rules)
 * 1:17042 <-> DISABLED <-> FILE-OTHER Microsoft LNK shortcut arbitrary dll load attempt (file-other.rules)
 * 1:17050 <-> DISABLED <-> SERVER-WEBAPP Oracle Secure Backup Administration Server authentication bypass attempt (server-webapp.rules)
 * 1:17051 <-> DISABLED <-> BROWSER-PLUGINS Symantec AppStream Client LaunchObj ActiveX clsid access (browser-plugins.rules)
 * 1:17052 <-> DISABLED <-> BROWSER-PLUGINS Symantec AppStream Client LaunchObj ActiveX clsid unicode access (browser-plugins.rules)
 * 1:17053 <-> DISABLED <-> BROWSER-PLUGINS Symantec AppStream Client LaunchObj ActiveX function call access (browser-plugins.rules)
 * 1:17054 <-> DISABLED <-> BROWSER-PLUGINS Symantec AppStream Client LaunchObj ActiveX function call unicode access (browser-plugins.rules)
 * 1:17055 <-> DISABLED <-> SERVER-ORACLE Oracle Database DBMS TNS Listener denial of service attempt (server-oracle.rules)
 * 1:17056 <-> DISABLED <-> NETBIOS Novell NetIdentity Agent XTIERRPCPIPE remote code execution attempt (netbios.rules)
 * 1:17057 <-> DISABLED <-> NETBIOS Novell Client NetIdentity Agent remote arbitrary pointer dereference code execution attempt (netbios.rules)
 * 1:17059 <-> DISABLED <-> PROTOCOL-FTP Vermillion 1.31 vftpd port command memory corruption (protocol-ftp.rules)
 * 1:17060 <-> DISABLED <-> BROWSER-PLUGINS Roxio CinePlayer SonicDVDDashVRNav.dll ActiveX control buffer overflow attempt (browser-plugins.rules)
 * 1:17061 <-> DISABLED <-> BROWSER-PLUGINS Symantec Norton Personal Firewall 2004 ActiveX clsid access (browser-plugins.rules)
 * 1:17063 <-> DISABLED <-> BROWSER-PLUGINS Logitech Video Call 1 ActiveX clsid access (browser-plugins.rules)
 * 1:17065 <-> DISABLED <-> BROWSER-PLUGINS Logitech Video Call 2 ActiveX clsid access (browser-plugins.rules)
 * 1:17067 <-> DISABLED <-> BROWSER-PLUGINS Logitech Video Call 3 ActiveX clsid access (browser-plugins.rules)
 * 1:17069 <-> DISABLED <-> BROWSER-PLUGINS Logitech Video Call 4 ActiveX clsid access (browser-plugins.rules)
 * 1:17071 <-> DISABLED <-> BROWSER-PLUGINS Logitech Video Call 5 ActiveX clsid access (browser-plugins.rules)
 * 1:17073 <-> DISABLED <-> BROWSER-PLUGINS Ask Toolbar AskJeevesToolBar.SettingsPlugin ActiveX clsid access (browser-plugins.rules)
 * 1:17075 <-> DISABLED <-> BROWSER-PLUGINS Ask Toolbar AskJeevesToolBar.SettingsPlugin ActiveX function call access (browser-plugins.rules)
 * 1:17077 <-> DISABLED <-> BROWSER-PLUGINS Ask Toolbar AskJeevesToolBar.SettingsPlugin.1 ActiveX control buffer overflow attempt (browser-plugins.rules)
 * 1:17078 <-> DISABLED <-> BROWSER-PLUGINS GOM Player GomWeb ActiveX clsid access (browser-plugins.rules)
 * 1:17080 <-> DISABLED <-> BROWSER-PLUGINS GOM Player GomWeb ActiveX function call access (browser-plugins.rules)
 * 1:17082 <-> DISABLED <-> BROWSER-PLUGINS SonicWALL SSL-VPN NeLaunchCtrl ActiveX clsid access (browser-plugins.rules)
 * 1:17084 <-> DISABLED <-> BROWSER-PLUGINS Creative Software AutoUpdate Engine ActiveX clsid access (browser-plugins.rules)
 * 1:17086 <-> DISABLED <-> BROWSER-PLUGINS Creative Software AutoUpdate Engine CTSUEng.ocx ActiveX control access attempt (browser-plugins.rules)
 * 1:17087 <-> DISABLED <-> BROWSER-PLUGINS VeryDOC PDF Viewer ActiveX clsid access (browser-plugins.rules)
 * 1:17089 <-> DISABLED <-> BROWSER-PLUGINS VeryDOC PDF Viewer ActiveX function call access (browser-plugins.rules)
 * 1:17091 <-> DISABLED <-> BROWSER-PLUGINS VeryDOC PDF Viewer ActiveX control OpenPDF buffer overflow attempt (browser-plugins.rules)
 * 1:17092 <-> DISABLED <-> BROWSER-PLUGINS Symantec Altirix Deployment Solution AeXNSPkgDLLib.dll ActiveX clsid access (browser-plugins.rules)
 * 1:17094 <-> DISABLED <-> BROWSER-PLUGINS Symantec Altirix Deployment Solution AeXNSPkgDLLib.dll ActiveX function call access (browser-plugins.rules)
 * 1:17096 <-> DISABLED <-> BROWSER-PLUGINS AOL WinAmpX ActiveX clsid access (browser-plugins.rules)
 * 1:17098 <-> DISABLED <-> BROWSER-PLUGINS AOL IWinAmpActiveX class ConvertFile buffer overflow attempt (browser-plugins.rules)
 * 1:17099 <-> DISABLED <-> BROWSER-PLUGINS CommuniCrypt Mail ANSMTP.dll/AOSMTP.dll ActiveX clsid access (browser-plugins.rules)
 * 1:17101 <-> DISABLED <-> BROWSER-PLUGINS CommuniCrypt Mail ANSMTP.dll/AOSMTP.dll ActiveX function call access (browser-plugins.rules)
 * 1:17103 <-> DISABLED <-> SERVER-IIS IIS 5.1 alternate data stream authentication bypass attempt (server-iis.rules)
 * 1:17104 <-> DISABLED <-> FILE-OTHER FeedDemon OPML file handling buffer overflow attempt (file-other.rules)
 * 1:17105 <-> DISABLED <-> FILE-OTHER FeedDemon unicode OPML file handling buffer overflow attempt (file-other.rules)
 * 1:17106 <-> ENABLED <-> FILE-IDENTIFY download of RMF file - potentially malicious (file-identify.rules)
 * 1:17109 <-> DISABLED <-> SERVER-ORACLE Oracle Java Web Console logging functionality format string exploit attempt (server-oracle.rules)
 * 1:17111 <-> DISABLED <-> INDICATOR-OBFUSCATION known JavaScript obfuscation routine (indicator-obfuscation.rules)
 * 1:17114 <-> DISABLED <-> OS-WINDOWS Microsoft SilverLight ImageSource remote code execution attempt (os-windows.rules)
 * 1:17117 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows MPEG Layer-3 audio heap corruption attempt (file-multimedia.rules)
 * 1:17119 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word sprmCMajority SPRM overflow attempt (file-office.rules)
 * 1:17120 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word rich text format unexpected field type memory corruption attempt 1 (file-office.rules)
 * 1:17121 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word rich text format unexpected field type memory corruption attempt 2 (file-office.rules)
 * 1:17122 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word rich text format unexpected field type memory corruption attempt 3 (file-office.rules)
 * 1:17123 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word rich text format invalid field size memory corruption attempt (file-office.rules)
 * 1:17124 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word malformed table record memory corruption attempt (file-office.rules)
 * 1:17128 <-> DISABLED <-> FILE-MULTIMEDIA Cinepak Codec VIDC decompression remote code execution attempt (file-multimedia.rules)
 * 1:17129 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer use-after-free memory corruption attempt (browser-ie.rules)
 * 1:17130 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer boundElements arbitrary code execution (browser-ie.rules)
 * 1:17131 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 8 parent style rendering arbitrary code execution (browser-ie.rules)
 * 1:17133 <-> DISABLED <-> OS-WINDOWS Microsoft Windows MSXML2 ActiveX malformed HTTP response (os-windows.rules)
 * 1:17135 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows Movie Maker string size overflow attempt (file-multimedia.rules)
 * 1:17136 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 6 race condition exploit attempt (browser-ie.rules)
 * 1:17137 <-> DISABLED <-> SERVER-WEBAPP HP Intelligent Management Center information disclosure attempt (server-webapp.rules)
 * 1:17138 <-> DISABLED <-> SERVER-OTHER iSCSI target multiple implementations iSNS stack buffer overflow attempt (server-other.rules)
 * 1:17139 <-> DISABLED <-> SERVER-OTHER Symantec Alert Management System HNDLRSVC arbitrary command execution attempt (server-other.rules)
 * 1:17140 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:17141 <-> DISABLED <-> FILE-FLASH Adobe Flash invalid data precision arbitrary code execution exploit attempt (file-flash.rules)
 * 1:17142 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SWF ActionScript exploit attempt (file-flash.rules)
 * 1:17148 <-> DISABLED <-> FILE-MULTIMEDIA VideoLAN VLC renamed zip file handling code execution attempt - 1 (file-multimedia.rules)
 * 1:17149 <-> DISABLED <-> FILE-MULTIMEDIA VideoLAN VLC renamed zip file handling code execution attempt - 2 (file-multimedia.rules)
 * 1:17150 <-> DISABLED <-> FILE-MULTIMEDIA VideoLAN VLC renamed zip file handling code execution attempt - 3 (file-multimedia.rules)
 * 1:17153 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox plugin parameter array dangling pointer exploit attempt - 1 (browser-firefox.rules)
 * 1:17154 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox plugin parameter array dangling pointer exploit attempt - 2 (browser-firefox.rules)
 * 1:17155 <-> DISABLED <-> SERVER-OTHER Multiple vendors OPIE off-by-one stack buffer overflow attempt (server-other.rules)
 * 1:17156 <-> DISABLED <-> SERVER-APACHE HP Performance Manager Apache Tomcat policy bypass attempt (server-apache.rules)
 * 1:17157 <-> DISABLED <-> SERVER-WEBAPP HP Intelligent Management Center database credentials information disclosure attempt - 1 (server-webapp.rules)
 * 1:17158 <-> DISABLED <-> SERVER-WEBAPP HP Intelligent Management Center database credentials information disclosure attempt - 2 (server-webapp.rules)
 * 1:17159 <-> DISABLED <-> SERVER-WEBAPP HP Intelligent Management Center database credentials information disclosure attempt - 3 (server-webapp.rules)
 * 1:17160 <-> DISABLED <-> BROWSER-PLUGINS Liquid XML Studio LtXmlComHelp8.dll ActiveX OpenFile buffer overflow attempt (browser-plugins.rules)
 * 1:17161 <-> DISABLED <-> BROWSER-PLUGINS Liquid XML Studio ActiveX clsid access (browser-plugins.rules)
 * 1:17163 <-> DISABLED <-> BROWSER-PLUGINS Liquid XML Studio ActiveX function call access (browser-plugins.rules)
 * 1:17166 <-> DISABLED <-> BROWSER-FIREFOX Mozilla multiple products JavaScript string replace buffer overflow attempt (browser-firefox.rules)
 * 1:17179 <-> DISABLED <-> FILE-OTHER Adobe Director file pamm record exploit attempt (file-other.rules)
 * 1:17180 <-> DISABLED <-> FILE-OTHER Adobe Director file LsCM record exploit attempt (file-other.rules)
 * 1:17181 <-> DISABLED <-> FILE-OTHER Adobe Director file LsCM record exploit attempt (file-other.rules)
 * 1:17182 <-> DISABLED <-> FILE-OTHER Adobe Director file tSAC record exploit attempt (file-other.rules)
 * 1:17183 <-> DISABLED <-> FILE-OTHER Adobe Director file tSAC record exploit attempt (file-other.rules)
 * 1:17184 <-> DISABLED <-> FILE-OTHER Adobe Director file tSAC record exploit attempt (file-other.rules)
 * 1:17185 <-> DISABLED <-> FILE-OTHER Adobe Director file rcsL record exploit attempt (file-other.rules)
 * 1:17186 <-> DISABLED <-> FILE-OTHER Adobe Director file rcsL record exploit attempt (file-other.rules)
 * 1:17187 <-> DISABLED <-> FILE-OTHER Adobe Director file rcsL record exploit attempt (file-other.rules)
 * 1:17188 <-> DISABLED <-> FILE-OTHER Adobe Director file rcsL record exploit attempt (file-other.rules)
 * 1:17189 <-> DISABLED <-> FILE-OTHER Adobe Director file rcsL record exploit attempt (file-other.rules)
 * 1:17190 <-> DISABLED <-> FILE-OTHER Adobe Director remote code execution attempt (file-other.rules)
 * 1:17191 <-> DISABLED <-> FILE-OTHER Adobe Director remote code execution attempt (file-other.rules)
 * 1:17192 <-> DISABLED <-> FILE-OTHER Adobe Director remote code execution attempt (file-other.rules)
 * 1:17193 <-> DISABLED <-> FILE-OTHER Adobe Director remote code execution attempt (file-other.rules)
 * 1:17194 <-> DISABLED <-> FILE-OTHER Adobe Director file tSAC tag exploit attempt (file-other.rules)
 * 1:17196 <-> DISABLED <-> FILE-OTHER Adobe Director file exploit attempt (file-other.rules)
 * 1:17197 <-> DISABLED <-> FILE-OTHER Adobe Director file exploit attempt (file-other.rules)
 * 1:17198 <-> DISABLED <-> FILE-OTHER Adobe Director file exploit attempt (file-other.rules)
 * 1:17200 <-> DISABLED <-> FILE-OTHER Adobe Director file LsCM overflow attempt (file-other.rules)
 * 1:17202 <-> DISABLED <-> FILE-OTHER Adobe Director file file Shockwave 3D overflow attempt (file-other.rules)
 * 1:17204 <-> DISABLED <-> FILE-OTHER Adobe Director file mmap overflow attempt (file-other.rules)
 * 1:17205 <-> DISABLED <-> PROTOCOL-RPC Multiple vendors librpc.dll stack buffer overflow attempt - udp (protocol-rpc.rules)
 * 1:17206 <-> DISABLED <-> PROTOCOL-RPC Multiple vendors librpc.dll stack buffer overflow attempt - tcp (protocol-rpc.rules)
 * 1:17207 <-> DISABLED <-> SERVER-OTHER IBM Cognos Server backdoor account remote code execution attempt (server-other.rules)
 * 1:17208 <-> DISABLED <-> SERVER-OTHER Squid Proxy HTCP packet processing denial of service attempt (server-other.rules)
 * 1:17211 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime marshaled punk remote code execution (file-multimedia.rules)
 * 1:17212 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox JavaScript eval arbitrary code execution attempt (browser-firefox.rules)
 * 1:17213 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox Chrome Page Loading Restriction Bypass attempt (browser-firefox.rules)
 * 1:17214 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader libtiff TIFFFetchShortPair stack buffer overflow attempt (file-pdf.rules)
 * 1:17215 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader libtiff TIFFFetchShortPair stack buffer overflow attempt (file-pdf.rules)
 * 1:17219 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox domain name handling buffer overflow attempt (browser-firefox.rules)
 * 1:17220 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox domain name handling buffer overflow attempt (browser-firefox.rules)
 * 1:17221 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox domain name handling buffer overflow attempt (browser-firefox.rules)
 * 1:17222 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox domain name handling buffer overflow attempt (browser-firefox.rules)
 * 1:17225 <-> DISABLED <-> SERVER-OTHER Alt-N MDaemon WorldClient invalid user (server-other.rules)
 * 1:17226 <-> DISABLED <-> BROWSER-PLUGINS AXIS Camera ActiveX initialization via script (browser-plugins.rules)
 * 1:17227 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel sheet name memory corruption attempt (file-office.rules)
 * 1:17228 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Media Player skin decompression code execution attempt (os-windows.rules)
 * 1:17229 <-> DISABLED <-> FILE-IDENTIFY Tiff little endian file magic detected (file-identify.rules)
 * 1:17232 <-> DISABLED <-> FILE-IMAGE Microsoft Kodak Imaging large offset malformed tiff - big-endian (file-image.rules)
 * 1:17233 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader TTF SING table parsing remote code execution attempt (file-pdf.rules)
 * 1:17235 <-> ENABLED <-> MALWARE-CNC VBMania mass mailing worm download (malware-cnc.rules)
 * 1:17236 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox nsPropertyTable PropertyList memory corruption attempt (browser-firefox.rules)
 * 1:17238 <-> DISABLED <-> FILE-OTHER ACD Systems ACDSee Products XBM file handling buffer overflow attempt (file-other.rules)
 * 1:17241 <-> DISABLED <-> FILE-IDENTIFY Microsoft Windows Media wmv file download request (file-identify.rules)
 * 1:17244 <-> DISABLED <-> FILE-OTHER Antivirus ACE file handling buffer overflow attempt (file-other.rules)
 * 1:17245 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox image dragging exploit attempt (browser-firefox.rules)
 * 1:17249 <-> DISABLED <-> OS-WINDOWS Microsoft Windows LSASS integer overflow attempt (os-windows.rules)
 * 1:17250 <-> DISABLED <-> FILE-OFFICE Microsoft Windows WordPad sprmTSetBrc SPRM overflow attempt (file-office.rules)
 * 1:17252 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Print Spooler arbitrary file write attempt (os-windows.rules)
 * 1:17254 <-> DISABLED <-> SERVER-IIS Microsoft Windows IIS stack exhaustion DoS attempt (server-iis.rules)
 * 1:17256 <-> DISABLED <-> OS-WINDOWS Microsoft Windows uniscribe fonts parsing memory corruption attempt (os-windows.rules)
 * 1:17257 <-> DISABLED <-> FILE-FLASH Adobe Flash Player and Reader remote code execution attempt (file-flash.rules)
 * 1:17258 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox XUL tree element code execution attempt (browser-firefox.rules)
 * 1:17260 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox Javascript contentWindow in an iframe exploit attempt (browser-firefox.rules)
 * 1:17261 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer createTextRange code execution attempt (browser-ie.rules)
 * 1:17262 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer createTextRange code execution attempt (browser-ie.rules)
 * 1:17263 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer createTextRange code execution attempt (browser-ie.rules)
 * 1:17264 <-> DISABLED <-> SERVER-ORACLE Permission declaration exploit attempt (server-oracle.rules)
 * 1:17265 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox plugin access control bypass attempt (browser-firefox.rules)
 * 1:17266 <-> DISABLED <-> FILE-OTHER Multiple vendor malformed ZIP archive Antivirus detection bypass attempt (file-other.rules)
 * 1:17267 <-> DISABLED <-> FILE-OTHER Multiple vendor malformed ZIP archive Antivirus detection bypass attempt (file-other.rules)
 * 1:17268 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox sidebar panel arbitrary code execution attempt (browser-firefox.rules)
 * 1:17270 <-> DISABLED <-> SERVER-ORACLE DBMS_METADATA Package SQL Injection attempt (server-oracle.rules)
 * 1:17271 <-> DISABLED <-> FILE-OFFICE Microsoft Windows Web View script injection attempt (file-office.rules)
 * 1:17272 <-> DISABLED <-> FILE-MULTIMEDIA RealNetworks RealPlayer AVI parsing buffer overflow attempt (file-multimedia.rules)
 * 1:17273 <-> DISABLED <-> SERVER-OTHER MIT Kerberos V5 KDC krb5_unparse_name overflow attempt (server-other.rules)
 * 1:17274 <-> DISABLED <-> SERVER-OTHER MIT Kerberos V5 KDC krb5_unparse_name overflow attempt (server-other.rules)
 * 1:17275 <-> DISABLED <-> SERVER-MAIL Symantec Brightmail AntiSpam nested Zip handling denial of service attempt (server-mail.rules)
 * 1:17277 <-> DISABLED <-> FILE-OTHER Multiple vendor Antivirus magic byte detection evasion attempt (file-other.rules)
 * 1:17278 <-> DISABLED <-> FILE-OTHER Multiple vendor Antivirus magic byte detection evasion attempt (file-other.rules)
 * 1:17279 <-> DISABLED <-> SERVER-WEBAPP Ipswitch WhatsUp Small Business directory traversal attempt (server-webapp.rules)
 * 1:17280 <-> DISABLED <-> SERVER-WEBAPP Ipswitch WhatsUp Small Business directory traversal attempt (server-webapp.rules)
 * 1:17281 <-> DISABLED <-> FILE-OTHER Panda Antivirus ZOO archive decompression buffer overflow attempt (file-other.rules)
 * 1:17284 <-> DISABLED <-> FILE-OFFICE Microsoft Office malformed routing slip code execution attempt (file-office.rules)
 * 1:17285 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint PPT file parsing memory corruption attempt (file-office.rules)
 * 1:17286 <-> DISABLED <-> FILE-OTHER Microsoft Visual Basic for Applications document properties overflow attempt (file-other.rules)
 * 1:17288 <-> DISABLED <-> FILE-PDF Adobe Acrobat font parsing integer overflow attempt (file-pdf.rules)
 * 1:17289 <-> DISABLED <-> FILE-OTHER GNU gzip LZH decompression make_table overflow attempt (file-other.rules)
 * 1:17291 <-> DISABLED <-> INDICATOR-OBFUSCATION base64-encoded uri data object found (indicator-obfuscation.rules)
 * 1:17292 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint malformed data record code execution attempt (file-office.rules)
 * 1:17293 <-> DISABLED <-> SERVER-ORACLE sdo_lrs.convert_to_lrs_layer buffer overflow attempt (server-oracle.rules)
 * 1:17295 <-> DISABLED <-> SERVER-WEBAPP Trend Micro OfficeScan Console authentication buffer overflow attempt (server-webapp.rules)
 * 1:17296 <-> DISABLED <-> SERVER-WEBAPP Microsoft Office Outlook Web Access XSRF attempt (server-webapp.rules)
 * 1:17297 <-> DISABLED <-> SERVER-OTHER McAfee VirusScan on-access scanner long unicode filename handling buffer overflow attempt (server-other.rules)
 * 1:17299 <-> DISABLED <-> SERVER-OTHER ISC BIND RRSIG query denial of service attempt (server-other.rules)
 * 1:17301 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word TextBox sub-document memory corruption attempt (file-office.rules)
 * 1:17304 <-> DISABLED <-> FILE-OFFICE Microsoft Works file converter file section header index table stack overflow attempt (file-office.rules)
 * 1:18771 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel ADO Object Parsing Code Execution (file-office.rules)
 * 1:17305 <-> DISABLED <-> FILE-OTHER ClamAV libclamav PE file handling integer overflow attempt (file-other.rules)
 * 1:17306 <-> DISABLED <-> OS-WINDOWS Microsoft Malware Protection Engine file processing denial of service attempt (os-windows.rules)
 * 1:17308 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word SmartTag record code execution attempt (file-office.rules)
 * 1:17310 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint Viewer memory allocation code execution attempt (file-office.rules)
 * 1:17313 <-> DISABLED <-> SERVER-ORACLE database server crafted view privelege escalation attempt (server-oracle.rules)
 * 1:17315 <-> DISABLED <-> FILE-OFFICE OpenOffice OLE file stream buffer overflow attempt (file-office.rules)
 * 1:17316 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Folder GUID Code Execution attempt (os-windows.rules)
 * 1:17318 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint MCAtom remote code execution attempt (file-office.rules)
 * 1:17319 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint MCAtom remote code execution attempt (file-office.rules)
 * 1:17320 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint MCAtom remote code execution attempt (file-office.rules)
 * 1:17321 <-> DISABLED <-> NETBIOS DCERPC NCACN-IP-TCP spoolss EnumPrinters name overflow attempt (netbios.rules)
 * 1:17322 <-> DISABLED <-> INDICATOR-SHELLCODE x86 OS agnostic fnstenv geteip dword xor decoder (indicator-shellcode.rules)
 * 1:17323 <-> DISABLED <-> INDICATOR-SHELLCODE x86 OS agnostic fnstenv geteip dword xor decoder unescaped (indicator-shellcode.rules)
 * 1:17324 <-> DISABLED <-> INDICATOR-SHELLCODE x86 Linux reverse connect shellcode (indicator-shellcode.rules)
 * 1:17325 <-> DISABLED <-> INDICATOR-SHELLCODE x86 OS agnostic alpha numeric upper case decoder variant (indicator-shellcode.rules)
 * 1:17327 <-> DISABLED <-> SERVER-MAIL Qualcomm WorldMail Server Response (server-mail.rules)
 * 1:17328 <-> DISABLED <-> SERVER-MAIL Qualcomm WorldMail IMAP Literal Token Parsing Buffer Overflow (server-mail.rules)
 * 1:17330 <-> DISABLED <-> FILE-IMAGE Microsoft Windows GRE WMF Handling Memory Read Exception attempt (file-image.rules)
 * 1:17331 <-> DISABLED <-> SERVER-MAIL IBM Lotus Notes HTML Speed Reader Long URL buffer overflow attempt (server-mail.rules)
 * 1:17332 <-> DISABLED <-> SERVER-MAIL Content-Disposition attachment (server-mail.rules)
 * 1:17334 <-> DISABLED <-> FILE-FLASH RealNetworks RealPlayer SWF Flash File buffer overflow attempt (file-flash.rules)
 * 1:17335 <-> DISABLED <-> INDICATOR-SHELLCODE x86 OS agnostic fnstenv geteip byte xor decoder (indicator-shellcode.rules)
 * 1:17336 <-> DISABLED <-> INDICATOR-SHELLCODE x86 OS agnostic call geteip byte xor decoder (indicator-shellcode.rules)
 * 1:17337 <-> DISABLED <-> INDICATOR-SHELLCODE x86 Microsoft Win32 export table enumeration variant (indicator-shellcode.rules)
 * 1:17338 <-> DISABLED <-> INDICATOR-SHELLCODE x86 Microsoft Windows 32-bit SEH get EIP technique (indicator-shellcode.rules)
 * 1:17339 <-> DISABLED <-> INDICATOR-SHELLCODE x86 generic OS alpha numeric mixed case decoder (indicator-shellcode.rules)
 * 1:17340 <-> DISABLED <-> INDICATOR-SHELLCODE x86 OS agnostic alpha numeric upper case decoder (indicator-shellcode.rules)
 * 1:17341 <-> DISABLED <-> INDICATOR-SHELLCODE x86 OS agnostic alpha UTF8 tolower avoidance decoder (indicator-shellcode.rules)
 * 1:17342 <-> DISABLED <-> INDICATOR-SHELLCODE x86 OS agnostic unicode mixed case decoder (indicator-shellcode.rules)
 * 1:17343 <-> DISABLED <-> INDICATOR-SHELLCODE x86 OS agnostic unicode upper case decoder (indicator-shellcode.rules)
 * 1:17344 <-> DISABLED <-> INDICATOR-SHELLCODE x86 OS agnostic xor dword decoder (indicator-shellcode.rules)
 * 1:17345 <-> DISABLED <-> INDICATOR-SHELLCODE x86 OS agnostic dword additive feedback decoder (indicator-shellcode.rules)
 * 1:17346 <-> DISABLED <-> SERVER-OTHER IBM Lotus Notes Cross Site Scripting attempt (server-other.rules)
 * 1:17347 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Color Management Module buffer overflow attempt (os-windows.rules)
 * 1:17348 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Color Management Module buffer overflow attempt (os-windows.rules)
 * 1:17349 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Color Management Module buffer overflow attempt (os-windows.rules)
 * 1:17350 <-> DISABLED <-> SERVER-ORACLE Application Server Forms Arbitrary System Command Execution Attempt (server-oracle.rules)
 * 1:17351 <-> DISABLED <-> FILE-OTHER Nullsoft Winamp ID3v2 Tag Handling Buffer Overflow attempt (file-other.rules)
 * 1:17357 <-> DISABLED <-> PUA-OTHER AOL GAIM AIM-ICQ Protocol Handling buffer overflow attempt (pua-other.rules)
 * 1:17359 <-> DISABLED <-> FILE-IDENTIFY XBM image file download request (file-identify.rules)
 * 1:17360 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox XBM image processing buffer overflow attempt (browser-firefox.rules)
 * 1:17361 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader PDF Catalog Handling denial of service attempt (file-pdf.rules)
 * 1:17362 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel IMDATA buffer overflow attempt (file-office.rules)
 * 1:17363 <-> DISABLED <-> FILE-OTHER Apple OSX Finder DMG volume name memory corruption (file-other.rules)
 * 1:17365 <-> DISABLED <-> FILE-OTHER Microsoft Windows Help Workshop CNT Help contents buffer overflow attempt (file-other.rules)
 * 1:17366 <-> DISABLED <-> FILE-OTHER Microsoft Help Workshop HPJ OPTIONS section buffer overflow attempt (file-other.rules)
 * 1:17368 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word document stream handling code execution attempt (file-office.rules)
 * 1:17369 <-> DISABLED <-> SERVER-MAIL MailEnable service APPEND command handling buffer overflow attempt (server-mail.rules)
 * 1:17371 <-> DISABLED <-> SERVER-WEBAPP Squid authentication headers handling denial of service attempt (server-webapp.rules)
 * 1:17372 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime udta atom parsing heap overflow vulnerability (file-multimedia.rules)
 * 1:17374 <-> DISABLED <-> FILE-OTHER Microsoft Windows HLP File Handling heap overflow attempt (file-other.rules)
 * 1:17376 <-> DISABLED <-> SERVER-WEBAPP IBM Lotus Expeditor cai URI handler command execution attempt (server-webapp.rules)
 * 1:17377 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel Malformed Filter Records Handling Code Execution attempt (file-office.rules)
 * 1:17378 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox Animated PNG Processing integer overflow attempt (browser-firefox.rules)
 * 1:17379 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox Animated PNG Processing integer overflow attempt (browser-firefox.rules)
 * 1:17380 <-> DISABLED <-> FILE-IDENTIFY PNG file download request (file-identify.rules)
 * 1:17381 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime PDAT Atom parsing buffer overflow attempt (file-multimedia.rules)
 * 1:17382 <-> DISABLED <-> FILE-OTHER Microsoft Project Invalid Memory Pointer Code Execution attempt (file-other.rules)
 * 1:17383 <-> DISABLED <-> FILE-OFFICE Microsoft Office Publisher Object Handler Validation Code Execution attempted (file-office.rules)
 * 1:17386 <-> DISABLED <-> SERVER-WEBAPP Lighttpd mod_fastcgi Extension CGI Variable Overwriting Vulnerability attempt (server-webapp.rules)
 * 1:17389 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox DOMNodeRemoved attack attempt (browser-firefox.rules)
 * 1:17390 <-> DISABLED <-> FILE-IMAGE ClamAV Antivirus Function Denial of Service attempt (file-image.rules)
 * 1:17391 <-> DISABLED <-> SERVER-APACHE Apache Tomcat UNIX platform directory traversal (server-apache.rules)
 * 1:17392 <-> DISABLED <-> INDICATOR-SHELLCODE JavaScript var shellcode (indicator-shellcode.rules)
 * 1:17393 <-> DISABLED <-> INDICATOR-SHELLCODE JavaScript var heapspray (indicator-shellcode.rules)
 * 1:17395 <-> DISABLED <-> FILE-IMAGE Oracle Java Web Start Splashscreen GIF decoding buffer overflow attempt (file-image.rules)
 * 1:17396 <-> DISABLED <-> SERVER-OTHER VNC client authentication response (server-other.rules)
 * 1:17397 <-> DISABLED <-> SERVER-OTHER VNCViewer Authenticate buffer overflow attempt (server-other.rules)
 * 1:17398 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox Javascript array.splice memory corruption attempt (browser-firefox.rules)
 * 1:17399 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox Javascript array.splice memory corruption attempt (browser-firefox.rules)
 * 1:17400 <-> DISABLED <-> INDICATOR-OBFUSCATION rename of javascript unescape function detected (indicator-obfuscation.rules)
 * 1:17401 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer nested tag memory corruption attempt - unescaped (browser-ie.rules)
 * 1:17402 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer nested tag memory corruption attempt (browser-ie.rules)
 * 1:17403 <-> DISABLED <-> FILE-OFFICE OpenOffice RTF File parsing heap buffer overflow attempt (file-office.rules)
 * 1:17404 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word Converter XST structure buffer overflow attempt (file-office.rules)
 * 1:17405 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word Converter XST structure buffer overflow attempt (file-office.rules)
 * 1:17406 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word Converter XST structure buffer overflow attempt (file-office.rules)
 * 1:17408 <-> DISABLED <-> OS-WINDOWS Microsoft Windows DirectX Targa image file heap overflow attempt (os-windows.rules)
 * 1:17409 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Products IDN Spoofing Vulnerability Attempt (browser-firefox.rules)
 * 1:17411 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CDF cross-domain scripting attempt (browser-ie.rules)
 * 1:17412 <-> DISABLED <-> SERVER-MYSQL create function mysql.func arbitrary library injection attempt (server-mysql.rules)
 * 1:17413 <-> DISABLED <-> OS-WINDOWS Microsoft Jet DB Engine Buffer Overflow attempt (os-windows.rules)
 * 1:17414 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox Javascript Engine Information Disclosure attempt (browser-firefox.rules)
 * 1:17415 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox Javascript Engine Information Disclosure attempt (browser-firefox.rules)
 * 1:17416 <-> DISABLED <-> SERVER-ORACLE Database Intermedia Denial of Service Attempt (server-oracle.rules)
 * 1:17417 <-> DISABLED <-> SERVER-ORACLE Database Intermedia Denial of Service Attempt (server-oracle.rules)
 * 1:17418 <-> DISABLED <-> SERVER-ORACLE Oracle connection established (server-oracle.rules)
 * 1:17419 <-> DISABLED <-> SERVER-ORACLE Oracle database SQL compiler read-only join auth bypass attempt (server-oracle.rules)
 * 1:17420 <-> DISABLED <-> SERVER-WEBAPP Citrix Program Neighborhood Agent Arbitrary Shortcut Creation attempt (server-webapp.rules)
 * 1:17421 <-> DISABLED <-> FILE-OFFICE Microsoft OLE automation string manipulation overflow attempt (file-office.rules)
 * 1:17422 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox defineSetter function pointer memory corruption attempt (browser-firefox.rules)
 * 1:17423 <-> DISABLED <-> SERVER-WEBAPP Citrix Program Neighborhood Agent Buffer Overflow attempt (server-webapp.rules)
 * 1:17424 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox IconURL Arbitrary Javascript Execution attempt (browser-firefox.rules)
 * 1:17425 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer ActiveX Import playlist name buffer overflow attempt (browser-plugins.rules)
 * 1:17427 <-> DISABLED <-> SERVER-ORACLE Oracle database DBMS_Scheduler privilege escalation attempt (server-oracle.rules)
 * 1:17428 <-> DISABLED <-> OS-WINDOWS Microsoft Windows ASP.NET information disclosure attempt (os-windows.rules)
 * 1:17429 <-> DISABLED <-> OS-WINDOWS Microsoft Windows ASP.NET information disclosure attempt (os-windows.rules)
 * 1:17430 <-> DISABLED <-> FILE-PDF BitDefender Antivirus PDF processing memory corruption attempt (file-pdf.rules)
 * 1:17431 <-> DISABLED <-> SERVER-IIS Microsoft Windows IIS SChannel improper certificate verification (server-iis.rules)
 * 1:17432 <-> DISABLED <-> SERVER-WEBAPP Squid Gopher protocol handling buffer overflow attempt (server-webapp.rules)
 * 1:17434 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox Unicode sequence handling stack corruption attempt (browser-firefox.rules)
 * 1:17436 <-> DISABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP umpnpmgr PNP_GetDeviceListSize attempt (os-windows.rules)
 * 1:17438 <-> DISABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP umpnpmgr PNP_GetDeviceListSize attempt (os-windows.rules)
 * 1:17440 <-> DISABLED <-> SERVER-IIS RSA authentication agent for web redirect buffer overflow attempt (server-iis.rules)
 * 1:17441 <-> DISABLED <-> FILE-IDENTIFY LNK file download request (file-identify.rules)
 * 1:17442 <-> DISABLED <-> FILE-OTHER Microsoft Windows download of .lnk file that executes cmd.exe detected (file-other.rules)
 * 1:17443 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft DirectShow AVI decoder buffer overflow attempt (file-multimedia.rules)
 * 1:17444 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox 3 xsl parsing heap overflow attempt (browser-firefox.rules)
 * 1:17445 <-> DISABLED <-> SERVER-OTHER Symantec Backup Exec System Recovery Manager unauthorized file upload attempt (server-other.rules)
 * 1:17446 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer FTP client directory traversal attempt (browser-ie.rules)
 * 1:17449 <-> DISABLED <-> SERVER-WEBAPP Novell ZENworks patch management SQL injection attempt (server-webapp.rules)
 * 1:17450 <-> DISABLED <-> SERVER-WEBAPP CommuniGate Systems CommuniGate Pro LDAP Server buffer overflow attempt (server-webapp.rules)
 * 1:17461 <-> DISABLED <-> FILE-OTHER RealNetworks RealPlayer zipped skin file buffer overflow attempt (file-other.rules)
 * 1:17462 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer marquee object handling memory corruption attempt (browser-ie.rules)
 * 1:17463 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer File Download Dialog Box Manipulation (browser-ie.rules)
 * 1:17464 <-> DISABLED <-> BROWSER-PLUGINS AOL Radio AmpX ActiveX clsid access (browser-plugins.rules)
 * 1:17466 <-> DISABLED <-> BROWSER-PLUGINS IBM Lotus Domino Web Access 7 ActiveX exploit attempt (browser-plugins.rules)
 * 1:17467 <-> DISABLED <-> OS-WINDOWS Microsoft Windows ShellExecute and IE7 snews url handling code execution attempt (os-windows.rules)
 * 1:17468 <-> DISABLED <-> OS-WINDOWS Microsoft Windows ShellExecute and IE7 snews url handling code execution attempt (os-windows.rules)
 * 1:17469 <-> DISABLED <-> FILE-MULTIMEDIA Mplayer Real Demuxer stream_read heap overflow attempt (file-multimedia.rules)
 * 1:17470 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime STSD JPEG atom heap corruption attempt (file-multimedia.rules)
 * 1:17471 <-> DISABLED <-> FILE-PDF Adobe Acrobat JavaScript getIcon method buffer overflow attempt (file-pdf.rules)
 * 1:17472 <-> DISABLED <-> FILE-PDF Adobe Acrobat JavaScript getIcon method buffer overflow attempt (file-pdf.rules)
 * 1:17473 <-> DISABLED <-> SERVER-ORACLE DBMS_CDC_SUBSCRIBE.EXTEND_WINDOW arbitrary command execution attempt (server-oracle.rules)
 * 1:17474 <-> DISABLED <-> SERVER-ORACLE DBMS_CDC_SUBSCRIBE.CREATE_SUBSCRIPTION arbitrary command execution attempt (server-oracle.rules)
 * 1:17475 <-> DISABLED <-> SERVER-ORACLE DBMS_CDC_SUBSCRIBE.ACTIVATE_SUBSCRIPTION arbitrary command execution attempt (server-oracle.rules)
 * 1:17476 <-> DISABLED <-> SERVER-ORACLE DBMS_CDC_SUBSCRIBE.PURGE_WINDOW arbitrary command execution attempt (server-oracle.rules)
 * 1:17477 <-> DISABLED <-> SERVER-ORACLE DBMS_CDC_SUBSCRIBE.DROP_SUBSCRIPTION arbitrary command execution attempt (server-oracle.rules)
 * 1:17478 <-> DISABLED <-> SERVER-ORACLE DBMS_CDC_SUBSCRIBE.SUBSCRIBE arbitrary command execution attempt (server-oracle.rules)
 * 1:17479 <-> DISABLED <-> SERVER-ORACLE DBMS_CDC_ISUBSCRIBE.SUBSCRIBE arbitrary command execution attempt (server-oracle.rules)
 * 1:17480 <-> DISABLED <-> SERVER-ORACLE DBMS_CDC_ISUBSCRIBE.CREATE_SUBSCRIPTION arbitrary command execution attempt (server-oracle.rules)
 * 1:17481 <-> DISABLED <-> SERVER-MAIL Microsoft Windows Exchange and Outlook TNEF Decoding Integer Overflow attempt (server-mail.rules)
 * 1:17482 <-> DISABLED <-> BROWSER-FIREFOX Mozilla NNTP URL Handling Buffer Overflow attempt (browser-firefox.rules)
 * 1:17485 <-> DISABLED <-> PROTOCOL-DNS Symantec Gateway products DNS cache poisoning attempt (protocol-dns.rules)
 * 1:17486 <-> DISABLED <-> SERVER-WEBAPP Trend Micro Control Manager Chunked overflow attempt (server-webapp.rules)
 * 1:17487 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer Script Engine Stack Exhaustion Denial of Service attempt (browser-ie.rules)
 * 1:17489 <-> DISABLED <-> FILE-OTHER Microsoft Windows Help File Heap Buffer Overflow attempt (file-other.rules)
 * 1:17490 <-> DISABLED <-> FILE-OTHER Microsoft Windows itss.dll CHM File Handling Heap Corruption attempt (file-other.rules)
 * 1:17491 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word mso.dll LsCreateLine memory corruption attempt (file-office.rules)
 * 1:17492 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel Malformed SELECTION Record Code Execution attempt (file-office.rules)
 * 1:17493 <-> DISABLED <-> FILE-OTHER ClamAV UPX FileHandling Heap overflow attempt (file-other.rules)
 * 1:17495 <-> DISABLED <-> SERVER-OTHER Squid proxy DNS response spoofing attempt (server-other.rules)
 * 1:17496 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint malformed NamedShows record code execution attempt (file-office.rules)
 * 1:17497 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint malformed NamedShows record code execution attempt (file-office.rules)
 * 1:17498 <-> DISABLED <-> SERVER-APACHE Apache Tomcat UNIX platform directory traversal (server-apache.rules)
 * 1:17499 <-> DISABLED <-> SERVER-APACHE Apache Tomcat UNIX platform directory traversal (server-apache.rules)
 * 1:17500 <-> DISABLED <-> SERVER-APACHE Apache Tomcat UNIX platform directory traversal (server-apache.rules)
 * 1:17501 <-> DISABLED <-> SERVER-APACHE Apache Tomcat UNIX platform directory traversal (server-apache.rules)
 * 1:17502 <-> DISABLED <-> SERVER-APACHE Apache Tomcat UNIX platform directory traversal (server-apache.rules)
 * 1:17503 <-> DISABLED <-> SERVER-MAIL MailEnable IMAP Service Invalid Command Buffer Overlow LOGIN (server-mail.rules)
 * 1:17505 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word formatted disk pages table memory corruption attempt (file-office.rules)
 * 1:17506 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word formatted disk pages table memory corruption attempt (file-office.rules)
 * 1:17507 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word formatted disk pages table memory corruption attempt (file-office.rules)
 * 1:17510 <-> DISABLED <-> FILE-IDENTIFY Microsoft Windows .NET Deploy file download request (file-identify.rules)
 * 1:17511 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel malformed Graphic Code Execution (file-office.rules)
 * 1:17517 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel Malformed Record Code Execution attempt (file-office.rules)
 * 1:17519 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox UTF-8 URL Handling Stack Buffer Overflow (browser-firefox.rules)
 * 1:17520 <-> DISABLED <-> SERVER-OTHER CA ARCserve Backup DB Engine Denial of Service (server-other.rules)
 * 1:17522 <-> DISABLED <-> FILE-JAVA Oracle Java Runtime Environment Pack200 Decompression Integer Overflow (file-java.rules)
 * 1:17523 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime H.264 Movie File Buffer Overflow (file-multimedia.rules)
 * 1:17525 <-> DISABLED <-> SERVER-IIS Microsoft Windows IIS 5.0 WebDav Request Directory Security Bypass (server-iis.rules)
 * 1:17526 <-> DISABLED <-> FILE-PDF Adobe Acrobat and Adobe Reader U3D RHAdobeMeta Buffer Overflow (file-pdf.rules)
 * 1:17527 <-> DISABLED <-> FILE-MULTIMEDIA VideoLAN VLC Media Player MP4_BoxDumpStructure Buffer Overflow (file-multimedia.rules)
 * 1:17528 <-> DISABLED <-> SERVER-WEBAPP nginx URI parsing buffer overflow attempt (server-webapp.rules)
 * 1:17530 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector Stack Buffer Overflow (server-other.rules)
 * 1:17531 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime MOV file JVTCompEncodeFrame heap overflow attempt (file-multimedia.rules)
 * 1:17532 <-> DISABLED <-> FILE-OFFICE Micrsoft Office Excel TXO and OBJ Records Parsing Stack Memory Corruption (file-office.rules)
 * 1:17533 <-> DISABLED <-> SERVER-APACHE Apache Struts Information Disclosure Attempt (server-apache.rules)
 * 1:17534 <-> DISABLED <-> SERVER-OTHER IPP Application Content (server-other.rules)
 * 1:17535 <-> DISABLED <-> SERVER-OTHER Apple CUPS Text to PostScript Filter Integer Overflow attempt (server-other.rules)
 * 1:17537 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel unspecified memory corruption attempt (file-office.rules)
 * 1:17538 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel unspecified memory corruption attempt (file-office.rules)
 * 1:17539 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel unspecified memory corruption attempt (file-office.rules)
 * 1:17540 <-> ENABLED <-> FILE-IDENTIFY LZH file download request (file-identify.rules)
 * 1:17541 <-> DISABLED <-> FILE-OTHER Avast Antivirus Engine Remote LHA buffer overflow attempt (file-other.rules)
 * 1:17542 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel MalformedPalete Record Memory Corruption attempt (file-office.rules)
 * 1:17544 <-> DISABLED <-> SERVER-OTHER Wireshark LWRES Dissector getaddrsbyname buffer overflow attempt (server-other.rules)
 * 1:17545 <-> DISABLED <-> BROWSER-PLUGINS Lotus Domino Web Access ActiveX Controls buffer overflow attempt (browser-plugins.rules)
 * 1:17546 <-> DISABLED <-> FILE-IDENTIFY Microsoft Media Player compressed skin download request (file-identify.rules)
 * 1:17547 <-> DISABLED <-> FILE-IDENTIFY SMIL file download request (file-identify.rules)
 * 1:17548 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime SMIL File Handling Integer Overflow attempt (file-multimedia.rules)
 * 1:17549 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer Error Handling Code Execution (browser-ie.rules)
 * 1:17550 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word Font Parsing Buffer Overflow attempt (file-office.rules)
 * 1:17552 <-> DISABLED <-> FILE-IDENTIFY Adobe Pagemaker file download request (file-identify.rules)
 * 1:17553 <-> DISABLED <-> FILE-OTHER Adobe Pagemaker Font Name Buffer Overflow attempt (file-other.rules)
 * 1:17554 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer DOM object cache management memory corruption attempt (browser-ie.rules)
 * 1:17556 <-> DISABLED <-> SERVER-OTHER Firebird database invalid state memory corruption (server-other.rules)
 * 1:17557 <-> DISABLED <-> BROWSER-PLUGINS Novell iPrint ActiveX operation parameter overflow (browser-plugins.rules)
 * 1:17558 <-> DISABLED <-> FILE-IMAGE CUPS Gif Decoding Routine Buffer Overflow attempt (file-image.rules)
 * 1:17559 <-> DISABLED <-> FILE-OTHER IBM Lotus Notes Applix Graphics Parsing Buffer Overflow (file-other.rules)
 * 1:17560 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word Global Array Index Heap Overflow attempt (file-office.rules)
 * 1:17561 <-> DISABLED <-> FILE-MULTIMEDIA RealNetworks RealPlayer IVR Overly Long Filename Code Execution attempt (file-multimedia.rules)
 * 1:17562 <-> DISABLED <-> FILE-JAVA Oracle Java Runtime Environment Pack200 Decompression Integer Overflow attempt (file-java.rules)
 * 1:17563 <-> DISABLED <-> FILE-JAVA Oracle Java Runtime Environment JAR File Processing Stack Buffer Overflow (file-java.rules)
 * 1:17564 <-> DISABLED <-> SERVER-IIS WebDAV Request Directory Security Bypass attempt (server-iis.rules)
 * 1:17565 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint PP7 File Handling Memory Corruption attempt (file-office.rules)
 * 1:17566 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer event handler memory corruption attempt (browser-ie.rules)
 * 1:17568 <-> DISABLED <-> FILE-OFFICE Microsoft Office XP URL Handling Buffer Overflow attempt (file-office.rules)
 * 1:17570 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox IFRAME style change handling code execution (browser-firefox.rules)
 * 1:17571 <-> DISABLED <-> BROWSER-PLUGINS obfuscated instantiation of ActiveX object - likely malicious (browser-plugins.rules)
 * 1:17572 <-> DISABLED <-> OS-WINDOWS Microsoft XML Core Services cross-site information disclosure attempt (os-windows.rules)
 * 1:17573 <-> DISABLED <-> FILE-MULTIMEDIA ffdshow codec URL parsing buffer overflow attempt (file-multimedia.rules)
 * 1:17574 <-> DISABLED <-> FILE-OFFICE Sophos Anti-Virus Visio File Parsing Buffer Overflow attempt (file-office.rules)
 * 1:17575 <-> DISABLED <-> BROWSER-PLUGINS SizerOne 2 ActiveX clsid access (browser-plugins.rules)
 * 1:17577 <-> DISABLED <-> POLICY-OTHER CA BightStor ARCserver Backup possible insecure method access (policy-other.rules)
 * 1:17578 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word Section Table Array Buffer Overflow attempt (file-office.rules)
 * 1:17579 <-> DISABLED <-> FILE-OFFICE Microsoft Office Drawing Record msofbtOPT Code Execution attempt (file-office.rules)
 * 1:17580 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer span tag memory corruption attempt (browser-ie.rules)
 * 1:17581 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox tag order memory corruption attempt (browser-firefox.rules)
 * 1:17582 <-> DISABLED <-> BROWSER-PLUGINS Symantec Norton AntiVirus CcErrDisp ActiveX function call access (browser-plugins.rules)
 * 1:17584 <-> DISABLED <-> SERVER-ORACLE UTL_FILE directory traversal attempt (server-oracle.rules)
 * 1:17585 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer possible javascript onunload event memory corruption (browser-ie.rules)
 * 1:17586 <-> DISABLED <-> FILE-JAVA Oracle Java Web Start malicious parameter value (file-java.rules)
 * 1:17587 <-> DISABLED <-> BROWSER-PLUGINS Adobe Multiple Product AcroPDF.PDF ActiveX exploit attempt (browser-plugins.rules)
 * 1:17588 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Install Engine ActiveX clsid access (browser-plugins.rules)
 * 1:17590 <-> DISABLED <-> SERVER-ORACLE DBMS_ASSERT.simple_sql_name double quote SQL injection attempt (server-oracle.rules)
 * 1:17591 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word crafted sprm structure memory corruption attempt (file-office.rules)
 * 1:17592 <-> DISABLED <-> BROWSER-PLUGINS Microsoft MyInfo.dll ActiveX clsid access (browser-plugins.rules)
 * 1:17593 <-> DISABLED <-> BROWSER-PLUGINS Microsoft msdxm.ocx ActiveX clsid access (browser-plugins.rules)
 * 1:17594 <-> DISABLED <-> BROWSER-PLUGINS Microsoft creator.dll 1 ActiveX clsid access (browser-plugins.rules)
 * 1:17595 <-> DISABLED <-> BROWSER-PLUGINS Microsoft creator.dll 2 ActiveX clsid access (browser-plugins.rules)
 * 1:17596 <-> DISABLED <-> BROWSER-PLUGINS Microsoft ciodm.dll ActiveX clsid access (browser-plugins.rules)
 * 1:17597 <-> DISABLED <-> SERVER-WEBAPP TikiWiki jhot.php script file upload attempt (server-webapp.rules)
 * 1:17598 <-> DISABLED <-> SERVER-OTHER IBM DB2 Universal Database accsec command without rdbnam (server-other.rules)
 * 1:17600 <-> DISABLED <-> FILE-IDENTIFY XUL file download request (file-identify.rules)
 * 1:17601 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox file type memory corruption attempt (browser-firefox.rules)
 * 1:17602 <-> DISABLED <-> FILE-OTHER ClamAV antivirus CHM file handling DOS (file-other.rules)
 * 1:17603 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox file type memory corruption attempt (browser-firefox.rules)
 * 1:17604 <-> DISABLED <-> SERVER-OTHER Oracle Java AWT ConvolveOp memory corruption attempt (server-other.rules)
 * 1:17605 <-> DISABLED <-> SERVER-WEBAPP Trend Micro OfficeScan CGI password decryption buffer overflow attempt (server-webapp.rules)
 * 1:17606 <-> DISABLED <-> FILE-FLASH Adobe Flash ASnative command execution attempt (file-flash.rules)
 * 1:17607 <-> DISABLED <-> SERVER-OTHER Xi Software Net Transport eDonkey Protocol Buffer Overflow attempt (server-other.rules)
 * 1:17610 <-> DISABLED <-> FILE-MULTIMEDIA GStreamer QuickTime file parsing multiple heap overflow attempt (file-multimedia.rules)
 * 1:17611 <-> DISABLED <-> FILE-MULTIMEDIA GStreamer QuickTime file parsing multiple heap overflow attempt (file-multimedia.rules)
 * 1:17612 <-> DISABLED <-> FILE-MULTIMEDIA GStreamer QuickTime file parsing multiple heap overflow attempt (file-multimedia.rules)
 * 1:17613 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox browser engine memory corruption attempt (browser-firefox.rules)
 * 1:17614 <-> DISABLED <-> BROWSER-PLUGINS SAP GUI SAPBExCommonResources ActiveX clsid access (browser-plugins.rules)
 * 1:17616 <-> DISABLED <-> BROWSER-PLUGINS SAP GUI SAPBExCommonResources ActiveX function call access (browser-plugins.rules)
 * 1:17618 <-> DISABLED <-> OS-WINDOWS Microsoft Windows hraphics engine EMF rendering vulnerability (os-windows.rules)
 * 1:17619 <-> DISABLED <-> SERVER-ORACLE database server crafted view privelege escalation attempt (server-oracle.rules)
 * 1:17620 <-> DISABLED <-> SERVER-OTHER Products Discovery Service Buffer Overflow (server-other.rules)
 * 1:17621 <-> DISABLED <-> SERVER-OTHER Products Discovery Service Buffer Overflow (server-other.rules)
 * 1:17622 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer object reference memory corruption attempt (browser-ie.rules)
 * 1:17623 <-> DISABLED <-> FILE-JAVA Oracle Java Runtime Environment Type1 Font parsing integer overflow attempt (file-java.rules)
 * 1:17624 <-> DISABLED <-> FILE-JAVA Oracle Java Runtime Environment Type1 Font parsing integer overflow attempt (file-java.rules)
 * 1:17626 <-> DISABLED <-> OS-WINDOWS Microsoft Windows embedded web font handling buffer overflow attempt (os-windows.rules)
 * 1:17628 <-> DISABLED <-> FILE-IMAGE Sun Microsystems Java gif handling memory corruption attempt (file-image.rules)
 * 1:17629 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox Chrome Page Loading Restriction Bypass attempt (browser-firefox.rules)
 * 1:17630 <-> DISABLED <-> BROWSER-FIREFOX Mozilla multiple products CSSValue array memory corruption attempt (browser-firefox.rules)
 * 1:17631 <-> DISABLED <-> FILE-JAVA Oracle Java Web Start JNLP j2se key value buffer overflow attempt (file-java.rules)
 * 1:17633 <-> DISABLED <-> FILE-OTHER RealNetworks RealPlayer SWF frame handling buffer overflow attempt (file-other.rules)
 * 1:17638 <-> DISABLED <-> SERVER-ORACLE Secure Backup administration server login.php cookies command injection attempt (server-oracle.rules)
 * 1:17639 <-> DISABLED <-> SERVER-SAMBA Samba Root File System access bypass attempt (server-samba.rules)
 * 1:17641 <-> DISABLED <-> FILE-PDF CUPS and Xpdf JBIG2 symbol dictionary buffer overflow attempt (file-pdf.rules)
 * 1:17642 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox ConstructFrame with floating first-letter memory corruption attempt (browser-firefox.rules)
 * 1:17644 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer object clone deletion memory corruption attempt (browser-ie.rules)
 * 1:17645 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CSS strings parsing memory corruption attempt (browser-ie.rules)
 * 1:17646 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint Legacy file format picture object code execution attempt (file-office.rules)
 * 1:17649 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word array data handling buffer overflow attempt (file-office.rules)
 * 1:17650 <-> DISABLED <-> FILE-OTHER Adobe Pagemaker Key Strings Stack Buffer Overflow attempt (file-other.rules)
 * 1:17651 <-> DISABLED <-> FILE-OTHER Multiple AV vendor invalid archive checksum bypass attempt (file-other.rules)
 * 1:17652 <-> DISABLED <-> SERVER-IIS Microsoft Windows IIS source code disclosure attempt (server-iis.rules)
 * 1:17654 <-> DISABLED <-> BROWSER-PLUGINS Facebook Photo Uploader ActiveX exploit attempt (browser-plugins.rules)
 * 1:17655 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel malformed formula parsing code execution attempt (file-office.rules)
 * 1:17656 <-> DISABLED <-> SERVER-APACHE Apache HTTP server mod_rewrite module LDAP scheme handling buffer overflow attempt (server-apache.rules)
 * 1:17658 <-> DISABLED <-> FILE-FLASH Adobe Flash frame type identifier memory corruption attempt (file-flash.rules)
 * 1:17659 <-> DISABLED <-> SERVER-ORACLE xdb.dbms_xmlschema buffer overflow attempt (server-oracle.rules)
 * 1:17660 <-> DISABLED <-> SERVER-OTHER Oracle Java Web Start arbitrary command execution attempt (server-other.rules)
 * 1:17661 <-> DISABLED <-> SERVER-SAMBA Samba send_mailslot buffer overflow attempt (server-samba.rules)
 * 1:17666 <-> DISABLED <-> FILE-MULTIMEDIA RealNetworks RealPlayer invalid chunk size heap overflow attempt (file-multimedia.rules)
 * 1:17669 <-> DISABLED <-> SERVER-ORACLE Oracle Application Server 10g OPMN service format string vulnerability exploit attempt (server-oracle.rules)
 * 1:17670 <-> DISABLED <-> BROWSER-PLUGINS BigAnt Office Manager ActiveX clsid access (browser-plugins.rules)
 * 1:17672 <-> DISABLED <-> BROWSER-PLUGINS BigAnt Office Manager ActiveX function call access (browser-plugins.rules)
 * 1:17678 <-> DISABLED <-> FILE-IMAGE Adobe BMP image handler buffer overflow attempt (file-image.rules)
 * 1:17679 <-> DISABLED <-> FILE-IDENTIFY Apple disk image file download request (file-identify.rules)
 * 1:17680 <-> DISABLED <-> SERVER-OTHER ISC BIND DNSSEC Validation Multiple RRsets DoS (server-other.rules)
 * 1:17685 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer invalid pointer memory corruption attempt (browser-ie.rules)
 * 1:17686 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer invalid pointer memory corruption attempt (browser-ie.rules)
 * 1:17687 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer invalid pointer memory corruption attempt (browser-ie.rules)
 * 1:17688 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer userdata behavior memory corruption attempt (browser-ie.rules)
 * 1:17689 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer userdata behavior memory corruption attempt (browser-ie.rules)
 * 1:17690 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word remote code execution attempt (file-office.rules)
 * 1:17691 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word remote code execution attempt (file-office.rules)
 * 1:17692 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer ExecWB security zone bypass attempt (browser-ie.rules)
 * 1:17695 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint paragraph format array inner header overflow attempt (file-office.rules)
 * 1:17698 <-> DISABLED <-> SERVER-MAIL RealNetworks RealPlayer wav chunk string overflow attempt in email (server-mail.rules)
 * 1:17701 <-> DISABLED <-> BROWSER-PLUGINS Office Viewer ActiveX arbitrary command execution attempt (browser-plugins.rules)
 * 1:17702 <-> DISABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP srvsvc NetrDfsCreateExitPoint dos attempt (os-windows.rules)
 * 1:17703 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer popup title bar spoofing attempt (browser-ie.rules)
 * 1:17704 <-> DISABLED <-> FILE-OTHER McAfee LHA file parsing buffer overflow attempt (file-other.rules)
 * 1:17709 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer EMBED element memory corruption attempt (browser-ie.rules)
 * 1:17711 <-> DISABLED <-> OS-WINDOWS Microsoft Windows ASF parsing memory corruption attempt (os-windows.rules)
 * 1:17716 <-> DISABLED <-> SERVER-MAIL IBM Lotus Notes DOC attachment viewer buffer overflow (server-mail.rules)
 * 1:17717 <-> DISABLED <-> SERVER-MAIL IBM Lotus Notes HTML input tag buffer overflow attempt (server-mail.rules)
 * 1:17718 <-> DISABLED <-> SERVER-ORACLE Oracle MDSYS drop table trigger injection attempt (server-oracle.rules)
 * 1:17719 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox ClearTextRun exploit attempt (browser-firefox.rules)
 * 1:17720 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer static text range overflow attempt (browser-ie.rules)
 * 1:17721 <-> DISABLED <-> OS-WINDOWS Microsoft Windows WINS replication inform2 request memory corruption attempt (os-windows.rules)
 * 1:17722 <-> DISABLED <-> SERVER-ORACLE XDB.XDB_PITRIG_PKG buffer overflow attempt (server-oracle.rules)
 * 1:17723 <-> DISABLED <-> OS-WINDOWS possible SMB replay attempt - overlapping encryption keys detected (os-windows.rules)
 * 1:17726 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer address bar spoofing attempt (browser-ie.rules)
 * 1:17727 <-> DISABLED <-> FILE-OTHER Oracle JDK image parsing library ICC buffer overflow attempt (file-other.rules)
 * 1:17729 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer EMBED element memory corruption attempt (browser-ie.rules)
 * 1:17730 <-> DISABLED <-> OS-WINDOWS Microsoft XML Core Services MIME Viewer memory corruption attempt (os-windows.rules)
 * 1:17731 <-> DISABLED <-> OS-WINDOWS Microsoft Windows wpad dynamic update request  (os-windows.rules)
 * 1:17732 <-> ENABLED <-> FILE-IDENTIFY TIFF file download request (file-identify.rules)
 * 1:17734 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel REPT integer underflow attempt (file-office.rules)
 * 1:17735 <-> DISABLED <-> FILE-OTHER Adobe Pagemaker Font Name Buffer Overflow attempt (file-other.rules)
 * 1:17736 <-> DISABLED <-> SERVER-OTHER McAfee LHA Type-2 file handling overflow attempt (server-other.rules)
 * 1:17738 <-> DISABLED <-> SERVER-OTHER Linux Kernel SNMP Netfilter Memory Corruption attempt (server-other.rules)
 * 1:17739 <-> DISABLED <-> FILE-IDENTIFY FlashPix file download request (file-identify.rules)
 * 1:17742 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word remote code execution attempt (file-office.rules)
 * 1:17743 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word RTF parsing memory corruption (file-office.rules)
 * 1:17746 <-> DISABLED <-> OS-WINDOWS SMB client TRANS response Find_First2 filename overflow attempt (os-windows.rules)
 * 1:17747 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer compressed HDMX font processing integer overflow attempt (browser-ie.rules)
 * 1:17749 <-> DISABLED <-> PROTOCOL-RPC Linux Kernel nfsd v4 CAP_MKNOD security bypass attempt (protocol-rpc.rules)
 * 1:17753 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows Media Player network sharing service RTSP code execution attempt (file-multimedia.rules)
 * 1:17754 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word bookmark bound check remote code execution attempt (file-office.rules)
 * 1:17755 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word unchecked index value remote code execution attempt (file-office.rules)
 * 1:17756 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word XP PLFLSInTableStream heap overflow attempt (file-office.rules)
 * 1:17757 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel CrErr record integer overflow attempt (file-office.rules)
 * 1:17758 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel PtgExtraArray data parsing vulnerability exploit attempt (file-office.rules)
 * 1:17759 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel invalid SerAr object exploit attempt (file-office.rules)
 * 1:17760 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel RealTimeData record exploit attempt (file-office.rules)
 * 1:17763 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel GhostRw record exploit attempt (file-office.rules)
 * 1:17764 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel PtgName invalid index exploit attempt (file-office.rules)
 * 1:17766 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 8 XSS in toStaticHTML API attempt (browser-ie.rules)
 * 1:17769 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 8 CSS invalid mapping exploit attempt (browser-ie.rules)
 * 1:17770 <-> DISABLED <-> FILE-OFFICE Microsoft HtmlDlgHelper ActiveX clsid access (file-office.rules)
 * 1:17771 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer cross-domain information disclosure attempt (browser-ie.rules)
 * 1:17773 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows Media Player Firefox plugin memory corruption attempt (file-multimedia.rules)
 * 1:17774 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 8 CSS XSRF exploit attempt (browser-ie.rules)
 * 1:17803 <-> DISABLED <-> FILE-OTHER Adobe Shockwave Director rcsL chunk memory corruption attempt (file-other.rules)
 * 1:17804 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox html tag attributes memory corruption (browser-firefox.rules)
 * 1:17806 <-> DISABLED <-> FILE-OTHER Adobe Shockwave Director rcsL chunk remote code execution attempt (file-other.rules)
 * 1:17807 <-> DISABLED <-> FILE-OTHER Adobe Shockwave Director rcsL chunk remote code execution attempt (file-other.rules)
 * 1:17808 <-> DISABLED <-> FILE-FLASH Adobe Flash authplay.dll memory corruption attempt (file-flash.rules)
 * 1:17810 <-> DISABLED <-> INDICATOR-COMPROMISE potential malware - download of server32.exe (indicator-compromise.rules)
 * 1:17811 <-> DISABLED <-> INDICATOR-COMPROMISE potential malware - download of svchost.exe (indicator-compromise.rules)
 * 1:17812 <-> DISABLED <-> INDICATOR-COMPROMISE potential malware - download of iexplore.exe (indicator-compromise.rules)
 * 1:17813 <-> DISABLED <-> INDICATOR-COMPROMISE potential malware - download of iprinp.dll (indicator-compromise.rules)
 * 1:17814 <-> DISABLED <-> INDICATOR-COMPROMISE potential malware - download of winzf32.dll (indicator-compromise.rules)
 * 1:17817 <-> DISABLED <-> SERVER-OTHER Thinkpoint fake antivirus binary download (server-other.rules)
 * 1:1790 <-> DISABLED <-> POLICY-SOCIAL IRC dns response (policy-social.rules)
 * 1:18065 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint converter bad indirection remote code execution attempt (file-office.rules)
 * 1:18066 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint integer underflow heap corruption attempt (file-office.rules)
 * 1:18067 <-> DISABLED <-> FILE-OFFICE Microsoft Office RTF parsing remote code execution attempt (file-office.rules)
 * 1:18068 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel malformed MsoDrawingObject record attempt (file-office.rules)
 * 1:18070 <-> DISABLED <-> FILE-OFFICE Microsoft Office pptimpconv.dll dll-load exploit attempt  (file-office.rules)
 * 1:18071 <-> DISABLED <-> FILE-OFFICE Microsoft Office pptimpconv.dll dll-load exploit attempt (file-office.rules)
 * 1:18073 <-> DISABLED <-> OS-WINDOWS Microsoft Forefront UAG arbitrary embedded scripting attempt (os-windows.rules)
 * 1:18074 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Forefront UAG URL XSS attempt (os-windows.rules)
 * 1:18076 <-> DISABLED <-> OS-WINDOWS Microsoft Forefront UAG URL XSS alternate attempt (os-windows.rules)
 * 1:18077 <-> DISABLED <-> BROWSER-FIREFOX Mozilla products CSS rendering out-of-bounds array write attempt (browser-firefox.rules)
 * 1:18078 <-> DISABLED <-> BROWSER-FIREFOX Mozilla products CSS rendering out-of-bounds array write attempt (browser-firefox.rules)
 * 1:18102 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader invalid PDF JavaScript extension call (file-pdf.rules)
 * 1:18167 <-> DISABLED <-> INDICATOR-SHELLCODE Possible generic javascript heap spray attempt (indicator-shellcode.rules)
 * 1:18168 <-> DISABLED <-> INDICATOR-SHELLCODE Possible generic javascript heap spray attempt (indicator-shellcode.rules)
 * 1:18186 <-> DISABLED <-> BROWSER-FIREFOX Mozilla products -moz-grid and -moz-grid-group display styles code execution attempt (browser-firefox.rules)
 * 1:18187 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox InstallTrigger.install memory corruption attempt (browser-firefox.rules)
 * 1:18188 <-> DISABLED <-> BROWSER-FIREFOX Multiple browser marquee tag denial of service attempt (browser-firefox.rules)
 * 1:18189 <-> DISABLED <-> NETBIOS DCERPC NCACN-IP-TCP netdfs NetrDfsEnum attempt (netbios.rules)
 * 1:18190 <-> DISABLED <-> NETBIOS DCERPC NCADG-IP-UDP netdfs NetrDfsEnum attempt (netbios.rules)
 * 1:18191 <-> DISABLED <-> NETBIOS DCERPC NCACN-IP-TCP netdfs NetrDfsEnum attempt (netbios.rules)
 * 1:18192 <-> DISABLED <-> NETBIOS DCERPC NCADG-IP-UDP netdfs NetrDfsEnum attempt (netbios.rules)
 * 1:18204 <-> ENABLED <-> OS-WINDOWS Microsoft Windows Address Book wab32res.dll dll-load exploit attempt (os-windows.rules)
 * 1:18205 <-> ENABLED <-> OS-WINDOWS Microsoft Windows Address Book msoeres32.dll dll-load exploit attempt (os-windows.rules)
 * 1:18206 <-> ENABLED <-> OS-WINDOWS Microsoft Windows Address Book wab32res.dll dll-load exploit attempt (os-windows.rules)
 * 1:18207 <-> ENABLED <-> OS-WINDOWS Microsoft Windows Address Book msoeres32.dll dll-load exploit attempt (os-windows.rules)
 * 1:18208 <-> ENABLED <-> OS-WINDOWS Microsoft Windows wininet peerdist.dll dll-load exploit attempt (os-windows.rules)
 * 1:18209 <-> ENABLED <-> OS-WINDOWS Microsoft Windows wininet peerdist.dll dll-load exploit attempt (os-windows.rules)
 * 1:18212 <-> DISABLED <-> FILE-OFFICE Microsoft Office Publisher tyo.oty field heap overflow attempt (file-office.rules)
 * 1:18214 <-> DISABLED <-> FILE-OFFICE Microsoft Office Publisher 97 conversion remote code execution attempt (file-office.rules)
 * 1:18216 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 6 #default#anim attempt (browser-ie.rules)
 * 1:18217 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer select element memory corruption attempt (browser-ie.rules)
 * 1:18218 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer time element memory corruption attempt (browser-ie.rules)
 * 1:18219 <-> DISABLED <-> FILE-OTHER Microsoft Windows ATMFD font driver remote code execution attempt (file-other.rules)
 * 1:18221 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer malformed table remote code execution attempt (browser-ie.rules)
 * 1:18222 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Media Encoder wmerrorenu.dll dll-load exploit attempt (os-windows.rules)
 * 1:18223 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Media Encoder winietenu.dll dll-load exploit attempt (os-windows.rules)
 * 1:18224 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Media Encoder asferrorenu.dll dll-load exploit attempt (os-windows.rules)
 * 1:18225 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Media Encoder wmerrorenu.dll dll-load exploit attempt (os-windows.rules)
 * 1:18226 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Media Encoder winietenu.dll dll-load exploit attempt (os-windows.rules)
 * 1:18227 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Media Encoder asferrorenu.dll dll-load exploit attempt (os-windows.rules)
 * 1:18229 <-> DISABLED <-> FILE-IMAGE Microsoft FlashPix tile length overflow attempt (file-image.rules)
 * 1:18230 <-> DISABLED <-> FILE-OFFICE Microsoft Office Publisher memory corruption attempt (file-office.rules)
 * 1:18231 <-> DISABLED <-> FILE-OFFICE Microsoft Office Publisher oversized oti length attempt (file-office.rules)
 * 1:18233 <-> DISABLED <-> FILE-OFFICE Microsoft Office Publisher Adobe Font Driver code execution attempt (file-office.rules)
 * 1:18236 <-> DISABLED <-> FILE-OFFICE Microsoft Office TIFFIM32.FLT filter memory corruption attempt (file-office.rules)
 * 1:18237 <-> DISABLED <-> FILE-IMAGE Microsoft Windows Flashpix graphics filter fpx32.flt remote code execution attempt (file-image.rules)
 * 1:18238 <-> DISABLED <-> SERVER-WEBAPP Microsoft Office SharePoint document conversion remote code excution attempt (server-webapp.rules)
 * 1:18239 <-> DISABLED <-> INDICATOR-OBFUSCATION known malicious JavaScript decryption routine (indicator-obfuscation.rules)
 * 1:18240 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CSS importer use-after-free attempt (browser-ie.rules)
 * 1:18242 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows WMI Administrator Tools Object Viewer ActiveX function call access (browser-plugins.rules)
 * 1:18243 <-> DISABLED <-> SERVER-IIS Microsoft Windows 7 IIS7.5 FTPSVC buffer overflow attempt (server-iis.rules)
 * 1:18244 <-> DISABLED <-> FILE-JAVA Oracle Java browser plugin docbase overflow attempt (file-java.rules)
 * 1:18245 <-> DISABLED <-> BROWSER-PLUGINS Oracle Java browser plugin docbase overflow attempt (browser-plugins.rules)
 * 1:18246 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Fax Services Cover Page Editor overflow attempt (os-windows.rules)
 * 1:18250 <-> DISABLED <-> BROWSER-FIREFOX Mozilla products EscapeAttributeValue integer overflow attempt (browser-firefox.rules)
 * 1:18261 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox Javascript engine String.toSource memory corruption attempt (browser-firefox.rules)
 * 1:18262 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox Javascript engine function arguments memory corruption attempt (browser-firefox.rules)
 * 1:18263 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox Javascript deleted frame or window reference attempt (browser-firefox.rules)
 * 1:18264 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox Javascript deleted frame or window reference attempt (browser-firefox.rules)
 * 1:18265 <-> DISABLED <-> FILE-OFFICE Microsoft Office thumbnail bitmap invalid biClrUsed attempt (file-office.rules)
 * 1:18266 <-> DISABLED <-> OS-WINDOWS DCERPC NCADG-IP-UDP rpcss2_RemoteGetClassObject attempt (os-windows.rules)
 * 1:18267 <-> DISABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP rpcss2_RemoteGetClassObject attempt (os-windows.rules)
 * 1:18277 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Vista Backup Tool fveapi.dll dll-load exploit attempt (os-windows.rules)
 * 1:18278 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Vista Backup Tool fveapi.dll dll-load exploit attempt (os-windows.rules)
 * 1:18284 <-> DISABLED <-> FILE-OFFICE Microsoft Office XP URL Handling Buffer Overflow attempt (file-office.rules)
 * 1:18285 <-> DISABLED <-> NETBIOS BrightStor ARCserve backup tape engine buffer overflow attempt (netbios.rules)
 * 1:18286 <-> DISABLED <-> BROWSER-FIREFOX Mozilla products element style change memory corruption code execution attempt (browser-firefox.rules)
 * 1:18291 <-> DISABLED <-> SERVER-OTHER Arkeia Network Backup Client Buffer Overflow Type 77 Attempt (server-other.rules)
 * 1:18292 <-> DISABLED <-> SERVER-OTHER Arkeia Network Backup Client Buffer Overflow Type 84 Attempt (server-other.rules)
 * 1:18293 <-> DISABLED <-> SERVER-WEBAPP Secure Backup login.php uname variable based command injection attempt (server-webapp.rules)
 * 1:18294 <-> DISABLED <-> BROWSER-WEBKIT Apple Safari Webkit floating point buffer overflow attempt (browser-webkit.rules)
 * 1:18295 <-> DISABLED <-> BROWSER-WEBKIT Apple Safari Webkit floating point buffer overflow attempt (browser-webkit.rules)
 * 1:18296 <-> DISABLED <-> BROWSER-FIREFOX Mozilla products frame comment objects manipulation memory corruption attempt (browser-firefox.rules)
 * 1:18297 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Comctl32.dll third-party SVG viewer heap overflow attempt (os-windows.rules)
 * 1:18299 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer implicit drag and drop file installation attempt (browser-ie.rules)
 * 1:18301 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox GeckoActiveXObject memory corruption attempt (browser-firefox.rules)
 * 1:18302 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox new function garbage collection remote code execution attempt (browser-firefox.rules)
 * 1:18303 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer script action handler overflow attempt (browser-ie.rules)
 * 1:18304 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer span tag memory corruption attempt (browser-ie.rules)
 * 1:18305 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer span tag memory corruption attempt (browser-ie.rules)
 * 1:18306 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer span tag memory corruption attempt (browser-ie.rules)
 * 1:18308 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader icc mluc interger overflow attempt (file-pdf.rules)
 * 1:18309 <-> DISABLED <-> OS-WINDOWS Microsoft Vector Markup Language fill method overflow attempt (os-windows.rules)
 * 1:18310 <-> DISABLED <-> FILE-OFFICE Microsoft Office RTF parsing remote code execution attempt (file-office.rules)
 * 1:18311 <-> DISABLED <-> SERVER-WEBAPP Novell iManager getMultiPartParameters unauthorized file upload attempt (server-webapp.rules)
 * 1:18313 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer createTextRange code execution attempt (browser-ie.rules)
 * 1:18321 <-> DISABLED <-> BROWSER-PLUGINS SonicWall Aventail EPInterrogator ActiveX clsid access (browser-plugins.rules)
 * 1:18322 <-> DISABLED <-> BROWSER-PLUGINS SonicWall Aventail EPInterrogator ActiveX function call access (browser-plugins.rules)
 * 1:18325 <-> DISABLED <-> BROWSER-PLUGINS Image Viewer CP Gold 6 ActiveX clsid access (browser-plugins.rules)
 * 1:18327 <-> ENABLED <-> PROTOCOL-SCADA Kingview HMI heap overflow attempt (protocol-scada.rules)
 * 1:18329 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows WMI Administrator Tools Object Viewer ActiveX function call access (browser-plugins.rules)
 * 1:18331 <-> DISABLED <-> FILE-OFFICE Microsoft Office Visio DXF variable name overflow attempt (file-office.rules)
 * 1:18333 <-> DISABLED <-> SERVER-WEBAPP phpBook date command execution attempt (server-webapp.rules)
 * 1:18334 <-> DISABLED <-> SERVER-WEBAPP phpBook mail command execution attempt (server-webapp.rules)
 * 1:18397 <-> DISABLED <-> SERVER-OTHER HP DDMI Agent spoofing - command execution (server-other.rules)
 * 1:18398 <-> DISABLED <-> FILE-OFFICE Microsoft Office thumbnail bitmap invalid biClrUsed attempt (file-office.rules)
 * 1:18399 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel BRAI record remote code execution attempt (file-office.rules)
 * 1:18401 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer Base64 encoded script overflow attempt (browser-ie.rules)
 * 1:18403 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer datasrc overflow attempt (browser-ie.rules)
 * 1:18406 <-> DISABLED <-> FILE-OTHER Microsoft Windows Server 2003 update service principal name spn dos executable attempt (file-other.rules)
 * 1:18407 <-> DISABLED <-> FILE-OTHER Microsoft Windows Server 2003 update service principal name spn dos attempt (file-other.rules)
 * 1:18408 <-> DISABLED <-> OS-WINDOWS Microsoft Windows WMI tracing api integer truncation attempt (os-windows.rules)
 * 1:18413 <-> DISABLED <-> OS-WINDOWS Microsoft Windows WMI tracing api integer truncation attempt (os-windows.rules)
 * 1:18419 <-> ENABLED <-> FILE-PDF Adobe field flags exploit attempt (file-pdf.rules)
 * 1:1844 <-> DISABLED <-> PROTOCOL-IMAP authenticate overflow attempt (protocol-imap.rules)
 * 1:18447 <-> DISABLED <-> FILE-FLASH Adobe OpenAction crafted URI action thru Firefox attempt (file-flash.rules)
 * 1:18448 <-> DISABLED <-> FILE-PDF Adobe Acrobat Universal 3D stream memory corruption attempt (file-pdf.rules)
 * 1:18450 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader malformed BMP RGBQUAD attempt (file-pdf.rules)
 * 1:18451 <-> ENABLED <-> FILE-PDF Adobe Acrobat ICC color integer overflow attempt (file-pdf.rules)
 * 1:18453 <-> DISABLED <-> FILE-PDF Adobe Acrobat universal 3D format memory corruption attempt (file-pdf.rules)
 * 1:18454 <-> ENABLED <-> FILE-PDF Adobe Acrobat universal 3D format memory corruption attempt (file-pdf.rules)
 * 1:18455 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader malformed jpeg2000 superbox attempt (file-pdf.rules)
 * 1:18456 <-> DISABLED <-> FILE-PDF Adobe Acrobat XML entity escape attempt (file-pdf.rules)
 * 1:18460 <-> DISABLED <-> SERVER-WEBAPP Symantec Alert Management System pin number buffer overflow attempt (server-webapp.rules)
 * 1:18462 <-> ENABLED <-> OS-WINDOWS Microsoft Windows 2003 browser election remote heap overflow attempt (os-windows.rules)
 * 1:18463 <-> DISABLED <-> FILE-OTHER Microsoft Windows MPEG Layer-3 audio heap corruption attempt (file-other.rules)
 * 1:18464 <-> DISABLED <-> SERVER-WEBAPP Adobe ColdFusion locale directory traversal attempt (server-webapp.rules)
 * 1:18470 <-> DISABLED <-> SERVER-WEBAPP Java floating point number denial of service - via URI (server-webapp.rules)
 * 1:18471 <-> DISABLED <-> SERVER-WEBAPP Java floating point number denial of service - via POST (server-webapp.rules)
 * 1:18475 <-> DISABLED <-> SERVER-WEBAPP HP Openview OvWebHelp.exe buffer overflow (server-webapp.rules)
 * 1:18476 <-> DISABLED <-> SERVER-MAIL IBM Lotus Notes DOC attachment viewer buffer overflow (server-mail.rules)
 * 1:18478 <-> DISABLED <-> SERVER-WEBAPP miniBB rss.php premodDir remote file include attempt (server-webapp.rules)
 * 1:18479 <-> DISABLED <-> SERVER-WEBAPP miniBB rss.php pathToFiles remote file include attempt (server-webapp.rules)
 * 1:18480 <-> DISABLED <-> SERVER-WEBAPP HP openview network node manager ovlogin.exe buffer overflow - userid parameter (server-webapp.rules)
 * 1:18481 <-> DISABLED <-> SERVER-WEBAPP HP openview network node manager ovlogin.exe buffer overflow - password parameter (server-webapp.rules)
 * 1:18482 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer History.go method double free corruption attempt (browser-ie.rules)
 * 1:18485 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox JavaScript handler race condition memory corruption attempt (browser-firefox.rules)
 * 1:18486 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox JavaScript handler race condition memory corruption attempt (browser-firefox.rules)
 * 1:18488 <-> DISABLED <-> FILE-OTHER Adobe Photoshop wintab32.dll dll-load exploit attempt (file-other.rules)
 * 1:18489 <-> DISABLED <-> FILE-OTHER Adobe Photoshop wintab32.dll dll-load exploit attempt (file-other.rules)
 * 1:18490 <-> DISABLED <-> BROWSER-PLUGINS Whale Client Components ActiveX clsid access (browser-plugins.rules)
 * 1:18491 <-> DISABLED <-> BROWSER-PLUGINS Whale Client Components ActiveX ProgID access (browser-plugins.rules)
 * 1:18494 <-> ENABLED <-> OS-WINDOWS Microsoft product .dll dll-load exploit attempt (os-windows.rules)
 * 1:18495 <-> ENABLED <-> OS-WINDOWS Microsoft product .dll dll-load exploit attempt (os-windows.rules)
 * 1:18496 <-> ENABLED <-> OS-WINDOWS Microsoft Windows Media Player and shell extension ehtrace.dll dll-load exploit attempt (os-windows.rules)
 * 1:18497 <-> ENABLED <-> OS-WINDOWS Microsoft Windows Media Player and shell extension ehtrace.dll dll-load exploit attempt (os-windows.rules)
 * 1:18498 <-> ENABLED <-> FILE-OTHER Microsoft Media Player dvr-ms file parsing remote code execution attempt (file-other.rules)
 * 1:18499 <-> DISABLED <-> OS-WINDOWS Microsoft Groove mso.dll dll-load exploit attempt (os-windows.rules)
 * 1:18500 <-> DISABLED <-> OS-WINDOWS Microsoft Groove mso.dll dll-load exploit attempt (os-windows.rules)
 * 1:18506 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader CCITT stream compression filter invalid image size heap overflow attempt (file-pdf.rules)
 * 1:18507 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader CCITT stream compression filter invalid image size heap overflow attempt (file-pdf.rules)
 * 1:18508 <-> DISABLED <-> BROWSER-WEBKIT Apple Safari WebKit ParentStyleSheet exploit attempt (browser-webkit.rules)
 * 1:18510 <-> DISABLED <-> FILE-IMAGE Apple QuickTime FlashPix Movie file integer overflow attempt (file-image.rules)
 * 1:18512 <-> DISABLED <-> SERVER-OTHER Novell ZENworks Remote Management overflow attempt (server-other.rules)
 * 1:18513 <-> DISABLED <-> SERVER-MYSQL yaSSL SSL Hello Message Buffer Overflow attempt (server-mysql.rules)
 * 1:18514 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint malformed shapeid arbitrary code execution attempt (file-office.rules)
 * 1:18515 <-> DISABLED <-> FILE-OFFICE Microsoft Office Visio VSD file icon memory corruption attempt (file-office.rules)
 * 1:18518 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer HTML DOM invalid DHTML comment creation attempt (browser-ie.rules)
 * 1:18519 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer HTML DOM invalid DHTML element creation attempt (browser-ie.rules)
 * 1:18520 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer HTML DOM invalid DHTML exploit attempt (browser-ie.rules)
 * 1:18521 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer HTML DOM invalid DHTML element creation attempt (browser-ie.rules)
 * 1:18522 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer HTML DOM invalid DHTML element creation attempt (browser-ie.rules)
 * 1:18523 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer HTML DOM invalid DHTML exploit attempt (browser-ie.rules)
 * 1:18525 <-> DISABLED <-> SERVER-OTHER Lotus Domino LDAP Heap Buffer Overflow Attempt (server-other.rules)
 * 1:18529 <-> DISABLED <-> FILE-OTHER Adobe Premiere Pro ibfs32.dll dll-load exploit attempt (file-other.rules)
 * 1:18530 <-> DISABLED <-> FILE-OTHER Adobe Premier Pro ibfs32.dll dll-load exploit attempt (file-other.rules)
 * 1:18531 <-> DISABLED <-> SERVER-OTHER Multiple Vendors iacenc.dll dll-load exploit attempt (server-other.rules)
 * 1:18532 <-> DISABLED <-> OS-WINDOWS Multiple Vendors iacenc.dll dll-load exploit attempt (os-windows.rules)
 * 1:18535 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word file sprmTSetBrc processing buffer overflow attempt (file-office.rules)
 * 1:18536 <-> DISABLED <-> FILE-OFFICE OpenOffice.org Microsoft Office Word file processing integer underflow attempt (file-office.rules)
 * 1:18537 <-> DISABLED <-> FILE-OTHER OpenOffice.org XPM file processing integer overflow attempt (file-other.rules)
 * 1:18538 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel PtgName invalid index exploit attempt (file-office.rules)
 * 1:18539 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer event handling remote code execution attempt (browser-ie.rules)
 * 1:18541 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel 2007 invalid comments.xml uninitialized pointer access attempt 3 (file-office.rules)
 * 1:18542 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Media Player ActiveX unknow compression algorithm use arbitrary code execution attempt (browser-plugins.rules)
 * 1:18545 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel with embedded Flash file transfer (file-office.rules)
 * 1:18546 <-> ENABLED <-> FILE-OFFICE Microsoft Office Word with embedded Flash file transfer (file-office.rules)
 * 1:18547 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint with embedded Flash file transfer (file-office.rules)
 * 1:18548 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel with embedded Flash file attachment (file-office.rules)
 * 1:18549 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word with embedded Flash file attachment (file-office.rules)
 * 1:18550 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint with embedded Flash file attachment (file-office.rules)
 * 1:18556 <-> DISABLED <-> SERVER-WEBAPP Symantec IM manager IMAdminReportTrendFormRun.asp sql injection attempt (server-webapp.rules)
 * 1:18557 <-> DISABLED <-> PROTOCOL-RPC IBM Informix Dynamic Server librpc.dll buffer overflow attempt (protocol-rpc.rules)
 * 1:18558 <-> DISABLED <-> PROTOCOL-RPC IBM Informix Dynamic Server librpc.dll buffer overflow attempt (protocol-rpc.rules)
 * 1:18559 <-> ENABLED <-> SERVER-WEBAPP HP OpenView Performance Insight Server backdoor account code execution attempt (server-webapp.rules)
 * 1:18560 <-> ENABLED <-> SERVER-WEBAPP HP OpenView Performance Insight Server backdoor account code execution attempt (server-webapp.rules)
 * 1:18561 <-> DISABLED <-> FILE-IMAGE Apple QuickTime PICT file overread buffer overflow attempt (file-image.rules)
 * 1:18574 <-> DISABLED <-> SERVER-MAIL RCPT TO overflow (server-mail.rules)
 * 1:18578 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer RMOC3260.DLL cdda URI overflow attempt (browser-plugins.rules)
 * 1:18579 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Network Node Manager OpenView5 CGI buffer overflow attempt (server-webapp.rules)
 * 1:18581 <-> DISABLED <-> SERVER-OTHER IBM Tivoli Provisioning Manager for OS deployment HTTP server buffer attempt (server-other.rules)
 * 1:18582 <-> DISABLED <-> SERVER-OTHER IBM Tivoli Provisioning Manager for OS deployment HTTP server buffer attempt (server-other.rules)
 * 1:18585 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malformed TIFF remote code execution attempt (file-pdf.rules)
 * 1:18587 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector Stack Buffer Overflow (server-other.rules)
 * 1:18589 <-> DISABLED <-> NETBIOS Novell Client NetIdentity Agent remote arbitrary pointer dereference code execution attempt (netbios.rules)
 * 1:18590 <-> DISABLED <-> OS-WINDOWS Outlook Express WAB file parsing buffer overflow attempt (os-windows.rules)
 * 1:18592 <-> DISABLED <-> BROWSER-PLUGINS Yahoo Music Jukebox ActiveX exploit (browser-plugins.rules)
 * 1:18593 <-> DISABLED <-> FILE-IDENTIFY BitTorrent torrent file download request (file-identify.rules)
 * 1:18594 <-> DISABLED <-> BROWSER-PLUGINS Trend Micro Web Deployment ActiveX clsid access (browser-plugins.rules)
 * 1:18595 <-> DISABLED <-> BROWSER-PLUGINS Trend Micro Web Deployment ActiveX clsid access (browser-plugins.rules)
 * 1:18596 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader util.printf buffer overflow attempt (file-pdf.rules)
 * 1:18599 <-> DISABLED <-> FILE-IMAGE Apple QuickTime PictureViewer buffer overflow attempt (file-image.rules)
 * 1:18600 <-> DISABLED <-> FILE-IMAGE Apple QuickTime PictureViewer buffer overflow attempt (file-image.rules)
 * 1:18601 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Common Controls Animation Object ActiveX clsid access (browser-plugins.rules)
 * 1:18603 <-> DISABLED <-> SERVER-MAIL IBM Lotus Notes Applix Graphics Parsing Buffer Overflow (server-mail.rules)
 * 1:18615 <-> DISABLED <-> FILE-OFFICE Microsoft Works 4.x converter font name buffer overflow attempt (file-office.rules)
 * 1:18616 <-> DISABLED <-> FILE-OFFICE Microsoft Works 4.x converter font name buffer overflow attempt (file-office.rules)
 * 1:18619 <-> DISABLED <-> OS-WINDOWS Microsoft Visual Studio MFC applications mfc40.dll dll-load exploit attempt (os-windows.rules)
 * 1:18620 <-> DISABLED <-> OS-WINDOWS Microsoft Visual Studio MFC applications mfc42.dll dll-load exploit attempt (os-windows.rules)
 * 1:18621 <-> DISABLED <-> OS-WINDOWS Microsoft Visual Studio MFC applications mfc80.dll dll-load exploit attempt (os-windows.rules)
 * 1:18622 <-> DISABLED <-> OS-WINDOWS Microsoft Visual Studio MFC applications mfc90.dll dll-load exploit attempt (os-windows.rules)
 * 1:18623 <-> DISABLED <-> OS-WINDOWS Microsoft Visual Studio MFC applications mfc100.dll dll-load exploit attempt (os-windows.rules)
 * 1:18625 <-> DISABLED <-> OS-WINDOWS Microsoft Foundation Class applications mfc40.dll dll-load exploit attempt (os-windows.rules)
 * 1:18626 <-> DISABLED <-> OS-WINDOWS Microsoft Foundation Class applications mfc42.dll dll-load exploit attempt (os-windows.rules)
 * 1:18627 <-> DISABLED <-> OS-WINDOWS Microsoft Foundation Class applications mfc80.dll dll-load exploit attempt (os-windows.rules)
 * 1:18628 <-> DISABLED <-> OS-WINDOWS Microsoft Foundation Class applications mfc90.dll dll-load exploit attempt (os-windows.rules)
 * 1:18629 <-> DISABLED <-> OS-WINDOWS Microsoft Foundation Class applications mfc100.dll dll-load exploit attempt (os-windows.rules)
 * 1:18632 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel malformed Label record exploit attempt (file-office.rules)
 * 1:18633 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel RealTimeData record memory corruption attempt (file-office.rules)
 * 1:18634 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel Workspace file FontCount record memory corruption attempt (file-office.rules)
 * 1:18636 <-> ENABLED <-> FILE-OFFICE Microsoft Office PowerPoint SlideAtom record exploit attempt (file-office.rules)
 * 1:18637 <-> ENABLED <-> FILE-OFFICE Microsoft Office PowerPoint OfficeArt atom memory corruption attempt (file-office.rules)
 * 1:18638 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel drawing layer use after free attempt (file-office.rules)
 * 1:18639 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel CatSerRange record exploit attempt (file-office.rules)
 * 1:18645 <-> ENABLED <-> FILE-IMAGE Microsoft Windows GDI+ arbitrary code execution attempt (file-image.rules)
 * 1:18648 <-> ENABLED <-> PROTOCOL-SCADA IGSS IGSSDataServer.exe file upload/download attempt (protocol-scada.rules)
 * 1:18649 <-> ENABLED <-> PROTOCOL-SCADA IGSS IGSSDataServer.exe file operation overflow attempt (protocol-scada.rules)
 * 1:18655 <-> DISABLED <-> OS-WINDOWS Microsoft Windows LLMNR invalid reverse name lookup stack corruption attempt  (os-windows.rules)
 * 1:18657 <-> ENABLED <-> PROTOCOL-SCADA IGSS dc.exe file execution directory traversal attempt (protocol-scada.rules)
 * 1:18668 <-> ENABLED <-> BROWSER-PLUGINS Microsoft Windows Messenger ActiveX clsid access (browser-plugins.rules)
 * 1:18670 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer object management memory corruption attempt (browser-ie.rules)
 * 1:18671 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer object management memory corruption attempt (browser-ie.rules)
 * 1:18675 <-> DISABLED <-> FILE-IDENTIFY Microsoft Windows Fax Cover page document file download request (file-identify.rules)
 * 1:18679 <-> ENABLED <-> SERVER-OTHER Oracle Java Applet2ClassLoader Remote Code Execution (server-other.rules)
 * 1:18680 <-> DISABLED <-> FILE-OFFICE Microsoft Office RTF malformed pfragments field (file-office.rules)
 * 1:18681 <-> ENABLED <-> FILE-PDF transfer of a PDF with embedded JavaScript - JavaScript string attempt (file-pdf.rules)
 * 1:18684 <-> DISABLED <-> FILE-PDF PDF file with embedded PDF object (file-pdf.rules)
 * 1:18691 <-> DISABLED <-> OS-WINDOWS Microsoft Windows AFD.SYS null write attempt (os-windows.rules)
 * 1:18702 <-> DISABLED <-> FILE-OFFICE Microsoft Office RTF malformed pfragments field (file-office.rules)
 * 1:18703 <-> DISABLED <-> FILE-OFFICE Microsoft Office RTF malformed pfragments field (file-office.rules)
 * 1:18704 <-> DISABLED <-> FILE-OFFICE Microsoft Office RTF malformed second pfragments field (file-office.rules)
 * 1:18705 <-> DISABLED <-> FILE-OFFICE Microsoft Office RTF malformed second pfragments field (file-office.rules)
 * 1:18706 <-> DISABLED <-> FILE-OFFICE Microsoft Office RTF malformed second pfragments field (file-office.rules)
 * 1:18740 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel sheet object type confusion exploit attempt (file-office.rules)
 * 1:18742 <-> DISABLED <-> SERVER-WEBAPP IBM WebSphere Expect header cross-site scripting (server-webapp.rules)
 * 1:18744 <-> DISABLED <-> FILE-MULTIMEDIA VideoLAN vlc player subtitle buffer overflow attempt (file-multimedia.rules)
 * 1:18745 <-> DISABLED <-> SERVER-WEBAPP HP Power Manager formExportDataLogs buffer overflow attempt (server-webapp.rules)
 * 1:18753 <-> DISABLED <-> SERVER-OTHER Zend Server Java Bridge remote code execution attempt (server-other.rules)
 * 1:18754 <-> ENABLED <-> SERVER-OTHER HP Data Protector Backup Client Service code execution attempt (server-other.rules)
 * 1:18756 <-> DISABLED <-> INDICATOR-COMPROMISE Microsoft cmd.exe banner Windows 7/Server 2008R2 (indicator-compromise.rules)
 * 1:18757 <-> DISABLED <-> INDICATOR-COMPROMISE Microsoft cmd.exe banner Windows Vista (indicator-compromise.rules)
 * 1:18758 <-> DISABLED <-> FILE-IDENTIFY Microsoft Windows Visual Basic script file download request (file-identify.rules)
 * 1:18759 <-> ENABLED <-> SERVER-WEBAPP HP OpenView Network Node Manager ovwebsnmpsrv.exe displayWidth buffer overflow attempt - POST (server-webapp.rules)
 * 1:18760 <-> ENABLED <-> SERVER-WEBAPP HP OpenView Network Node Manager ovwebsnmpsrv.exe displayWidth buffer overflow attempt - GET (server-webapp.rules)
 * 1:18761 <-> DISABLED <-> SERVER-WEBAPP Majordomo2 http directory traversal attempt (server-webapp.rules)
 * 1:18764 <-> ENABLED <-> SERVER-WEBAPP HP OpenView Network Node Manager nnmRptConfig.exe multiple parameters buffer overflow attempt (server-webapp.rules)
 * 1:18765 <-> DISABLED <-> SERVER-MAIL Majordomo2 smtp directory traversal attempt (server-mail.rules)
 * 1:18767 <-> ENABLED <-> PROTOCOL-TFTP Multiple TFTP product buffer overflow attempt (protocol-tftp.rules)
 * 1:18768 <-> ENABLED <-> SERVER-MAIL Novell GroupWise internet agent RRULE parsing buffer overflow attempt (server-mail.rules)
 * 1:18770 <-> DISABLED <-> BROWSER-WEBKIT Apple Safari WebKit range object remote code execution attempt (browser-webkit.rules)
 * 1:18772 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel ADO Object Parsing Code Execution (file-office.rules)
 * 1:18791 <-> DISABLED <-> SERVER-OTHER Novell ZENworks Configuration Management Preboot service code overflow attempt (server-other.rules)
 * 1:18792 <-> DISABLED <-> SERVER-WEBAPP Novell ZENworks Configuration Management UploadServlet code execution attempt (server-webapp.rules)
 * 1:18793 <-> DISABLED <-> SERVER-WEBAPP Novell ZENworks Configuration Management UploadServlet code execution attempt (server-webapp.rules)
 * 1:18794 <-> DISABLED <-> SERVER-WEBAPP RedHat JBoss Enterprise Application Platform JMX authentication bypass attempt (server-webapp.rules)
 * 1:18795 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Network Node Manager ovet_demandpoll.exe format string execution attempt (server-webapp.rules)
 * 1:18797 <-> DISABLED <-> SERVER-WEBAPP Oracle Secure Backup Administration property_box.php other variable command execution attempt (server-webapp.rules)
 * 1:18798 <-> DISABLED <-> SERVER-OTHER HP Data Protector Media Operations denial of service attempt (server-other.rules)
 * 1:18799 <-> DISABLED <-> SERVER-OTHER HP Data Protector Media Operations denial of service attempt (server-other.rules)
 * 1:18801 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader JpxDecode invalid crgn memory corruption attempt (file-pdf.rules)
 * 1:18802 <-> DISABLED <-> SERVER-WEBAPP HP Power Manager formExportDataLogs directory traversal attempt (server-webapp.rules)
 * 1:18803 <-> DISABLED <-> SERVER-WEBAPP Oracle Java Runtime CMM readMabCurveData buffer overflow attempt (server-webapp.rules)
 * 1:18804 <-> DISABLED <-> SERVER-WEBAPP OpenLDAP Modrdn utf-8 string code execution attempt (server-webapp.rules)
 * 1:18805 <-> DISABLED <-> FILE-FLASH Adobe Flash Player undefined tag exploit attempt (file-flash.rules)
 * 1:18806 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel RealTimeData record exploit attempt (file-office.rules)
 * 1:18807 <-> DISABLED <-> SERVER-OTHER OpenLDAP Modrdn RDN NULL string denial of service attempt (server-other.rules)
 * 1:18809 <-> DISABLED <-> BROWSER-FIREFOX Mozilla EnsureCachedAttrPraramArrays integer overflow attempt (browser-firefox.rules)
 * 1:18902 <-> DISABLED <-> SERVER-WEBAPP Novell Teaming ajaxUploadImageFile remote code execution attempt (server-webapp.rules)
 * 1:18903 <-> DISABLED <-> BROWSER-WEBKIT Apple Safari WebKit Rendering Counter Code Execution (browser-webkit.rules)
 * 1:18904 <-> DISABLED <-> BROWSER-PLUGINS KingView ActiveX clsid access (browser-plugins.rules)
 * 1:18905 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18906 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18907 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18908 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18909 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18910 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18911 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18912 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18913 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18914 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18915 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18916 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18917 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18918 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18919 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18920 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18921 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18922 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18923 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18924 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18925 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18926 <-> DISABLED <-> PROTOCOL-SNMP Multiple vendors AgentX receive_agentx integer overflow attempt (protocol-snmp.rules)
 * 1:18928 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime streaming debug error logging buffer overflow attempt (file-multimedia.rules)
 * 1:18929 <-> DISABLED <-> SERVER-ORACLE Oracle Secure Backup Administration objectname variable command injection attempt (server-oracle.rules)
 * 1:18930 <-> ENABLED <-> SERVER-WEBAPP HP OpenView Network Node Manager nnmRptConfig.exe Template format string code execution attempt (server-webapp.rules)
 * 1:18931 <-> DISABLED <-> SERVER-APACHE Apache Struts OGNL parameter interception bypass command execution attempt (server-apache.rules)
 * 1:18932 <-> DISABLED <-> SERVER-WEBAPP Jboss default configuration unauthorized application add attempt (server-webapp.rules)
 * 1:18948 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint converter bad indirection remote code execution attempt (file-office.rules)
 * 1:18950 <-> ENABLED <-> OS-WINDOWS Microsoft WINS service oversize payload exploit attempt (os-windows.rules)
 * 1:18951 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer onPropertyChange deleteTable memory corruption attempt (browser-ie.rules)
 * 1:18952 <-> DISABLED <-> FILE-OTHER Microsoft Windows uniscribe fonts parsing memory corruption attempt (file-other.rules)
 * 1:18953 <-> DISABLED <-> FILE-OTHER rich text format unexpected field type memory corruption attempt (file-other.rules)
 * 1:18954 <-> DISABLED <-> FILE-OTHER rich text format unexpected field type memory corruption attempt (file-other.rules)
 * 1:18955 <-> DISABLED <-> SERVER-WEBAPP Symantec IM Manager LoggedInUsers.lgx definition file multiple SQL injections attempt (server-webapp.rules)
 * 1:18956 <-> DISABLED <-> SERVER-WEBAPP Symantec IM Manager LoggedInUsers.lgx definition file multiple SQL injections attempt (server-webapp.rules)
 * 1:18960 <-> ENABLED <-> SERVER-WEBAPP Novell GroupWise agents HTTP request remote code execution attempt (server-webapp.rules)
 * 1:18961 <-> DISABLED <-> OS-WINDOWS Microsoft Windows MSXML2 ActiveX malformed HTTP response (os-windows.rules)
 * 1:18962 <-> DISABLED <-> OS-WINDOWS Microsoft Windows MSXML2 ActiveX malformed HTTP response (os-windows.rules)
 * 1:18963 <-> ENABLED <-> FILE-FLASH Adobe ActionScript 3 addEventListener exploit attempt (file-flash.rules)
 * 1:18964 <-> ENABLED <-> FILE-FLASH Adobe Flash file DefineFont4 remote code execution attempt (file-flash.rules)
 * 1:18965 <-> ENABLED <-> FILE-FLASH Adobe Flash file ActionScript 2 ActionJump remote code execution attempt (file-flash.rules)
 * 1:18966 <-> ENABLED <-> FILE-FLASH Adobe Flash file DefineFont4 remote code execution attempt (file-flash.rules)
 * 1:18967 <-> ENABLED <-> FILE-FLASH Adobe ActionScript argumentCount download attempt (file-flash.rules)
 * 1:18968 <-> ENABLED <-> FILE-FLASH Adobe Flash ActionScript3 stack integer overflow attempt (file-flash.rules)
 * 1:18969 <-> ENABLED <-> FILE-FLASH Adobe Flash Player ActionScript ActionIf integer overflow attempt (file-flash.rules)
 * 1:18970 <-> ENABLED <-> FILE-FLASH Adobe Flash Player null pointer dereference attempt (file-flash.rules)
 * 1:18971 <-> ENABLED <-> FILE-FLASH Adobe Flash beginGradientfill improper color validation attempt (file-flash.rules)
 * 1:18973 <-> DISABLED <-> BROWSER-WEBKIT Apple Safari Webkit button first-letter style rendering code execution attempt (browser-webkit.rules)
 * 1:18985 <-> DISABLED <-> POLICY-OTHER CA ARCserve Axis2 default credential login attempt (policy-other.rules)
 * 1:18992 <-> DISABLED <-> FILE-FLASH Adobe Flash player content parsing execution attempt (file-flash.rules)
 * 1:18993 <-> ENABLED <-> SERVER-WEBAPP HP OpenView Network Node Manager server name exploit attempt (server-webapp.rules)
 * 1:18994 <-> ENABLED <-> OS-WINDOWS Microsoft Windows 2003 browser election remote heap overflow attempt (os-windows.rules)
 * 1:18995 <-> DISABLED <-> BROWSER-WEBKIT Apple Safari Webkit removeAllRanges use-after-free attempt (browser-webkit.rules)
 * 1:18996 <-> DISABLED <-> SERVER-ORACLE DBMS_JAVA.SET_OUTPUT_TO_JAVA privilege escalation attempt (server-oracle.rules)
 * 1:18998 <-> ENABLED <-> SERVER-WEBAPP HP OpenView NNM ovwebsnmpsrv.exe command line argument buffer overflow attempt (server-webapp.rules)
 * 1:18999 <-> DISABLED <-> SERVER-WEBAPP HP OpenView NNM webappmon.exe buffer overflow attempt (server-webapp.rules)
 * 1:19003 <-> DISABLED <-> BROWSER-WEBKIT Apple Safari Webkit run-in use-after-free attempt (browser-webkit.rules)
 * 1:19004 <-> DISABLED <-> BROWSER-WEBKIT Apple Safari Webkit run-in use-after-free attempt (browser-webkit.rules)
 * 1:19005 <-> DISABLED <-> BROWSER-CHROME Apple Safari/Google Chrome Webkit memory corruption attempt (browser-chrome.rules)
 * 1:19007 <-> DISABLED <-> SERVER-SAMBA Samba SID parsing overflow attempt (server-samba.rules)
 * 1:19008 <-> DISABLED <-> BROWSER-WEBKIT Apple Safari Webkit floating point conversion memory corruption attempt (browser-webkit.rules)
 * 1:19009 <-> DISABLED <-> BROWSER-WEBKIT Apple Safari WebKit menu onchange memory corruption attempt (browser-webkit.rules)
 * 1:19010 <-> DISABLED <-> BROWSER-WEBKIT Apple Safari WebKit menu onchange memory corruption attempt (browser-webkit.rules)
 * 1:19013 <-> ENABLED <-> PROTOCOL-TFTP HP Intelligent Management Center TFTP server MODE remote code execution attempt - WRQ (protocol-tftp.rules)
 * 1:19014 <-> ENABLED <-> PROTOCOL-TFTP HP Intelligent Management Center TFTP server MODE remote code execution attempt - RRQ (protocol-tftp.rules)
 * 1:19020 <-> DISABLED <-> INDICATOR-COMPROMISE Suspicious .cc dns query (indicator-compromise.rules)
 * 1:19043 <-> DISABLED <-> PUA-ADWARE RogueSoftware.Win32.BestBoan outbound connection (pua-adware.rules)
 * 1:19044 <-> DISABLED <-> PUA-ADWARE RogueSoftware.Win32.ThinkPoint outbound connection (pua-adware.rules)
 * 1:19046 <-> DISABLED <-> PUA-ADWARE RogueSoftware.Win32.Winwebsec outbound connection (pua-adware.rules)
 * 1:19058 <-> ENABLED <-> MALWARE-CNC Worm.Win32.Faketube update request (malware-cnc.rules)
 * 1:19063 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows Movie Maker string size overflow attempt (file-multimedia.rules)
 * 1:19064 <-> DISABLED <-> FILE-OTHER Microsoft OpenType font index remote code execution attempt (file-other.rules)
 * 1:19072 <-> DISABLED <-> SERVER-OTHER RealNetworks Helix Server NTLM authentication heap overflow attempt (server-other.rules)
 * 1:19073 <-> DISABLED <-> SERVER-OTHER Squid Proxy Expect header null pointer denial of service attempt (server-other.rules)
 * 1:19074 <-> DISABLED <-> INDICATOR-OBFUSCATION javascript uuencoded noop sled attempt (indicator-obfuscation.rules)
 * 1:19075 <-> DISABLED <-> INDICATOR-OBFUSCATION javascript uuencoded eval statement (indicator-obfuscation.rules)
 * 1:19076 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox appendChild use-after-free attempt (browser-firefox.rules)
 * 1:19077 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox appendChild use-after-free attempt (browser-firefox.rules)
 * 1:19078 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox html tag attributes memory corruption (browser-firefox.rules)
 * 1:19081 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CSS style memory corruption attempt (browser-ie.rules)
 * 1:19085 <-> DISABLED <-> BROWSER-PLUGINS LEADTOOLS Raster Twain LtocxTwainu.dll ActiveX clsid access (browser-plugins.rules)
 * 1:19086 <-> DISABLED <-> BROWSER-PLUGINS LEADTOOLS Raster Twain LtocxTwainu.dll ActiveX function call (browser-plugins.rules)
 * 1:19093 <-> DISABLED <-> SERVER-MYSQL Database unique set column denial of service attempt (server-mysql.rules)
 * 1:19094 <-> DISABLED <-> SERVER-MYSQL Database unique set column denial of service attempt (server-mysql.rules)
 * 1:19099 <-> DISABLED <-> BROWSER-WEBKIT Apple Safari CSS font format corruption attempt (browser-webkit.rules)
 * 1:19100 <-> DISABLED <-> FILE-JAVA Oracle Java Soundbank resource name overflow attempt (file-java.rules)
 * 1:19101 <-> DISABLED <-> SERVER-ORACLE Oracle Java Web Server Admin Server denial of service attempt (server-oracle.rules)
 * 1:19104 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector Cell Manager heap overflow attempt (server-other.rules)
 * 1:19105 <-> DISABLED <-> SERVER-OTHER HP Data Protector Manager MMD service buffer overflow attempt (server-other.rules)
 * 1:19107 <-> DISABLED <-> SERVER-APACHE Apache mod_isapi dangling pointer code execution attempt (server-apache.rules)
 * 1:19108 <-> DISABLED <-> BROWSER-PLUGINS SonicWall Aventail EPInstaller ActiveX clsid access (browser-plugins.rules)
 * 1:19109 <-> DISABLED <-> BROWSER-PLUGINS SonicWall Aventail EPInstaller ActiveX function call access (browser-plugins.rules)
 * 1:19110 <-> DISABLED <-> SERVER-WEBAPP IBM Rational Quality Manager and Test Lab Manager policy bypass attempt (server-webapp.rules)
 * 1:19112 <-> DISABLED <-> FILE-OTHER Adobe Shockwave 3D stucture heap overflow (file-other.rules)
 * 1:19113 <-> DISABLED <-> FILE-OTHER Adobe Shockwave 3D structure opcode 81 overflow attempt (file-other.rules)
 * 1:19114 <-> DISABLED <-> FILE-OTHER Adobe Shockwave 3D structure opcode 45 overflow attempt (file-other.rules)
 * 1:19115 <-> DISABLED <-> FILE-OTHER Adobe Shockwave 3D structure opcode 89 overflow attempt (file-other.rules)
 * 1:19117 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malformed U3D integer overflow (file-pdf.rules)
 * 1:19118 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader script injection vulnerability (file-pdf.rules)
 * 1:19120 <-> DISABLED <-> SERVER-OTHER IBM Informix DBINFO stack buffer overflow (server-other.rules)
 * 1:19121 <-> DISABLED <-> SERVER-OTHER IBM Informix EXPLAIN stack buffer overflow attempt (server-other.rules)
 * 1:19124 <-> DISABLED <-> SERVER-APACHE Apache mod_isapi dangling pointer exploit attempt (server-apache.rules)
 * 1:19126 <-> ENABLED <-> FILE-MULTIMEDIA RealNetworks RealPlayer IVR handling heap buffer overflow attempt (file-multimedia.rules)
 * 1:19127 <-> ENABLED <-> FILE-MULTIMEDIA RealNetworks RealPlayer IVR handling heap buffer overflow attempt (file-multimedia.rules)
 * 1:19131 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel RTD buffer overflow attempt (file-office.rules)
 * 1:19132 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel RTD buffer overflow attempt (file-office.rules)
 * 1:19133 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel EntExU2 write access violation attempt (file-office.rules)
 * 1:19134 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel PtgExtraArray data parsing vulnerability exploit attempt (file-office.rules)
 * 1:19136 <-> DISABLED <-> SERVER-WEBAPP CA XOsoft Multiple Products entry_point.aspx buffer overflow attempt (server-webapp.rules)
 * 1:19137 <-> DISABLED <-> SERVER-WEBAPP HP OpenView NNM getnnmdata.exe CGI ICount parameter buffer overflow attempt (server-webapp.rules)
 * 1:19138 <-> DISABLED <-> SERVER-WEBAPP HP OpenView NNM getnnmdata.exe CGI hostname parameter buffer overflow attempt (server-webapp.rules)
 * 1:19139 <-> DISABLED <-> SERVER-WEBAPP HP OpenView NNM getnnmdata.exe CGI MaxAge parameter buffer overflow attempt (server-webapp.rules)
 * 1:19140 <-> DISABLED <-> SERVER-WEBAPP HP OpenView NNM snmpviewer.exe CGI parameter buffer overflow attempt (server-webapp.rules)
 * 1:19142 <-> DISABLED <-> SERVER-WEBAPP Symantec IM Manager IMAdminScheduleReport.asp SQL injection attempt (server-webapp.rules)
 * 1:19145 <-> DISABLED <-> FILE-FLASH Adobe Flash Player newfunction memory corruption attempt (file-flash.rules)
 * 1:19146 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows DirectX quartz.dll MJPEG content processing memory corruption attempt (file-multimedia.rules)
 * 1:19147 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer innerHTML against incomplete element heap corruption attempt (browser-ie.rules)
 * 1:19149 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer malformed table tag memory corruption attempt (browser-ie.rules)
 * 1:19150 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer malformed table tag memory corruption attempt (browser-ie.rules)
 * 1:19153 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word malformed index code execution attempt (file-office.rules)
 * 1:19154 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel PtgExtraArray parsing attempt (file-office.rules)
 * 1:19155 <-> DISABLED <-> SERVER-WEBAPP HP Data Protector Media Operations SignInName Parameter overflow attempt (server-webapp.rules)
 * 1:19158 <-> DISABLED <-> POLICY-OTHER HP Universal CMDB server axis2 service upload attempt (policy-other.rules)
 * 1:19159 <-> DISABLED <-> SERVER-OTHER HP Data Protector Manager RDS attempt (server-other.rules)
 * 1:19162 <-> DISABLED <-> SERVER-ORACLE get_domain_index_metadata privilege escalation attempt (server-oracle.rules)
 * 1:19163 <-> DISABLED <-> SERVER-ORACLE get_v2_domain_index_tables privilege escalation attempt (server-oracle.rules)
 * 1:19167 <-> DISABLED <-> PROTOCOL-VOIP Digium Asterisk UDPTL processing overflow attempt (protocol-voip.rules)
 * 1:19168 <-> DISABLED <-> SERVER-WEBAPP Oracle GoldenGate Veridata Server soap request overflow attempt (server-webapp.rules)
 * 1:19171 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer 8 ieshims.dll dll-load exploit attempt (browser-ie.rules)
 * 1:19172 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer 8 ieshims.dll dll-load exploit attempt (browser-ie.rules)
 * 1:19173 <-> ENABLED <-> PROTOCOL-RPC CDE Calendar Manager service memory corruption attempt (protocol-rpc.rules)
 * 1:19174 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Vista feed headlines cross-site scripting attack attempt (os-windows.rules)
 * 1:19182 <-> DISABLED <-> SERVER-OTHER strongSwan Certificate and Identification payload overflow attempt (server-other.rules)
 * 1:19183 <-> DISABLED <-> SERVER-IIS Microsoft Windows IIS FastCGI request header buffer overflow attempt (server-iis.rules)
 * 1:19184 <-> ENABLED <-> OS-WINDOWS Microsoft Windows OLEAUT32.DLL malicious WMF file remote code execution attempt (os-windows.rules)
 * 1:19188 <-> ENABLED <-> OS-WINDOWS Microsoft Windows ATMFD font driver malicious font file remote code execution attempt (os-windows.rules)
 * 1:19189 <-> ENABLED <-> OS-WINDOWS SMB-DS Trans2 Distributed File System response PathConsumed integer overflow attempt (os-windows.rules)
 * 1:19190 <-> ENABLED <-> NETBIOS SMB-DS Trans2 Distributed File System GET_DFS_REFERRAL request (netbios.rules)
 * 1:19191 <-> DISABLED <-> OS-WINDOWS SMB2 zero length write attempt (os-windows.rules)
 * 1:19192 <-> DISABLED <-> SERVER-IIS Microsoft Windows IIS stack exhaustion DoS attempt (server-iis.rules)
 * 1:19193 <-> ENABLED <-> BROWSER-PLUGINS Oracle Document Capture ActiveX clsid access (browser-plugins.rules)
 * 1:19194 <-> ENABLED <-> BROWSER-PLUGINS Oracle Document Capture ActiveX function call access (browser-plugins.rules)
 * 1:19195 <-> ENABLED <-> BROWSER-PLUGINS Oracle Document Capture ActiveX function call access (browser-plugins.rules)
 * 1:19199 <-> ENABLED <-> OS-WINDOWS Smb2Create_Finalize malformed EndOfFile field exploit attempt (os-windows.rules)
 * 1:19200 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel ObjBiff exploit attempt (file-office.rules)
 * 1:19205 <-> DISABLED <-> SERVER-OTHER Novell iManager Tree parameter denial of service attempt (server-other.rules)
 * 1:19206 <-> DISABLED <-> SERVER-OTHER IBM DB2 Universal Database receiveDASMessage buffer overflow attempt (server-other.rules)
 * 1:19207 <-> DISABLED <-> SERVER-OTHER Symantec Alert Management System AMSSendAlertAck stack buffer overflow attempt (server-other.rules)
 * 1:19209 <-> DISABLED <-> SERVER-WEBAPP Symantec Alert Management System modem string buffer overflow attempt (server-webapp.rules)
 * 1:19210 <-> ENABLED <-> SERVER-OTHER IBM Informix Dynamic Server set environment buffer overflow attempt (server-other.rules)
 * 1:19215 <-> ENABLED <-> FILE-IDENTIFY Google Chrome extension file download request (file-identify.rules)
 * 1:19216 <-> ENABLED <-> BROWSER-CHROME Google Chrome Uninitialized bug_report Pointer Code Execution (browser-chrome.rules)
 * 1:19217 <-> ENABLED <-> BROWSER-CHROME Google Chrome Uninitialized bug_report Pointer Code Execution (browser-chrome.rules)
 * 1:19218 <-> DISABLED <-> FILE-IDENTIFY Microsoft Windows Fax Cover page document file download request (file-identify.rules)
 * 1:19219 <-> DISABLED <-> FILE-OTHER Microsoft Windows Fax Services Cover Page Editor Double Free Memory Corruption (file-other.rules)
 * 1:19220 <-> DISABLED <-> FILE-OTHER Microsoft Windows Fax Services Cover Page Editor Double Free Memory Corruption (file-other.rules)
 * 1:19221 <-> ENABLED <-> OS-WINDOWS SMB-DS Trans2 Distributed File System response PathConsumed integer overflow attempt (os-windows.rules)
 * 1:19222 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel ObjBiff validation exploit attempt (file-office.rules)
 * 1:19225 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel SerAuxTrend biff record corruption attempt (file-office.rules)
 * 1:19226 <-> ENABLED <-> FILE-OTHER Cisco Webex Player .wrf stack buffer overflow (file-other.rules)
 * 1:19227 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel Scenario heap memory overflow (file-office.rules)
 * 1:19228 <-> DISABLED <-> SERVER-WEBAPP Oracle Secure Backup Administration preauth variable command injection attempt (server-webapp.rules)
 * 1:19229 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel SLK file excessive Picture records exploit attempt (file-office.rules)
 * 1:19230 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel Selection exploit attempt (file-office.rules)
 * 1:19231 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel Series record exploit attempt (file-office.rules)
 * 1:19232 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel XF record exploit attempt (file-office.rules)
 * 1:19233 <-> DISABLED <-> FILE-IDENTIFY Microsoft Windows Visual Studio DISCO file download request (file-identify.rules)
 * 1:19235 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer copy/paste memory corruption attempt (browser-ie.rules)
 * 1:19236 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer drag event memory corruption attempt (browser-ie.rules)
 * 1:19238 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer 8 self remove from markup vulnerability (browser-ie.rules)
 * 1:19239 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 8 toStaticHTML XSS attempt (browser-ie.rules)
 * 1:19240 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer 6/7/8 reload stylesheet attempt (browser-ie.rules)
 * 1:19241 <-> DISABLED <-> BROWSER-IE Microsoft Windows Vector Markup Language imagedata page deconstruction attempt (browser-ie.rules)
 * 1:19242 <-> DISABLED <-> BROWSER-IE Microsoft Windows Vector Markup Language imagedata page deconstruction attempt (browser-ie.rules)
 * 1:19243 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer layout-grid-char value exploit attempt (browser-ie.rules)
 * 1:19246 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer CSS expression defined to empty selection attempt (browser-ie.rules)
 * 1:19247 <-> ENABLED <-> FILE-IMAGE Adobe jpeg 2000 image exploit attempt (file-image.rules)
 * 1:19249 <-> ENABLED <-> FILE-FLASH Adobe Universal3D meshes.removeItem exploit attempt (file-flash.rules)
 * 1:19251 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader CIDFont dictionary glyph width corruption attempt (file-pdf.rules)
 * 1:19257 <-> ENABLED <-> FILE-FLASH Adobe Flash ActionScript float index memory corruption (file-flash.rules)
 * 1:19261 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel BIFF8 invalid Selection.cref exploit attempt (file-office.rules)
 * 1:19262 <-> ENABLED <-> FILE-FLASH Adobe Flash ActionScript float index array memory corruption (file-flash.rules)
 * 1:19263 <-> ENABLED <-> FILE-FLASH Adobe Flash ActionScript float index array memory corruption (file-flash.rules)
 * 1:19264 <-> ENABLED <-> FILE-FLASH Adobe Flash ActionScript float index array memory corruption (file-flash.rules)
 * 1:19265 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer layout-grid-char value exploit attempt (browser-ie.rules)
 * 1:19266 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer layout-grid-char value exploit attempt (browser-ie.rules)
 * 1:19268 <-> DISABLED <-> FILE-PDF attempted download of a PDF with embedded Flash (file-pdf.rules)
 * 1:19269 <-> DISABLED <-> FILE-PDF attempted download of a PDF with embedded Flash (file-pdf.rules)
 * 1:19281 <-> DISABLED <-> INDICATOR-SHELLCODE x86 OS agnostic single-byte xor countodwn encoder (indicator-shellcode.rules)
 * 1:19282 <-> DISABLED <-> INDICATOR-SHELLCODE x86 OS agnostic cpuid-based context keyed encoder (indicator-shellcode.rules)
 * 1:19283 <-> DISABLED <-> INDICATOR-SHELLCODE x86 OS agnostic stat-based context keyed encoder (indicator-shellcode.rules)
 * 1:19284 <-> DISABLED <-> INDICATOR-SHELLCODE x86 OS agnostic time-based context keyed encoder (indicator-shellcode.rules)
 * 1:19285 <-> DISABLED <-> INDICATOR-SHELLCODE x86 OS agnostic non-alpha/non-upper encoder (indicator-shellcode.rules)
 * 1:19286 <-> DISABLED <-> INDICATOR-SHELLCODE x86 OS agnostic unicode uppercase encoder (indicator-shellcode.rules)
 * 1:19287 <-> DISABLED <-> INDICATOR-SHELLCODE x86 OS agnostic unicode mixed encoder (indicator-shellcode.rules)
 * 1:19288 <-> DISABLED <-> INDICATOR-SHELLCODE x86 OS agnostic unicode tolower encoder (indicator-shellcode.rules)
 * 1:19290 <-> DISABLED <-> FILE-OTHER Microsoft LNK shortcut arbitary dll load attempt (file-other.rules)
 * 1:19292 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox appendChild use-after-free attempt (browser-firefox.rules)
 * 1:19293 <-> ENABLED <-> FILE-FLASH Adobe Flash Player memory corruption attempt (file-flash.rules)
 * 1:1930 <-> DISABLED <-> PROTOCOL-IMAP auth literal overflow attempt (protocol-imap.rules)
 * 1:19304 <-> DISABLED <-> BROWSER-PLUGINS Oracle EasyMail ActiveX clsid access (browser-plugins.rules)
 * 1:19305 <-> DISABLED <-> BROWSER-PLUGINS Oracle EasyMail ActiveX function call access (browser-plugins.rules)
 * 1:19306 <-> DISABLED <-> FILE-OFFICE Microsoft Office Publisher pubconv.dll corruption attempt (file-office.rules)
 * 1:19308 <-> DISABLED <-> FILE-OTHER Microsoft Windows embedded OpenType EOT font integer overflow attempt (file-other.rules)
 * 1:19313 <-> ENABLED <-> SERVER-OTHER Symantec Antivirus Intel Service DoS Attempt (server-other.rules)
 * 1:19314 <-> DISABLED <-> OS-WINDOWS Groove GroovePerfmon.dll dll-load exploit attempt (os-windows.rules)
 * 1:19315 <-> DISABLED <-> OS-WINDOWS Microsoft Groove GroovePerfmon.dll dll-load exploit attempt (os-windows.rules)
 * 1:19320 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows AVI Header insufficient data corruption attempt (file-multimedia.rules)
 * 1:19321 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Products nsCSSValue Array Index Integer Overflow (browser-firefox.rules)
 * 1:19323 <-> ENABLED <-> SERVER-OTHER Novell ZENworks Handheld Management ZfHIPCND.exe buffer overflow attempt (server-other.rules)
 * 1:19391 <-> DISABLED <-> PUA-ADWARE Lost Door v3.0 (pua-adware.rules)
 * 1:19403 <-> DISABLED <-> FILE-MULTIMEDIA Cinepak Codec VIDC decompression remote code execution attempt (file-multimedia.rules)
 * 1:19405 <-> DISABLED <-> FILE-OFFICE Microsoft Office Outlook SMB attach by reference code execution attempt (file-office.rules)
 * 1:19406 <-> DISABLED <-> FILE-OFFICE Microsoft Office Outlook SMB attach by reference code execution attempt (file-office.rules)
 * 1:19407 <-> DISABLED <-> FILE-OFFICE Microsoft Office Outlook SMB attach by reference code execution attempt (file-office.rules)
 * 1:19408 <-> DISABLED <-> FILE-FLASH Adobe Flash Player newfunction memory corruption exploit attempt (file-flash.rules)
 * 1:1941 <-> DISABLED <-> PROTOCOL-TFTP GET filename overflow attempt (protocol-tftp.rules)
 * 1:19411 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer Cross-Domain information disclosure attempt (browser-ie.rules)
 * 1:19412 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel RealTimeData record parsing memory corruption (file-office.rules)
 * 1:19416 <-> DISABLED <-> OS-MOBILE Apple iOS 4.3.3 jailbreak for iPad download attempt (os-mobile.rules)
 * 1:19417 <-> DISABLED <-> OS-MOBILE Apple iOS 4.3.3 jailbreak for iPad download attempt (os-mobile.rules)
 * 1:19418 <-> DISABLED <-> OS-MOBILE Apple iOS 4.3.3 jailbreak for iPhone download attempt (os-mobile.rules)
 * 1:19419 <-> DISABLED <-> OS-MOBILE Apple iOS 4.3.3 jailbreak for iPod download attempt (os-mobile.rules)
 * 1:19430 <-> ENABLED <-> FILE-IDENTIFY MIDI file download request (file-identify.rules)
 * 1:19431 <-> DISABLED <-> FILE-MULTIMEDIA Nullsoft Winamp MIDI Timestamp buffer overflow attempt (file-multimedia.rules)
 * 1:19432 <-> DISABLED <-> FILE-MULTIMEDIA Nullsoft Winamp MIDI Timestamp buffer overflow attempt (file-multimedia.rules)
 * 1:19441 <-> DISABLED <-> SERVER-WEBAPP Oracle Virtual Server Agent command injection attempt (server-webapp.rules)
 * 1:19442 <-> DISABLED <-> FILE-OFFICE Microsoft Office embedded Office Art drawings execution attempt (file-office.rules)
 * 1:19444 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows Media sample duration header RCE attempt (file-multimedia.rules)
 * 1:19445 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows Media Timecode header RCE attempt (file-multimedia.rules)
 * 1:19446 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows Media file name header RCE attempt (file-multimedia.rules)
 * 1:19447 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows Media content type header RCE attempt (file-multimedia.rules)
 * 1:19448 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows Media pixel aspect ratio header RCE attempt (file-multimedia.rules)
 * 1:19449 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows Media encryption sample ID header RCE attempt (file-multimedia.rules)
 * 1:19450 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows Media encryption sample ID header RCE attempt (file-multimedia.rules)
 * 1:19451 <-> DISABLED <-> SERVER-OTHER Oracle VM server agent command injection (server-other.rules)
 * 1:19452 <-> DISABLED <-> SERVER-OTHER Oracle VM server agent command injection (server-other.rules)
 * 1:19458 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word sprmCMajority record buffer overflow attempt (file-office.rules)
 * 1:19459 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word sprmCMajority record buffer overflow attempt (file-office.rules)
 * 1:19460 <-> DISABLED <-> OS-WINDOWS Microsoft Windows CSRSS multiple consoles on a single process attempt (os-windows.rules)
 * 1:19461 <-> DISABLED <-> OS-WINDOWS Microsoft CSRSS NULL Fontface pointer attempt (os-windows.rules)
 * 1:19462 <-> DISABLED <-> OS-WINDOWS Microsoft Windows CSRSS negative array index code execution attempt (os-windows.rules)
 * 1:19463 <-> DISABLED <-> OS-WINDOWS Microsoft Windows CSRSS double free attempt (os-windows.rules)
 * 1:19465 <-> DISABLED <-> OS-WINDOWS Visio mfc71 dll-load exploit attempt (os-windows.rules)
 * 1:19466 <-> DISABLED <-> FILE-OFFICE Microsoft Office Visio mfc71 dll-load exploit attempt (file-office.rules)
 * 1:1948 <-> DISABLED <-> PROTOCOL-DNS dns zone transfer via UDP detected (protocol-dns.rules)
 * 1:19552 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel format record code execution attempt (file-office.rules)
 * 1:19553 <-> DISABLED <-> SERVER-WEBAPP phpMyAdmin session_to_unset session variable injection attempt (server-webapp.rules)
 * 1:19560 <-> DISABLED <-> FILE-MULTIMEDIA Apple iTunes PLS file parsing buffer overflow attempt (file-multimedia.rules)
 * 1:19561 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer ieframe.dll ActiveX clsid access (browser-plugins.rules)
 * 1:19562 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealGames InstallerDlg.dll ActiveX clsid access (browser-plugins.rules)
 * 1:19563 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealGames InstallerDlg.dll ActiveX function call access (browser-plugins.rules)
 * 1:19564 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealGames InstallerDlg.dll ActiveX clsid access (browser-plugins.rules)
 * 1:19565 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealGames InstallerDlg.dll ActiveX function call access (browser-plugins.rules)
 * 1:19618 <-> DISABLED <-> FILE-OTHER Adobe multiple products dwmapi.dll dll-load exploit attempt (file-other.rules)
 * 1:19620 <-> DISABLED <-> FILE-FLASH Adobe multiple products dwmapi.dll dll-load exploit attempt (file-flash.rules)
 * 1:19621 <-> ENABLED <-> FILE-MULTIMEDIA MultiMedia Soft Components AdjMmsEng.dll PLS file processing buffer overflow attempt (file-multimedia.rules)
 * 1:19645 <-> DISABLED <-> SERVER-WEBAPP cross-site scripting attempt via form data attempt (server-webapp.rules)
 * 1:19646 <-> DISABLED <-> FILE-PDF PDF with click-to-launch executable (file-pdf.rules)
 * 1:19647 <-> DISABLED <-> FILE-PDF PDF with click-to-launch executable (file-pdf.rules)
 * 1:19648 <-> DISABLED <-> FILE-PDF PDF with click-to-launch executable (file-pdf.rules)
 * 1:19649 <-> ENABLED <-> SERVER-OTHER HP Intelligent Management Center dbman buffer overflow attempt (server-other.rules)
 * 1:19653 <-> DISABLED <-> SERVER-WEBAPP Wordpress timthumb.php theme remote file include attack attempt (server-webapp.rules)
 * 1:19661 <-> DISABLED <-> SERVER-OTHER Alucar php shell download attempt (server-other.rules)
 * 1:19665 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Remote Desktop web access cross site scripting attempt - GET request (os-windows.rules)
 * 1:19668 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer telnet.exe file load exploit attempt (browser-ie.rules)
 * 1:19670 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer telnet.exe file load exploit attempt (browser-ie.rules)
 * 1:19671 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer XSLT memory corruption attempt (browser-ie.rules)
 * 1:19672 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer stylesheet dynamic access memory corruption attempt (browser-ie.rules)
 * 1:19673 <-> ENABLED <-> OS-WINDOWS Microsoft Data Access Components bidlab.dll dll-load exploit attempt (os-windows.rules)
 * 1:19674 <-> ENABLED <-> OS-WINDOWS Microsoft Data Access Components bidlab.dll dll-load exploit attempt (os-windows.rules)
 * 1:19675 <-> ENABLED <-> FILE-OFFICE Microsoft Office Visio invalid UMLString data length exploit attempt (file-office.rules)
 * 1:19676 <-> ENABLED <-> FILE-OFFICE Microsoft Office Visio invalid UMLDTOptions object exploit attempt (file-office.rules)
 * 1:19677 <-> ENABLED <-> OS-WINDOWS Microsoft Windows DNS NAPTR remote unauthenticated code execution vulnerability attempt (os-windows.rules)
 * 1:19678 <-> ENABLED <-> OS-WINDOWS Microsoft Windows remote unauthenticated DoS/bugcheck vulnerability (os-windows.rules)
 * 1:19681 <-> DISABLED <-> OS-WINDOWS Microsoft Report Viewer reflect XSS attempt (os-windows.rules)
 * 1:19682 <-> ENABLED <-> FILE-FLASH Adobe Flash Player ActionScript 3 integer overflow attempt (file-flash.rules)
 * 1:19683 <-> ENABLED <-> FILE-FLASH Adobe Flash Player ActionScript 3 buffer overflow attempt (file-flash.rules)
 * 1:19684 <-> ENABLED <-> FILE-OTHER Adobe CFF font storage memory corruption attempt (file-other.rules)
 * 1:19685 <-> ENABLED <-> FILE-FLASH Adobe Flash regular expression grouping depth buffer overflow attempt (file-flash.rules)
 * 1:19686 <-> ENABLED <-> FILE-FLASH Adobe Flash uninitialized bitmap structure memory corruption attempt (file-flash.rules)
 * 1:19687 <-> ENABLED <-> FILE-FLASH Adobe Flash ActionStoreRegister instruction length invalidation attempt (file-flash.rules)
 * 1:19688 <-> ENABLED <-> FILE-FLASH Adobe Flash Actionscript BitmapData buffer overflow attempt (file-flash.rules)
 * 1:19689 <-> ENABLED <-> FILE-FLASH Adobe Flash Actionscript dynamic calculation double-free attempt (file-flash.rules)
 * 1:19690 <-> ENABLED <-> FILE-FLASH Adobe Flash Actionscript duplicateDoorInputArguments stack overwrite (file-flash.rules)
 * 1:19691 <-> ENABLED <-> FILE-FLASH Adobe Flash Actionscript File reference buffer overflow attempt (file-flash.rules)
 * 1:19692 <-> DISABLED <-> FILE-FLASH Adobe Flash cross-site request forgery attempt (file-flash.rules)
 * 1:19693 <-> ENABLED <-> FILE-FLASH Adobe Flash MP4 ref_frame allocated buffer overflow attempt (file-flash.rules)
 * 1:19694 <-> DISABLED <-> SERVER-WEBAPP Microsoft Windows .NET Chart Control directory traversal attempt (server-webapp.rules)
 * 1:19708 <-> DISABLED <-> SERVER-MAIL Postfix SMTP Server SASL AUTH Handle Reuse Memory Corruption (server-mail.rules)
 * 1:19709 <-> DISABLED <-> SERVER-APACHE Apache APR apr_fn match infinite loop denial of service attempt (server-apache.rules)
 * 1:19710 <-> DISABLED <-> BROWSER-CHROME Google Chrome float rendering corruption attempt (browser-chrome.rules)
 * 1:19713 <-> ENABLED <-> BROWSER-FIREFOX Mozilla Array.reduceRight integer overflow (browser-firefox.rules)
 * 1:19714 <-> ENABLED <-> BROWSER-FIREFOX Mozilla Array.reduceRight integer overflow (browser-firefox.rules)
 * 1:1975 <-> ENABLED <-> PROTOCOL-FTP DELE overflow attempt (protocol-ftp.rules)
 * 1:19779 <-> DISABLED <-> INDICATOR-SCAN sqlmap SQL injection scan attempt (indicator-scan.rules)
 * 1:19806 <-> ENABLED <-> BROWSER-WEBKIT Apple Safari Webkit SVG memory corruption attempt (browser-webkit.rules)
 * 1:19807 <-> ENABLED <-> BROWSER-WEBKIT Apple Safari Webkit SVG memory corruption attempt (browser-webkit.rules)
 * 1:19808 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer covered object memory corruption attempt (browser-ie.rules)
 * 1:19809 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer covered object memory corruption attempt (browser-ie.rules)
 * 1:19810 <-> DISABLED <-> SERVER-OTHER CA Total Defense Suite UNCWS deleteReportTemplate SQL injection attempt (server-other.rules)
 * 1:19812 <-> ENABLED <-> SERVER-OTHER CA Total Defense Suite UNCWS getDBConfigSettings credential information disclosure attempt (server-other.rules)
 * 1:19813 <-> ENABLED <-> SERVER-WEBAPP Novell File Reporter Agent XMLK parsing stack bugger overflow attempt (server-webapp.rules)
 * 1:19814 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer empty table tag memory corruption attempt (browser-ie.rules)
 * 1:19816 <-> DISABLED <-> NETBIOS Juniper NeoterisSetupService named pipe access attempt (netbios.rules)
 * 1:19817 <-> DISABLED <-> NETBIOS Juniper Odyssey Access Client DSSETUPSERVICE_CMD_UNINSTALL overflow attempt (netbios.rules)
 * 1:19818 <-> DISABLED <-> OS-WINDOWS Microsoft XML core services cross-domain information disclosure attempt (os-windows.rules)
 * 1:19826 <-> DISABLED <-> SERVER-WEBAPP HP Power Manager remote code execution attempt (server-webapp.rules)
 * 1:1986 <-> DISABLED <-> POLICY-SOCIAL Microsoft MSN outbound file transfer request (policy-social.rules)
 * 1:19868 <-> DISABLED <-> INDICATOR-OBFUSCATION hidden 1x1 div tag - potential malware obfuscation (indicator-obfuscation.rules)
 * 1:19871 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer VML buffer overflow attempt (browser-ie.rules)
 * 1:19872 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer MDAC remote code execution attempt (browser-ie.rules)
 * 1:19873 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CSS style memory corruption attempt (browser-ie.rules)
 * 1:1988 <-> DISABLED <-> POLICY-SOCIAL Microsoft MSN outbound file transfer accept (policy-social.rules)
 * 1:19883 <-> ENABLED <-> FILE-MULTIMEDIA VideoLAN VLC Media Player libdirectx_plugin.dll AMV parsing buffer overflow attempt (file-multimedia.rules)
 * 1:19885 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer daxctle.ocx spline method buffer overflow attempt (browser-ie.rules)
 * 1:19889 <-> DISABLED <-> INDICATOR-OBFUSCATION base64-encoded data object found (indicator-obfuscation.rules)
 * 1:1989 <-> DISABLED <-> POLICY-SOCIAL Microsoft MSN outbound file transfer rejected (policy-social.rules)
 * 1:19892 <-> DISABLED <-> SERVER-OTHER Symantec Alert Management System modem string buffer overflow attempt (server-other.rules)
 * 1:19893 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Tabular Control ActiveX overflow by CLSID / param tag (browser-plugins.rules)
 * 1:19894 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint unbound memcpy and remote code execution attempt (file-office.rules)
 * 1:1990 <-> DISABLED <-> POLICY-SOCIAL Microsoft MSN user search (policy-social.rules)
 * 1:1991 <-> DISABLED <-> POLICY-SOCIAL Microsoft MSN login attempt (policy-social.rules)
 * 1:19926 <-> DISABLED <-> FILE-JAVA Oracle Java Runtime AWT setDiffICM stack buffer overflow attempt (file-java.rules)
 * 1:19932 <-> DISABLED <-> FILE-OFFICE Microsoft Office Publisher 2007 pointer dereference attempt (file-office.rules)
 * 1:19937 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer invalid object access memory corruption attempt (browser-ie.rules)
 * 1:19938 <-> ENABLED <-> SERVER-OTHER IBM Tivoli Directory Server ibmslapd.exe stack buffer overflow attempt (server-other.rules)
 * 1:19943 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel MsoDrawingGroup record remote code execution attempt (file-office.rules)
 * 1:19956 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows Movie Maker project file heap buffer overflow attempt (file-multimedia.rules)
 * 1:19972 <-> DISABLED <-> OS-WINDOWS SMB client TRANS response paramcount overflow attempt (os-windows.rules)
 * 1:19998 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Agent variant outbound connection (malware-cnc.rules)
 * 1:20013 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Network Node Manager webappmon.exe host header buffer overflow attempt (server-webapp.rules)
 * 1:20029 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel FNGROUPNAME record memory corruption attempt (file-office.rules)
 * 1:20030 <-> ENABLED <-> PROTOCOL-SCADA IGSS IGSSDataServer.exe file operation directory traversal attempt (protocol-scada.rules)
 * 1:20031 <-> ENABLED <-> FILE-FLASH Adobe Flash ActionScript float index array memory corruption (file-flash.rules)
 * 1:20032 <-> ENABLED <-> FILE-IDENTIFY MIME file type file download request (file-identify.rules)
 * 1:20034 <-> ENABLED <-> FILE-OTHER ESTsoft ALZip MIM file buffer overflow attempt (file-other.rules)
 * 1:20044 <-> DISABLED <-> BROWSER-PLUGINS F-Secure Anti-Virus fsresh.dll clsid access (browser-plugins.rules)
 * 1:2005 <-> DISABLED <-> PROTOCOL-RPC portmap kcms_server request UDP (protocol-rpc.rules)
 * 1:20050 <-> DISABLED <-> FILE-FLASH Adobe Flash Player memory consumption vulnerability (file-flash.rules)
 * 1:20053 <-> DISABLED <-> SERVER-MYSQL Database SELECT subquery denial of service attempt (server-mysql.rules)
 * 1:20058 <-> DISABLED <-> SERVER-OTHER VMWare authorization service user credential parsing DoS attempt (server-other.rules)
 * 1:20060 <-> DISABLED <-> SERVER-OTHER CVS annotate command buffer overflow attempt (server-other.rules)
 * 1:2007 <-> DISABLED <-> PROTOCOL-RPC kcms_server directory traversal attempt (protocol-rpc.rules)
 * 1:20071 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Visual Studio WMIScriptUtils.WMIObjectBroker2.1 ActiveX CLSID access (browser-plugins.rules)
 * 1:20072 <-> ENABLED <-> BROWSER-FIREFOX Mozilla Firefox nsTreeRange Use After Free attempt (browser-firefox.rules)
 * 1:20073 <-> ENABLED <-> OS-WINDOWS Microsoft Windows ATMFD font driver malicious font file remote code execution attempt (os-windows.rules)
 * 1:20110 <-> DISABLED <-> SERVER-OTHER Nullsoft Winamp Ultravox streaming malicious metadata (server-other.rules)
 * 1:20115 <-> DISABLED <-> SERVER-WEBAPP Microsoft Office SharePoint XML external entity exploit attempt (server-webapp.rules)
 * 1:20116 <-> DISABLED <-> SERVER-WEBAPP Microsoft Office SharePoint Javascript XSS attempt (server-webapp.rules)
 * 1:20118 <-> ENABLED <-> OS-WINDOWS Microsoft Windows shell extensions deskpan.dll dll-load exploit attempt (os-windows.rules)
 * 1:20119 <-> ENABLED <-> OS-WINDOWS Microsoft Windows shell extensions deskpan.dll dll-load exploit attempt (os-windows.rules)
 * 1:20121 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel invalid AxisParent record (file-office.rules)
 * 1:20122 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel invalid AxisParent record (file-office.rules)
 * 1:20123 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel ShrFmla record use after free attempt (file-office.rules)
 * 1:20124 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel invalid Lbl record attempt (file-office.rules)
 * 1:20125 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel invalid Lbl record (file-office.rules)
 * 1:20126 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel invalid Lbl record (file-office.rules)
 * 1:20127 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel Conditional Formatting record vulnerability (file-office.rules)
 * 1:20128 <-> ENABLED <-> FILE-OFFICE Microsoft Office invalid MS-OGRAPH DataFormat buffer overflow attempt (file-office.rules)
 * 1:20134 <-> ENABLED <-> SERVER-WEBAPP HP OpenView Storage Data Protector buffer overflow attempt (server-webapp.rules)
 * 1:20137 <-> DISABLED <-> INDICATOR-OBFUSCATION Possible generic javascript heap spray attempt (indicator-obfuscation.rules)
 * 1:20139 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word document summary information string overflow attempt (file-office.rules)
 * 1:20140 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word document summary information string overflow attempt (file-office.rules)
 * 1:20141 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word document summary information string overflow attempt (file-office.rules)
 * 1:20142 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader app.openDoc path vulnerability (file-pdf.rules)
 * 1:20144 <-> ENABLED <-> FILE-PDF Adobe Acrobat embedded TIFF DotRange structure memory corruption attempt (file-pdf.rules)
 * 1:20146 <-> DISABLED <-> FILE-PDF attempted download of a PDF with embedded PICT image (file-pdf.rules)
 * 1:20149 <-> ENABLED <-> FILE-PDF Adobe Acrobat embedded IFF file RGBA chunk memory corruption attempt (file-pdf.rules)
 * 1:20150 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader embedded PCX parsing corruption attempt (file-pdf.rules)
 * 1:20151 <-> DISABLED <-> FILE-PDF attempted download of a PDF with embedded PCX image (file-pdf.rules)
 * 1:20152 <-> ENABLED <-> FILE-PDF Adobe Acrobat GDI object leak memory corruption attempt (file-pdf.rules)
 * 1:20153 <-> ENABLED <-> FILE-PDF Adobe Acrobat embedded JPEG file APP0 chunk memory corruption attempt (file-pdf.rules)
 * 1:20154 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader glyf directory table vulnerability (file-pdf.rules)
 * 1:20155 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader glyf composite vulnerability (file-pdf.rules)
 * 1:20156 <-> ENABLED <-> FILE-PDF Adobe Acrobat getCosObj file overwrite attempt (file-pdf.rules)
 * 1:20157 <-> ENABLED <-> SERVER-ORACLE Oracle GlassFish Server war file upload attempt (server-oracle.rules)
 * 1:20158 <-> ENABLED <-> SERVER-WEBAPP Oracle GlassFish Server default credentials login attempt (server-webapp.rules)
 * 1:20159 <-> ENABLED <-> SERVER-WEBAPP Oracle GlassFish Server authentication bypass attempt (server-webapp.rules)
 * 1:20160 <-> ENABLED <-> SERVER-WEBAPP Oracle GlassFish Server successful authentication bypass attempt (server-webapp.rules)
 * 1:20162 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader sandbox disable attempt (file-pdf.rules)
 * 1:20175 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Remote Desktop Client ActiveX clsid access (browser-plugins.rules)
 * 1:20176 <-> ENABLED <-> PROTOCOL-SCADA DAQFactory NETB protcol stack overflow attempt (protocol-scada.rules)
 * 1:20177 <-> DISABLED <-> SERVER-WEBAPP HP OpenView NNM ovlogin.exe CGI Host parameter buffer overflow attempt (server-webapp.rules)
 * 1:20179 <-> DISABLED <-> SERVER-WEBAPP HP OpenView NNM ovlogin.exe CGI userid parameter buffer overflow attempt (server-webapp.rules)
 * 1:20180 <-> DISABLED <-> SERVER-WEBAPP HP OpenView NNM ovlogin.exe CGI passwd parameter buffer overflow attempt (server-webapp.rules)
 * 1:20181 <-> ENABLED <-> FILE-FLASH Adobe Flash Speex-encoded audio buffer underflow attempt (file-flash.rules)
 * 1:20184 <-> DISABLED <-> INDICATOR-SHELLCODE Metasploit php meterpreter stub .php file upload (indicator-shellcode.rules)
 * 1:20185 <-> DISABLED <-> INDICATOR-SHELLCODE Metasploit meterpreter stdapi_fs_method request/response attempt (indicator-shellcode.rules)
 * 1:20186 <-> DISABLED <-> INDICATOR-SHELLCODE Metasploit meterpreter stdapi_sys_process_method request/response attempt (indicator-shellcode.rules)
 * 1:20187 <-> DISABLED <-> INDICATOR-SHELLCODE Metasploit meterpreter stdapi_sys_eventlog_method request/response attempt (indicator-shellcode.rules)
 * 1:20188 <-> DISABLED <-> INDICATOR-SHELLCODE Metasploit meterpreter stdapi_sys_config_method request/response attempt (indicator-shellcode.rules)
 * 1:20189 <-> DISABLED <-> INDICATOR-SHELLCODE Metasploit meterpreter stdapi_ui_method request/response attempt (indicator-shellcode.rules)
 * 1:20190 <-> DISABLED <-> INDICATOR-SHELLCODE Metasploit meterpreter stdapi_registry_method request/response attempt (indicator-shellcode.rules)
 * 1:20191 <-> DISABLED <-> INDICATOR-SHELLCODE Metasploit meterpreter stdapi_net_method request/response attempt (indicator-shellcode.rules)
 * 1:20192 <-> DISABLED <-> INDICATOR-SHELLCODE Metasploit meterpreter incognito_method request/response attempt (indicator-shellcode.rules)
 * 1:20193 <-> DISABLED <-> INDICATOR-SHELLCODE Metasploit meterpreter webcam_method request/response attempt (indicator-shellcode.rules)
 * 1:20194 <-> DISABLED <-> INDICATOR-SHELLCODE Metasploit meterpreter sniffer_method request/response attempt (indicator-shellcode.rules)
 * 1:20195 <-> DISABLED <-> INDICATOR-SHELLCODE Metasploit meterpreter priv_method request/response attempt (indicator-shellcode.rules)
 * 1:20196 <-> DISABLED <-> INDICATOR-SHELLCODE Metasploit meterpreter lanattacks_method request/response attempt (indicator-shellcode.rules)
 * 1:20197 <-> DISABLED <-> INDICATOR-SHELLCODE Metasploit meterpreter espia_method request/response attempt (indicator-shellcode.rules)
 * 1:20198 <-> DISABLED <-> INDICATOR-SHELLCODE Metasploit meterpreter networkpug_method request/response attempt (indicator-shellcode.rules)
 * 1:20199 <-> DISABLED <-> INDICATOR-SHELLCODE Metasploit meterpreter stdapi_railgun_method request/response attempt (indicator-shellcode.rules)
 * 1:20206 <-> ENABLED <-> FILE-FLASH Adobe Flash Player pcre ActionScript under allocation (file-flash.rules)
 * 1:20207 <-> ENABLED <-> PROTOCOL-SCADA Cogent unicode buffer overflow attempt (protocol-scada.rules)
 * 1:20208 <-> ENABLED <-> PROTOCOL-SCADA Cogent unicode buffer overflow attempt (protocol-scada.rules)
 * 1:20209 <-> ENABLED <-> PROTOCOL-SCADA Cogent unicode buffer overflow attempt (protocol-scada.rules)
 * 1:20210 <-> ENABLED <-> PROTOCOL-SCADA Cogent unicode buffer overflow attempt (protocol-scada.rules)
 * 1:20211 <-> ENABLED <-> FILE-FLASH Adobe Flash Player recursive stack overflow attempt (file-flash.rules)
 * 1:20214 <-> ENABLED <-> PROTOCOL-SCADA Measuresoft ScadaPro msvcrt.dll local command execution attempt (protocol-scada.rules)
 * 1:20215 <-> ENABLED <-> PROTOCOL-SCADA Measuresoft ScadaPro directory traversal file operation attempt (protocol-scada.rules)
 * 1:20216 <-> DISABLED <-> PROTOCOL-SCADA Beckhoff TwinCAT DoS (protocol-scada.rules)
 * 1:20223 <-> DISABLED <-> FILE-IDENTIFY SMI file download request (file-identify.rules)
 * 1:20224 <-> DISABLED <-> FILE-MULTIMEDIA MPlayer SMI file buffer overflow attempt (file-multimedia.rules)
 * 1:20226 <-> DISABLED <-> FILE-OTHER MPlayer SMI file buffer overflow attempt (file-other.rules)
 * 1:20227 <-> ENABLED <-> FILE-MULTIMEDIA VideoLAN VLC webm memory corruption attempt (file-multimedia.rules)
 * 1:20240 <-> DISABLED <-> SERVER-WEBAPP HP OpenView NNM nnmRptConfig.exe CGI Host parameter buffer overflow attempt (server-webapp.rules)
 * 1:20241 <-> DISABLED <-> SERVER-WEBAPP HP OpenView NNM snmp.exe CGI Host parameter buffer overflow attempt (server-webapp.rules)
 * 1:20242 <-> DISABLED <-> PROTOCOL-DNS Oracle Secure Backup observice.exe dns response overflow attempt (protocol-dns.rules)
 * 1:20246 <-> DISABLED <-> FILE-OFFICE Microsoft Office Outlook SMB attach by reference code execution attempt (file-office.rules)
 * 1:20247 <-> DISABLED <-> FILE-OFFICE Microsoft Office Outlook SMB attach by reference code execution attempt (file-office.rules)
 * 1:20249 <-> DISABLED <-> SERVER-OTHER Oracle Java Web Start BasicService arbitrary command execution attempt (server-other.rules)
 * 1:20253 <-> ENABLED <-> OS-WINDOWS Microsoft products oleacc.dll dll-load exploit attempt (os-windows.rules)
 * 1:20254 <-> ENABLED <-> OS-WINDOWS Microsoft products oleacc.dll dll-load exploit attempt (os-windows.rules)
 * 1:20255 <-> ENABLED <-> BROWSER-PLUGINS Microsoft Silverlight inheritance restriction bypass (browser-plugins.rules)
 * 1:20259 <-> ENABLED <-> FILE-OTHER Microsoft Agent Helper Malicious JAR download attempt (file-other.rules)
 * 1:20260 <-> ENABLED <-> FILE-IDENTIFY Microsoft Client Agent Helper JAR file download request (file-identify.rules)
 * 1:20262 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer onscroll DOS attempt (browser-ie.rules)
 * 1:20263 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer htmlfile null attribute access (browser-ie.rules)
 * 1:20264 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer form selection reset attempt (browser-ie.rules)
 * 1:20265 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer null attribute DoS attempt (browser-ie.rules)
 * 1:20266 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer 8 Javascript negative option index attack attempt (browser-ie.rules)
 * 1:20267 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer circular reference exploit attempt (browser-ie.rules)
 * 1:20268 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer Marquee stylesheet object removal (browser-ie.rules)
 * 1:20269 <-> ENABLED <-> FILE-IDENTIFY FON font file download request (file-identify.rules)
 * 1:20270 <-> DISABLED <-> FILE-EXECUTABLE Microsoft Windows afd.sys kernel-mode memory corruption attempt (file-executable.rules)
 * 1:20273 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer jscript9 parsing corruption attempt (browser-ie.rules)
 * 1:20277 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer HTML DOM invalid DHTML comment creation attempt (browser-ie.rules)
 * 1:20279 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer HTML DOM invalid DHTML textnode creation attempt (browser-ie.rules)
 * 1:20283 <-> DISABLED <-> FILE-MULTIMEDIA VideoLAN VLC ModPlug ReadS3M overflow attempt (file-multimedia.rules)
 * 1:20284 <-> DISABLED <-> FILE-MULTIMEDIA VideoLAN VLC ModPlug ReadS3M overflow attempt (file-multimedia.rules)
 * 1:20320 <-> DISABLED <-> PROTOCOL-VOIP From header XSS injection attempt (protocol-voip.rules)
 * 1:20321 <-> DISABLED <-> PROTOCOL-VOIP From header XSS injection attempt (protocol-voip.rules)
 * 1:20334 <-> DISABLED <-> PROTOCOL-VOIP To header XSS injection attempt (protocol-voip.rules)
 * 1:20335 <-> DISABLED <-> PROTOCOL-VOIP To header XSS injection attempt (protocol-voip.rules)
 * 1:20348 <-> DISABLED <-> PROTOCOL-VOIP Subject header XSS injection attempt (protocol-voip.rules)
 * 1:20349 <-> DISABLED <-> PROTOCOL-VOIP Subject header XSS injection attempt (protocol-voip.rules)
 * 1:20356 <-> DISABLED <-> PROTOCOL-VOIP Call-ID header XSS injection attempt (protocol-voip.rules)
 * 1:20357 <-> DISABLED <-> PROTOCOL-VOIP Call-ID header XSS injection attempt (protocol-voip.rules)
 * 1:20366 <-> DISABLED <-> PROTOCOL-VOIP Contact header XSS injection attempt (protocol-voip.rules)
 * 1:20367 <-> DISABLED <-> PROTOCOL-VOIP Contact header XSS injection attempt (protocol-voip.rules)
 * 1:20381 <-> DISABLED <-> PROTOCOL-VOIP Remote-Party-ID header hexadecimal characters in IP address field (protocol-voip.rules)
 * 1:20390 <-> DISABLED <-> PROTOCOL-VOIP Attribute header rtpmap field invalid payload type (protocol-voip.rules)
 * 1:20391 <-> DISABLED <-> PROTOCOL-VOIP Digium Asterisk Attribute header rtpmap field buffer overflow attempt (protocol-voip.rules)
 * 1:20392 <-> DISABLED <-> PROTOCOL-VOIP Digium Asterisk Attribute header rtpmap field buffer overflow attempt (protocol-voip.rules)
 * 1:20422 <-> DISABLED <-> PROTOCOL-VOIP OPTIONS message Via field request misplaced - after terminating newline (protocol-voip.rules)
 * 1:20423 <-> DISABLED <-> PROTOCOL-VOIP OPTIONS message Call-ID header request misplaced - after terminating newline (protocol-voip.rules)
 * 1:20425 <-> DISABLED <-> PROTOCOL-VOIP Cisco 7940/7960 INVITE Remote-Party-ID header denial of service attempt (protocol-voip.rules)
 * 1:20427 <-> DISABLED <-> PROTOCOL-VOIP OpenSBC VIA header denial of service attempt (protocol-voip.rules)
 * 1:20429 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader U3D CLODMeshDeceleration code execution attempt (file-pdf.rules)
 * 1:20430 <-> DISABLED <-> FILE-JAVA Oracle Java Web Start BasicServiceImpl security policy bypass attempt (file-java.rules)
 * 1:20433 <-> DISABLED <-> PUA-ADWARE XP Guardian 2010 anutayadokalug host outbound connection (pua-adware.rules)
 * 1:20434 <-> DISABLED <-> PUA-ADWARE XP Guardian 2010 proantivirus21 host runtime traffic detection (pua-adware.rules)
 * 1:20444 <-> DISABLED <-> FILE-JAVA Oracle Java browser plugin docbase overflow attempt (file-java.rules)
 * 1:20445 <-> DISABLED <-> FILE-PDF Foxit Reader title overflow attempt (file-pdf.rules)
 * 1:20446 <-> DISABLED <-> SERVER-WEBAPP DiskPulseServer GetServerInfo request buffer overflow (server-webapp.rules)
 * 1:20460 <-> DISABLED <-> FILE-IDENTIFY MP3 file magic detected (file-identify.rules)
 * 1:20478 <-> DISABLED <-> FILE-IDENTIFY PNG file magic detected (file-identify.rules)
 * 1:20481 <-> DISABLED <-> FILE-IDENTIFY MP3 file magic detected (file-identify.rules)
 * 1:20514 <-> DISABLED <-> FILE-IDENTIFY dmg file magic detected (file-identify.rules)
 * 1:20530 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Storage Data Protector directory traversal attempt (server-webapp.rules)
 * 1:20531 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Storage Data Protector directory traversal attempt (server-webapp.rules)
 * 1:20532 <-> ENABLED <-> SERVER-WEBAPP HP OpenView Storage Data Protector get file buffer overflow attempt (server-webapp.rules)
 * 1:20534 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel IPMT record buffer overflow attempt (file-office.rules)
 * 1:20535 <-> DISABLED <-> BROWSER-OTHER Opera Config File script access attempt (browser-other.rules)
 * 1:20536 <-> DISABLED <-> BROWSER-PLUGINS Moxa MediaDBPlayback.DLL ActiveX clsid access (browser-plugins.rules)
 * 1:20543 <-> ENABLED <-> OS-WINDOWS Microsoft Windows IppRateLimitIcmp integer overflow exploit attempt (os-windows.rules)
 * 1:20545 <-> ENABLED <-> FILE-FLASH Adobe Flash Player SWF embedded font null pointer attempt (file-flash.rules)
 * 1:20547 <-> ENABLED <-> FILE-FLASH Adobe Flash Player overlapping record overflow attempt (file-flash.rules)
 * 1:20548 <-> ENABLED <-> FILE-FLASH Adobe Flash Player recursive doaction stack exhaustion (file-flash.rules)
 * 1:20549 <-> ENABLED <-> FILE-FLASH Adobe Flash Player ActionScript bytecode type confusion attempt (file-flash.rules)
 * 1:20550 <-> ENABLED <-> FILE-FLASH Adobe Flash Player Mover3D clipping exploit (file-flash.rules)
 * 1:20551 <-> ENABLED <-> FILE-FLASH Adobe Flash Player Stage 3D texture format overflow attempt (file-flash.rules)
 * 1:20553 <-> DISABLED <-> FILE-MULTIMEDIA Un4seen Developments XMPlay crafted ASX file buffer overflow attempt (file-multimedia.rules)
 * 1:20555 <-> ENABLED <-> FILE-FLASH Adobe Flash MP4 ref_frame allocated buffer overflow attempt (file-flash.rules)
 * 1:20556 <-> ENABLED <-> FILE-FLASH Adobe Flash Player PlaceObjectX null pointer dereference attempt (file-flash.rules)
 * 1:20557 <-> ENABLED <-> FILE-FLASH Adobe Flash Player ActionDefineFunction2 length overflow attempt (file-flash.rules)
 * 1:20559 <-> DISABLED <-> FILE-MULTIMEDIA Nullsoft Winamp MIDI file buffer overflow attempt (file-multimedia.rules)
 * 1:2056 <-> DISABLED <-> SERVER-WEBAPP TRACE attempt (server-webapp.rules)
 * 1:20560 <-> ENABLED <-> FILE-FLASH Adobe Flash Player salign null javascript access attempt (file-flash.rules)
 * 1:20567 <-> ENABLED <-> FILE-FLASH Adobe Flash SWF AVM2 namespace lookup deref exploit (file-flash.rules)
 * 1:20568 <-> ENABLED <-> FILE-FLASH Adobe Flash SWF ActionScript 3 ByteArray class vulnerability (file-flash.rules)
 * 1:20572 <-> ENABLED <-> FILE-OTHER Microsoft Windows Font Library file buffer overflow attempt (file-other.rules)
 * 1:20576 <-> DISABLED <-> SERVER-OTHER Novell ZENworks Remote Management overflow attempt (server-other.rules)
 * 1:20577 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malicious TIFF remote code execution attempt (file-pdf.rules)
 * 1:20581 <-> ENABLED <-> PROTOCOL-SCADA Broadwin WebAccess ActiveX clsid access (protocol-scada.rules)
 * 1:20582 <-> ENABLED <-> PROTOCOL-SCADA Broadwin WebAccess ActiveX clsid access (protocol-scada.rules)
 * 1:20588 <-> DISABLED <-> FILE-IDENTIFY CDR file download request (file-identify.rules)
 * 1:20589 <-> DISABLED <-> FILE-IDENTIFY CDR file magic detected (file-identify.rules)
 * 1:20591 <-> DISABLED <-> BROWSER-PLUGINS Flexera InstallShield ISGrid2.dll DoFindReplace heap buffer overlow ActiveX clsid access (browser-plugins.rules)
 * 1:20592 <-> DISABLED <-> BROWSER-PLUGINS Flexera InstallShield ISGrid2.dll DoFindReplace heap buffer overlow ActiveX function call access (browser-plugins.rules)
 * 1:20593 <-> DISABLED <-> BROWSER-WEBKIT Apple Safari Webkit libxslt arbitrary file creation attempt (browser-webkit.rules)
 * 1:20594 <-> DISABLED <-> SERVER-ORACLE Outside In CorelDRAW file parser integer overflow attempt (server-oracle.rules)
 * 1:20600 <-> ENABLED <-> BROWSER-FIREFOX Mozilla Products SVG text content element getCharNumAtPosition use after free attempt (browser-firefox.rules)
 * 1:20607 <-> ENABLED <-> SERVER-OTHER Novell Groupwise internet agent http uri buffer overflow attempt (server-other.rules)
 * 1:20608 <-> ENABLED <-> SERVER-OTHER Novell Groupwise internet agent http uri buffer overflow attempt (server-other.rules)
 * 1:20610 <-> DISABLED <-> FILE-FLASH Adobe Shockwave Flash Flex authoring tool XSS exploit attempt (file-flash.rules)
 * 1:20612 <-> DISABLED <-> SERVER-APACHE Apache Tomcat Java AJP connector invalid header timeout DOS attempt (server-apache.rules)
 * 1:20614 <-> DISABLED <-> SERVER-MAIL Axigen POP3 server remote format string exploit (server-mail.rules)
 * 1:20622 <-> ENABLED <-> FILE-JAVA Oracle Java Applet remote code execution attempt (file-java.rules)
 * 1:20628 <-> ENABLED <-> SERVER-WEBAPP HP Data Protector FinishedCopy SQL Injection attempt (server-webapp.rules)
 * 1:20634 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer onscroll DOS attempt (browser-ie.rules)
 * 1:20635 <-> ENABLED <-> SERVER-WEBAPP HP Data Protector GetPolicies SQL Injection attempt (server-webapp.rules)
 * 1:20636 <-> ENABLED <-> FILE-IMAGE Adobe Photoshop CS5 gif file heap corruption attempt (file-image.rules)
 * 1:20637 <-> ENABLED <-> FILE-IMAGE Adobe Photoshop CS5 gif file heap corruption attempt (file-image.rules)
 * 1:20638 <-> ENABLED <-> PROTOCOL-SCADA Progea Movicon/PowerHMI EIDP over HTTP memory corruption attempt (protocol-scada.rules)
 * 1:20653 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows Media Player ASX file ref href buffer overflow attempt (file-multimedia.rules)
 * 1:20659 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader malformed shading modifier heap corruption attempt (file-pdf.rules)
 * 1:20671 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Active Directory Crafted LDAP ModifyRequest (os-windows.rules)
 * 1:20690 <-> DISABLED <-> SERVER-OTHER Quest NetVault SmartDisk libnvbasics.dll denial of service attempt (server-other.rules)
 * 1:20691 <-> ENABLED <-> POLICY-OTHER Cisco Network Registrar default credentials authentication attempt (policy-other.rules)
 * 1:20692 <-> ENABLED <-> POLICY-OTHER Cisco network registrar default credentials authentication attempt (policy-other.rules)
 * 1:20700 <-> ENABLED <-> FILE-OFFICE Microsoft Office PowerPoint pp7x32.dll dll-load exploit attempt (file-office.rules)
 * 1:20701 <-> ENABLED <-> FILE-OFFICE Microsoft Office PowerPoint pp4x322.dll dll-load exploit attempt (file-office.rules)
 * 1:20702 <-> ENABLED <-> FILE-OFFICE Microsoft Office PowerPoint pp7x32.dll dll-load exploit attempt (file-office.rules)
 * 1:20703 <-> ENABLED <-> FILE-OFFICE Microsoft Office PowerPoint pp4x322.dll dll-load exploit attempt (file-office.rules)
 * 1:20704 <-> ENABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer defaulttime behavior attack attempt (browser-plugins.rules)
 * 1:20705 <-> ENABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Time DATIME.DLL ActiveX clsid access (browser-plugins.rules)
 * 1:20706 <-> ENABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Time DATIME.DLL ActiveX clsid access (browser-plugins.rules)
 * 1:20707 <-> ENABLED <-> BROWSER-PLUGINS Dell IT Assistant ActiveX clsid access (browser-plugins.rules)
 * 1:20708 <-> ENABLED <-> BROWSER-PLUGINS HP Easy Printer Care Software ActiveX clsid access (browser-plugins.rules)
 * 1:20709 <-> ENABLED <-> BROWSER-PLUGINS HP Photo Creative ActiveX clsid access (browser-plugins.rules)
 * 1:20710 <-> ENABLED <-> BROWSER-PLUGINS HP Photo Creative ActiveX clsid access (browser-plugins.rules)
 * 1:20711 <-> ENABLED <-> BROWSER-PLUGINS HP Photo Creative ActiveX clsid access (browser-plugins.rules)
 * 1:20712 <-> ENABLED <-> BROWSER-PLUGINS HP Photo Creative ActiveX clsid access (browser-plugins.rules)
 * 1:20713 <-> ENABLED <-> BROWSER-PLUGINS HP Photo Creative ActiveX clsid access (browser-plugins.rules)
 * 1:20714 <-> ENABLED <-> BROWSER-PLUGINS HP Photo Creative ActiveX clsid access (browser-plugins.rules)
 * 1:20715 <-> ENABLED <-> BROWSER-PLUGINS HP Photo Creative ActiveX clsid access (browser-plugins.rules)
 * 1:20716 <-> ENABLED <-> BROWSER-PLUGINS Yahoo!  CD Player ActiveX clsid access (browser-plugins.rules)
 * 1:20717 <-> ENABLED <-> FILE-OFFICE Microsoft Windows OLE versioned stream missing data stream (file-office.rules)
 * 1:20718 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel Lel record memory corruption attempt (file-office.rules)
 * 1:20719 <-> ENABLED <-> FILE-OFFICE Microsoft Office Publisher Opltc memory corruption attempt (file-office.rules)
 * 1:20720 <-> ENABLED <-> FILE-OFFICE Microsoft Office Publisher 2003 EscherStm memory corruption attempt (file-office.rules)
 * 1:20721 <-> ENABLED <-> FILE-OFFICE Microsoft Office Publisher PLC object memory corruption attempt (file-office.rules)
 * 1:20722 <-> ENABLED <-> FILE-OFFICE Microsoft Office PowerPoint invalid OfficeArtBlipDIB record exploit attempt (file-office.rules)
 * 1:20723 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Word docx file download request (file-identify.rules)
 * 1:20724 <-> ENABLED <-> FILE-OFFICE Microsoft Office Word border use-after-free attempt (file-office.rules)
 * 1:20726 <-> DISABLED <-> SERVER-WEBAPP F-Secure web console username overflow attempt (server-webapp.rules)
 * 1:20732 <-> DISABLED <-> SERVER-WEBAPP Sabdrimer remote file include in advanced1.php pluginpath[0] (server-webapp.rules)
 * 1:20733 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Media Player DVR file download request (file-identify.rules)
 * 1:20734 <-> ENABLED <-> FILE-MULTIMEDIA Microsoft Windows Media Player digital video recording buffer overflow attempt (file-multimedia.rules)
 * 1:20735 <-> ENABLED <-> FILE-OTHER Microsoft Windows TrueType font parsing engine sfac_GetSbitBitmap elevation of privileges attempt (file-other.rules)
 * 1:20748 <-> DISABLED <-> SERVER-OTHER Yahoo Messenger possible file transfer spoofing (server-other.rules)
 * 1:20750 <-> ENABLED <-> FILE-IDENTIFY webm file magic detected (file-identify.rules)
 * 1:20751 <-> ENABLED <-> FILE-IDENTIFY webm file download request (file-identify.rules)
 * 1:20752 <-> DISABLED <-> PUA-ADWARE Win32.GameVance outbound connection (pua-adware.rules)
 * 1:20753 <-> DISABLED <-> PUA-ADWARE Win32.GamePlayLabs outbound connection (pua-adware.rules)
 * 1:20758 <-> ENABLED <-> POLICY-OTHER Progrea Movicon TCPUploadServer.exe unauthenticated access attempt (policy-other.rules)
 * 1:20761 <-> ENABLED <-> SERVER-OTHER HP OpenView Storage Data Protector buffer overflow attempt (server-other.rules)
 * 1:20764 <-> DISABLED <-> SERVER-WEBAPP SyBase MBusiness xml closing tag overflow attempt (server-webapp.rules)
 * 1:20767 <-> ENABLED <-> FILE-FLASH Adobe Flash ActionScript float index array memory corruption (file-flash.rules)
 * 1:20768 <-> ENABLED <-> FILE-OTHER Microsoft Windows ATMFD font driver malicious font file remote code execution attempt (file-other.rules)
 * 1:20769 <-> ENABLED <-> FILE-OTHER Microsoft Windows ATMFD font driver malicious font file remote code execution attempt (file-other.rules)
 * 1:20770 <-> ENABLED <-> FILE-OTHER Microsoft Windows ATMFD font driver malicious font file remote code execution attempt (file-other.rules)
 * 1:20771 <-> ENABLED <-> FILE-OTHER Microsoft Windows ATMFD font driver malicious font file remote code execution attempt (file-other.rules)
 * 1:20772 <-> ENABLED <-> FILE-OTHER Microsoft Windows ATMFD font driver malicious font file remote code execution attempt (file-other.rules)
 * 1:20773 <-> ENABLED <-> FILE-OTHER Microsoft Windows ATMFD font driver malicious font file remote code execution attempt (file-other.rules)
 * 1:20774 <-> ENABLED <-> FILE-OTHER Microsoft Windows ATMFD font driver malicious font file remote code execution attempt (file-other.rules)
 * 1:20775 <-> ENABLED <-> FILE-OTHER Microsoft Windows ATMFD font driver malicious font file remote code execution attempt (file-other.rules)
 * 1:20777 <-> ENABLED <-> FILE-FLASH Adobe Flash ActionScript float index array memory corruption attempt (file-flash.rules)
 * 1:20786 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer layout-grid-char value exploit attempt (browser-ie.rules)
 * 1:20787 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer layout-grid-char value exploit attempt (browser-ie.rules)
 * 1:20788 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer layout-grid-char value exploit attempt (browser-ie.rules)
 * 1:20789 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer layout-grid-char value exploit attempt (browser-ie.rules)
 * 1:20790 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer layout-grid-char value exploit attempt (browser-ie.rules)
 * 1:20800 <-> ENABLED <-> FILE-IDENTIFY MIME file type file attachment detected (file-identify.rules)
 * 1:20801 <-> ENABLED <-> FILE-IDENTIFY MIME file type file attachment detected (file-identify.rules)
 * 1:20802 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader PRC file MarkupLinkedItem arbitrary code execution attempt (file-pdf.rules)
 * 1:20803 <-> ENABLED <-> FILE-FLASH Adobe Flash Player ActionScript callMethod type confusion attempt (file-flash.rules)
 * 1:20804 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer contenteditable corruption attempt (browser-ie.rules)
 * 1:20805 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer contenteditable corruption attempt (browser-ie.rules)
 * 1:20806 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer contenteditable corruption attempt (browser-ie.rules)
 * 1:20807 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer contenteditable corruption attempt (browser-ie.rules)
 * 1:20808 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer contenteditable corruption attempt (browser-ie.rules)
 * 1:20809 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer contenteditable corruption attempt (browser-ie.rules)
 * 1:20810 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer contenteditable corruption attempt (browser-ie.rules)
 * 1:20811 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer contenteditable corruption attempt (browser-ie.rules)
 * 1:20812 <-> ENABLED <-> PROTOCOL-TELNET FreeBSD telnetd enc_keyid overflow attempt (protocol-telnet.rules)
 * 1:20813 <-> ENABLED <-> PROTOCOL-TELNET FreeBSD telnetd dec_keyid overflow attempt (protocol-telnet.rules)
 * 1:20814 <-> DISABLED <-> BROWSER-FIREFOX Mozilla favicon href javascript execution attempt (browser-firefox.rules)
 * 1:20819 <-> DISABLED <-> SERVER-WEBAPP ACal Calendar Project cookie based authentication bypass attempt (server-webapp.rules)
 * 1:20820 <-> DISABLED <-> FILE-JAVA Oracle Java JNLP parameter argument injection attempt (file-java.rules)
 * 1:20822 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer contenteditable corruption attempt malicious string (browser-ie.rules)
 * 1:20827 <-> DISABLED <-> SERVER-WEBAPP phpThumb fltr[] parameter remote command execution attempt (server-webapp.rules)
 * 1:20828 <-> DISABLED <-> SERVER-IIS Microsoft Windows IIS aspx login ReturnURL arbitrary redirect attempt (server-iis.rules)
 * 1:20831 <-> ENABLED <-> FILE-JAVA Oracle Java Applet Rhino script engine remote code execution attempt (file-java.rules)
 * 1:20834 <-> DISABLED <-> BROWSER-PLUGINS Novell ZENworks LaunchHelp.dll LaunchProcess Code Execution ActiveX clsid access (browser-plugins.rules)
 * 1:20835 <-> DISABLED <-> BROWSER-PLUGINS Novell ZENworks LaunchHelp.dll LaunchProcess Code Execution ActiveX function call access (browser-plugins.rules)
 * 1:20839 <-> ENABLED <-> FILE-IDENTIFY eSignal .quo file download request (file-identify.rules)
 * 1:20840 <-> ENABLED <-> FILE-IDENTIFY eSignal .por file download request (file-identify.rules)
 * 1:20841 <-> ENABLED <-> FILE-IDENTIFY eSignal .sum file download request (file-identify.rules)
 * 1:20842 <-> ENABLED <-> FILE-OTHER Interactive Data eSignal stack buffer overflow attempt (file-other.rules)
 * 1:20843 <-> ENABLED <-> FILE-OTHER Interactive Data eSignal stack buffer overflow attempt (file-other.rules)
 * 1:20845 <-> DISABLED <-> SERVER-WEBAPP HP Network Node Manager cross site scripting attempt (server-webapp.rules)
 * 1:20846 <-> DISABLED <-> BROWSER-PLUGINS Oracle Hyperion strategic finance client SetDevNames heap buffer overflow ActiveX clsid access (browser-plugins.rules)
 * 1:20847 <-> DISABLED <-> BROWSER-PLUGINS Oracle Hyperion strategic finance client SetDevNames heap buffer overflow ActiveX function call access (browser-plugins.rules)
 * 1:20850 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows EMF metafile file attachment detected (file-identify.rules)
 * 1:20851 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows EMF metafile file attachment detected (file-identify.rules)
 * 1:20858 <-> DISABLED <-> FILE-JAVA Oracle Java getSoundBank overflow Attempt malicious jar file (file-java.rules)
 * 1:20862 <-> DISABLED <-> SERVER-WEBAPP Jive Software Openfire logviewer.jsp XSS attempt (server-webapp.rules)
 * 1:20863 <-> DISABLED <-> SERVER-WEBAPP Jive Software Openfire log.jsp XSS attempt (server-webapp.rules)
 * 1:20864 <-> DISABLED <-> SERVER-WEBAPP Jive Software Openfire group-summary.jsp XSS attempt (server-webapp.rules)
 * 1:20865 <-> DISABLED <-> SERVER-WEBAPP Jive Software Openfire user-properties.jsp XSS attempt (server-webapp.rules)
 * 1:20866 <-> DISABLED <-> SERVER-WEBAPP Jive Software Openfire audit-policy.jsp XSS attempt (server-webapp.rules)
 * 1:20867 <-> DISABLED <-> SERVER-WEBAPP Jive Software Openfire server-properties.jsp XSS attempt (server-webapp.rules)
 * 1:20868 <-> DISABLED <-> SERVER-WEBAPP Jive Software Openfire muc-room-edit-form.jsp XSS attempt (server-webapp.rules)
 * 1:20875 <-> DISABLED <-> BROWSER-PLUGINS ShockwaveFlash.ShockwaveFlash ActiveX clsid access (browser-plugins.rules)
 * 1:20878 <-> ENABLED <-> OS-WINDOWS Microsoft Windows Embedded Package Object packager.exe file load exploit attempt (os-windows.rules)
 * 1:20879 <-> ENABLED <-> OS-WINDOWS Microsoft Windows Embedded Package Object packager.exe file load exploit attempt (os-windows.rules)
 * 1:20880 <-> ENABLED <-> FILE-OFFICE Microsoft DirectShow Line 21 decoder exploit attempt (file-office.rules)
 * 1:20882 <-> ENABLED <-> FILE-OFFICE Microsoft Windows embedded packager object identifier (file-office.rules)
 * 1:20883 <-> ENABLED <-> FILE-OFFICE Microsoft Windows embedded packager object with .application extension bypass attempt (file-office.rules)
 * 1:20884 <-> DISABLED <-> OS-WINDOWS Microsoft Anti-Cross Site Scripting library bypass attempt (os-windows.rules)
 * 1:20885 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel use after free attempt (file-office.rules)
 * 1:20886 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel use after free attempt (file-office.rules)
 * 1:20887 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel use after free attempt (file-office.rules)
 * 1:20897 <-> ENABLED <-> FILE-IDENTIFY MIDI file magic detected (file-identify.rules)
 * 1:20898 <-> ENABLED <-> FILE-IDENTIFY MIDI file attachment detected (file-identify.rules)
 * 1:20899 <-> ENABLED <-> FILE-IDENTIFY MIDI file attachment detected (file-identify.rules)
 * 1:20900 <-> ENABLED <-> FILE-OTHER Microsoft Windows Media MIDI file memory corruption attempt (file-other.rules)
 * 1:20901 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Works WkImgSrv.dll ActiveX control exploit attempt (browser-plugins.rules)
 * 1:20902 <-> ENABLED <-> FILE-OTHER Microsoft Windows OpenType font parsing stack overflow attempt (file-other.rules)
 * 1:20903 <-> ENABLED <-> FILE-OTHER Microsoft Windows OpenType font parsing stack overflow attempt (file-other.rules)
 * 1:20904 <-> ENABLED <-> FILE-OTHER Microsoft Windows OpenType font parsing stack overflow attempt (file-other.rules)
 * 1:20905 <-> DISABLED <-> FILE-IDENTIFY X PixMap file attachment detected (file-identify.rules)
 * 1:20906 <-> DISABLED <-> FILE-IDENTIFY X PixMap file attachment detected (file-identify.rules)
 * 1:20909 <-> DISABLED <-> FILE-IDENTIFY Microsoft Windows Media ASF file attachment detected (file-identify.rules)
 * 1:2091 <-> DISABLED <-> SERVER-IIS WEBDAV nessus safe scan attempt (server-iis.rules)
 * 1:20910 <-> DISABLED <-> FILE-IDENTIFY Microsoft Windows Media ASF file attachment detected (file-identify.rules)
 * 1:20911 <-> DISABLED <-> FILE-IDENTIFY EPS file attachment detected (file-identify.rules)
 * 1:20912 <-> DISABLED <-> FILE-IDENTIFY EPS file attachment detected (file-identify.rules)
 * 1:20913 <-> DISABLED <-> FILE-IDENTIFY XML Shareable Playlist Format file attachment detected (file-identify.rules)
 * 1:20914 <-> DISABLED <-> FILE-IDENTIFY XML Shareable Playlist Format file attachment detected (file-identify.rules)
 * 1:20919 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader BMP color unused corruption (file-pdf.rules)
 * 1:20920 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader DCT dequantizer memory corruption attempt (file-pdf.rules)
 * 1:20921 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader embedded BMP colors used integer overflow attempt (file-pdf.rules)
 * 1:20922 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader embedded BMP bit count integer overflow attempt (file-pdf.rules)
 * 1:20923 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader embedded BMP bit count integer overflow attempt (file-pdf.rules)
 * 1:20925 <-> DISABLED <-> FILE-IDENTIFY Adobe Pagemaker file attachment detected (file-identify.rules)
 * 1:20926 <-> DISABLED <-> FILE-IDENTIFY Adobe Pagemaker file attachment detected (file-identify.rules)
 * 1:20928 <-> DISABLED <-> FILE-IDENTIFY SMIL file magic detected (file-identify.rules)
 * 1:20949 <-> DISABLED <-> BROWSER-PLUGINS Autodesk iDrop ActiveX clsid access (browser-plugins.rules)
 * 1:20963 <-> ENABLED <-> FILE-IDENTIFY DIB file download request (file-identify.rules)
 * 1:20964 <-> DISABLED <-> FILE-IDENTIFY SAMI file download request (file-identify.rules)
 * 1:20968 <-> DISABLED <-> FILE-IDENTIFY Apple disk image file download request (file-identify.rules)
 * 1:20986 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Word docx file attachment detected (file-identify.rules)
 * 1:20987 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Word docx file attachment detected (file-identify.rules)
 * 1:20989 <-> DISABLED <-> INDICATOR-SHELLCODE x86 OS agnostic single_static_bit encoder (indicator-shellcode.rules)
 * 1:20990 <-> DISABLED <-> INDICATOR-SHELLCODE x86 OS agnostic avoid_utf8_tolower encoder (indicator-shellcode.rules)
 * 1:20992 <-> DISABLED <-> FILE-IDENTIFY SAMI file magic detected (file-identify.rules)
 * 1:20993 <-> ENABLED <-> SERVER-OTHER HP OpenView Storage Data Protector exec_cmd buffer overflow (server-other.rules)
 * 1:20994 <-> ENABLED <-> SERVER-OTHER HP OpenView Storage Data Protector exec_cmd buffer overflow (server-other.rules)
 * 1:20997 <-> DISABLED <-> BROWSER-WEBKIT Apple Webkit Display box rendering corruption attempt (browser-webkit.rules)
 * 1:20998 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader javascript submitform memory corruption attempt (file-pdf.rules)
 * 1:21002 <-> ENABLED <-> FILE-OFFICE Microsoft Office Word border use-after-free attempt (file-office.rules)
 * 1:21022 <-> DISABLED <-> BROWSER-PLUGINS Viscom Software Image Viewer ActiveX clsid access (browser-plugins.rules)
 * 1:21023 <-> DISABLED <-> BROWSER-PLUGINS Viscom Software Image Viewer ActiveX function call access (browser-plugins.rules)
 * 1:21024 <-> DISABLED <-> BROWSER-PLUGINS McAfee Security as a Service ActiveX clsid access attempt (browser-plugins.rules)
 * 1:21025 <-> DISABLED <-> BROWSER-PLUGINS McAfee Security as a Service ActiveX function call attempt (browser-plugins.rules)
 * 1:21026 <-> DISABLED <-> BROWSER-PLUGINS McAfee Security as a Service ActiveX clsid access attempt (browser-plugins.rules)
 * 1:21027 <-> DISABLED <-> BROWSER-PLUGINS McAfee Security as a Service ActiveX function call attempt (browser-plugins.rules)
 * 1:21029 <-> ENABLED <-> BROWSER-PLUGINS Bennet-Tec TList saveData arbitrary file creation ActiveX clsid access (browser-plugins.rules)
 * 1:21030 <-> ENABLED <-> BROWSER-PLUGINS Bennet-Tec TList saveData arbitrary file creation ActiveX function call access (browser-plugins.rules)
 * 1:21031 <-> ENABLED <-> BROWSER-PLUGINS Bennet-Tec TList saveData arbitrary file creation ActiveX clsid access (browser-plugins.rules)
 * 1:21032 <-> ENABLED <-> BROWSER-PLUGINS Bennet-Tec TList saveData arbitrary file creation ActiveX function call access (browser-plugins.rules)
 * 1:21033 <-> ENABLED <-> BROWSER-PLUGINS Bennet-Tec TList saveData arbitrary file creation ActiveX clsid access (browser-plugins.rules)
 * 1:21034 <-> ENABLED <-> BROWSER-PLUGINS Bennet-Tec TList saveData arbitrary file creation ActiveX function call access (browser-plugins.rules)
 * 1:21050 <-> ENABLED <-> SERVER-OTHER HP Diagnostics Server magentservice.exe stack overflow attempt (server-other.rules)
 * 1:21056 <-> DISABLED <-> FILE-JAVA Oracle Java attempt to write in system32 (file-java.rules)
 * 1:21057 <-> ENABLED <-> FILE-OTHER Java Applet Rhino script engine remote code execution attempt (file-other.rules)
 * 1:21063 <-> ENABLED <-> BROWSER-PLUGINS HP Easy Printer Care Software ActiveX clsid access (browser-plugins.rules)
 * 1:21064 <-> ENABLED <-> BROWSER-PLUGINS HP Easy Printer Care Software ActiveX function call access (browser-plugins.rules)
 * 1:21075 <-> DISABLED <-> SERVER-APACHE Apache Struts remote code execution attempt - DebuggingInterceptor (server-apache.rules)
 * 1:21076 <-> ENABLED <-> BROWSER-PLUGINS HP Easy Printer Care Software ActiveX clsid access (browser-plugins.rules)
 * 1:21077 <-> ENABLED <-> BROWSER-PLUGINS HP Easy Printer Care Software ActiveX function call (browser-plugins.rules)
 * 1:21079 <-> ENABLED <-> PROTOCOL-SCADA Siemens SIMATIC HMI Administrator cookie detected (protocol-scada.rules)
 * 1:21082 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel window2 record use after free attempt (file-office.rules)
 * 1:21083 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel window2 record use after free attempt (file-office.rules)
 * 1:21086 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer object clone deletion memory corruption (browser-ie.rules)
 * 1:21094 <-> DISABLED <-> BROWSER-PLUGINS McAfee Remediation Agent ActiveX function call access (browser-plugins.rules)
 * 1:21095 <-> DISABLED <-> FILE-PDF Foxit Reader malicious pdf file write access (file-pdf.rules)
 * 1:21100 <-> DISABLED <-> PROTOCOL-RPC Novell Netware xdr decode string length buffer overflow attempt (protocol-rpc.rules)
 * 1:21105 <-> DISABLED <-> SERVER-OTHER Avaya WinPDM Unite host router buffer overflow attempt (server-other.rules)
 * 1:21112 <-> ENABLED <-> FILE-MULTIMEDIA RealNetworks RealPlayer mpeg width integer memory underflow attempt (file-multimedia.rules)
 * 1:21116 <-> ENABLED <-> FILE-OTHER Cisco Webex selector and size2 subrecords corruption attempt (file-other.rules)
 * 1:21117 <-> DISABLED <-> INDICATOR-COMPROMISE WSO web shell (indicator-compromise.rules)
 * 1:21118 <-> DISABLED <-> INDICATOR-COMPROMISE WSO web shell security information display (indicator-compromise.rules)
 * 1:21119 <-> DISABLED <-> INDICATOR-COMPROMISE WSO web shell interactive file system information display (indicator-compromise.rules)
 * 1:21120 <-> DISABLED <-> INDICATOR-COMPROMISE WSO web shell interactive console display (indicator-compromise.rules)
 * 1:21121 <-> DISABLED <-> INDICATOR-COMPROMISE WSO web shell interactive SQL display (indicator-compromise.rules)
 * 1:21129 <-> DISABLED <-> INDICATOR-COMPROMISE Mulcishell web shell (indicator-compromise.rules)
 * 1:21130 <-> DISABLED <-> INDICATOR-COMPROMISE Mulcishell web shell enumeration page (indicator-compromise.rules)
 * 1:21131 <-> DISABLED <-> INDICATOR-COMPROMISE Mulcishell web shell domain lookup page (indicator-compromise.rules)
 * 1:21132 <-> DISABLED <-> INDICATOR-COMPROMISE Mulcishell web shell sql interaction page (indicator-compromise.rules)
 * 1:21133 <-> DISABLED <-> INDICATOR-COMPROMISE Mulcishell web shell encoder page (indicator-compromise.rules)
 * 1:21134 <-> DISABLED <-> INDICATOR-COMPROMISE Mulcishell web shell security information page (indicator-compromise.rules)
 * 1:21135 <-> DISABLED <-> INDICATOR-COMPROMISE Mulcishell web shell password cracking page (indicator-compromise.rules)
 * 1:21136 <-> DISABLED <-> INDICATOR-COMPROMISE Mulcishell web shell security bypass page (indicator-compromise.rules)
 * 1:21137 <-> DISABLED <-> INDICATOR-COMPROMISE Mulcishell web shell tools page (indicator-compromise.rules)
 * 1:21138 <-> DISABLED <-> INDICATOR-COMPROMISE Mulcishell web shell database parsing page (indicator-compromise.rules)
 * 1:21139 <-> DISABLED <-> INDICATOR-COMPROMISE Mulcishell web shell spread shell page (indicator-compromise.rules)
 * 1:21140 <-> DISABLED <-> INDICATOR-COMPROMISE Mulcishell web shell kill shell page (indicator-compromise.rules)
 * 1:21154 <-> DISABLED <-> BROWSER-FIREFOX Mozilla products floating point buffer overflow attempt (browser-firefox.rules)
 * 1:21155 <-> DISABLED <-> BROWSER-FIREFOX Mozilla products floating point buffer overflow attempt (browser-firefox.rules)
 * 1:21159 <-> ENABLED <-> FILE-OTHER Microsoft Windows Media MIDI file memory corruption attempt (file-other.rules)
 * 1:21160 <-> DISABLED <-> FILE-IMAGE Microsoft Windows GDI+ TIFF file parsing heap overflow attempt (file-image.rules)
 * 1:21164 <-> DISABLED <-> SERVER-SAMBA Samba username map script command injection attempt (server-samba.rules)
 * 1:21167 <-> ENABLED <-> FILE-OTHER Microsoft Windows Media MIDI file memory corruption attempt (file-other.rules)
 * 1:21170 <-> ENABLED <-> FILE-OFFICE Microsoft Office OLESS stream object name corruption attempt (file-office.rules)
 * 1:2123 <-> DISABLED <-> INDICATOR-COMPROMISE Microsoft cmd.exe banner (indicator-compromise.rules)
 * 1:21235 <-> DISABLED <-> SERVER-WEBAPP LOCK WebDAV Stack Buffer Overflow attempt (server-webapp.rules)
 * 1:21253 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader malformed shading modifier heap corruption attempt (file-pdf.rules)
 * 1:21254 <-> DISABLED <-> FILE-PDF Foxit Reader createDataObject file write attempt (file-pdf.rules)
 * 1:21272 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer orphan DOM objects memory corruption attempt (browser-ie.rules)
 * 1:21281 <-> ENABLED <-> OS-WINDOWS Microsoft Windows ATMFD font driver malicious font file remote code execution attempt (os-windows.rules)
 * 1:21289 <-> ENABLED <-> OS-WINDOWS Microsoft Color Control Panel STI.dll dll-load exploit attempt (os-windows.rules)
 * 1:21290 <-> ENABLED <-> OS-WINDOWS Microsoft Color Control Panel STI.dll dll-load exploit attempt (os-windows.rules)
 * 1:21291 <-> ENABLED <-> FILE-OFFICE Microsoft Office Visio invalid row option attempt (file-office.rules)
 * 1:21292 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer style.position use-after-free memory corruption attempt (browser-ie.rules)
 * 1:21293 <-> ENABLED <-> FILE-OFFICE Microsoft Office Visio corrupted compressed data memory corruption attempt (file-office.rules)
 * 1:21295 <-> ENABLED <-> FILE-IDENTIFY FON file attachment detected (file-identify.rules)
 * 1:21296 <-> ENABLED <-> FILE-IDENTIFY FON file attachment detected (file-identify.rules)
 * 1:21297 <-> DISABLED <-> SERVER-WEBAPP Microsoft Office SharePoint themeweb.aspx XSS attempt (server-webapp.rules)
 * 1:21298 <-> DISABLED <-> SERVER-WEBAPP Microsoft SharePoint chart webpart XSS attempt (server-webapp.rules)
 * 1:21301 <-> ENABLED <-> FILE-OFFICE Microsoft Office Visio TAG_xxxSect code execution attempt (file-office.rules)
 * 1:21302 <-> ENABLED <-> FILE-OFFICE Microsoft Office Visio TAG_OLEChunk code execution attempt (file-office.rules)
 * 1:21305 <-> ENABLED <-> FILE-EXECUTABLE Microsoft .NET Framework System.Uri.ReCreateParts System.Uri.PathAndQuery overflow attempt (file-executable.rules)
 * 1:21307 <-> ENABLED <-> FILE-OFFICE Microsoft Office Visio TAG_xxxSheet code execution attempt (file-office.rules)
 * 1:21308 <-> ENABLED <-> FILE-OTHER Microsoft Windows C Run-Time Library remote code execution attempt (file-other.rules)
 * 1:21309 <-> ENABLED <-> OS-WINDOWS Microsoft product fputlsat.dll dll-load exploit attempt (os-windows.rules)
 * 1:21310 <-> ENABLED <-> OS-WINDOWS Microsoft product fputlsat.dll dll-load exploit attempt (os-windows.rules)
 * 1:21316 <-> ENABLED <-> FILE-OTHER Adobe shockwave director tSAC string termination memory corruption attempt (file-other.rules)
 * 1:21317 <-> ENABLED <-> FILE-OTHER BACnet OPC client csv file buffer overflow attempt (file-other.rules)
 * 1:21319 <-> ENABLED <-> FILE-FLASH Adobe Acrobat Flash Player version.dll dll-load exploit attempt (file-flash.rules)
 * 1:21320 <-> ENABLED <-> FILE-FLASH Adobe Acrobat Flash Player atl.dll dll-load exploit attempt (file-flash.rules)
 * 1:21321 <-> ENABLED <-> FILE-FLASH Adobe Acrobat Flash Player uxtheme.dll dll-load exploit attempt (file-flash.rules)
 * 1:21322 <-> ENABLED <-> FILE-FLASH Adobe Acrobat Flash Player version.dll dll-load exploit attempt (file-flash.rules)
 * 1:21323 <-> ENABLED <-> FILE-FLASH Adobe Acrobat Flash Player atl.dll dll-load exploit attempt (file-flash.rules)
 * 1:21324 <-> ENABLED <-> FILE-FLASH Adobe Acrobat Flash Player uxtheme.dll dll-load exploit attempt (file-flash.rules)
 * 1:21326 <-> ENABLED <-> FILE-FLASH Adobe Flash Player ActiveX URL import attempt (file-flash.rules)
 * 1:21328 <-> DISABLED <-> SERVER-OTHER Synergy clipboard format server integer overflow attempt (server-other.rules)
 * 1:21329 <-> DISABLED <-> SERVER-OTHER Synergy clipboard format client integer overflow attempt (server-other.rules)
 * 1:21330 <-> DISABLED <-> SERVER-OTHER Synergy clipboard format server integer overflow attempt (server-other.rules)
 * 1:21335 <-> ENABLED <-> FILE-FLASH Adobe Flash Player ActionScript bytecode type confusion null dereference attempt (file-flash.rules)
 * 1:21336 <-> ENABLED <-> FILE-FLASH Adobe Flash ASConstructor insecure calling attempt (file-flash.rules)
 * 1:21338 <-> ENABLED <-> FILE-FLASH Adobe Flash Player MP4 zero length atom attempt (file-flash.rules)
 * 1:21339 <-> ENABLED <-> FILE-MULTIMEDIA Adobe Flash Player MP4 zero length atom auth field attempt (file-multimedia.rules)
 * 1:21340 <-> ENABLED <-> FILE-MULTIMEDIA Adobe Flash Player MP4 zero length atom 'titl' field attempt (file-multimedia.rules)
 * 1:21341 <-> ENABLED <-> FILE-MULTIMEDIA Adobe Flash Player MP4 zero length atom 'dscp' field attempt (file-multimedia.rules)
 * 1:21342 <-> ENABLED <-> FILE-MULTIMEDIA Adobe Flash Player MP4 zero length atom cprt field attempt (file-multimedia.rules)
 * 1:21349 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector stack overflow attempt (server-other.rules)
 * 1:21350 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector stack overflow attempt (server-other.rules)
 * 1:21351 <-> DISABLED <-> SERVER-OTHER IBM Tivoli kuddb2 denial of service attempt (server-other.rules)
 * 1:21357 <-> ENABLED <-> OS-WINDOWS Microsoft Windows OLEAUT32.DLL malicious WMF file remote code execution attempt (os-windows.rules)
 * 1:21371 <-> ENABLED <-> FILE-OTHER Adobe Shockwave Director KEY chunk buffer overflow attempt (file-other.rules)
 * 1:21375 <-> DISABLED <-> SERVER-WEBAPP Remote Execution Backdoor Attempt Against Horde (server-webapp.rules)
 * 1:21377 <-> DISABLED <-> SERVER-WEBAPP Cisco Unified Communications Manager sql injection attempt (server-webapp.rules)
 * 1:21385 <-> DISABLED <-> SERVER-WEBAPP Cisco Common Services Help servlet XSS attempt (server-webapp.rules)
 * 1:21387 <-> DISABLED <-> FILE-JAVA Oracle Java runtime RMIConnectionImpl deserialization execution attempt (file-java.rules)
 * 1:21389 <-> DISABLED <-> SERVER-WEBAPP Cisco Common Services Device Center XSS attempt (server-webapp.rules)
 * 1:21393 <-> DISABLED <-> FILE-MULTIMEDIA Magix Musik Maker 16 buffer overflow attempt (file-multimedia.rules)
 * 1:21405 <-> DISABLED <-> OS-WINDOWS Microsoft Anti-Cross Site Scripting library bypass attempt (os-windows.rules)
 * 1:21406 <-> DISABLED <-> BROWSER-PLUGINS McAfee Security Center ActiveX clsid access (browser-plugins.rules)
 * 1:21407 <-> DISABLED <-> SERVER-OTHER Symantic multiple products VRTSweb code execution (server-other.rules)
 * 1:21413 <-> DISABLED <-> FILE-OTHER PeaZip command injection attempt (file-other.rules)
 * 1:21417 <-> DISABLED <-> FILE-PDF hostile PDF associated with Laik exploit kit (file-pdf.rules)
 * 1:21421 <-> DISABLED <-> PROTOCOL-DNS ISC BIND DNSSEC authority response record overflow attempt (protocol-dns.rules)
 * 1:21422 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel Lel record memory corruption attempt (file-office.rules)
 * 1:21423 <-> ENABLED <-> FILE-OFFICE Microsoft Office Publisher Opltc memory corruption attempt (file-office.rules)
 * 1:21429 <-> DISABLED <-> FILE-PDF Possible unknown malicious PDF (file-pdf.rules)
 * 1:21431 <-> DISABLED <-> FILE-PDF Possible malicious pdf - new pdf exploit (file-pdf.rules)
 * 1:21437 <-> DISABLED <-> FILE-OTHER WordPerfect WP3TablesGroup heap overflow attempt (file-other.rules)
 * 1:21439 <-> ENABLED <-> FILE-IMAGE Microsoft Windows GDI+ arbitrary code execution attempt (file-image.rules)
 * 1:21446 <-> DISABLED <-> BROWSER-PLUGINS FileSystemObject clsid access (browser-plugins.rules)
 * 1:21447 <-> DISABLED <-> BROWSER-PLUGINS FileSystemObject function call (browser-plugins.rules)
 * 1:21453 <-> DISABLED <-> FILE-PDF Possible unknown malicious PDF (file-pdf.rules)
 * 1:21457 <-> ENABLED <-> FILE-FLASH Adobe Flash ActionScript float index array memory corruption (file-flash.rules)
 * 1:21458 <-> ENABLED <-> FILE-FLASH Adobe Flash ActionScript float index array memory corruption (file-flash.rules)
 * 1:21462 <-> DISABLED <-> FILE-JAVA Oracle Java Plugin security bypass (file-java.rules)
 * 1:21478 <-> DISABLED <-> FILE-IDENTIFY CHM file attachment detected (file-identify.rules)
 * 1:21479 <-> DISABLED <-> FILE-IDENTIFY CHM file attachment detected (file-identify.rules)
 * 1:21481 <-> ENABLED <-> FILE-JAVA Oracle Java Web Start arbitrary command execution attempt (file-java.rules)
 * 1:21483 <-> ENABLED <-> PROTOCOL-SCADA Moxa Device Manager buffer overflow attempt (protocol-scada.rules)
 * 1:21485 <-> DISABLED <-> SERVER-OTHER EMC RepliStor denial of service attempt (server-other.rules)
 * 1:21489 <-> DISABLED <-> FILE-OTHER Microsoft Windows chm file malware related exploit (file-other.rules)
 * 1:21491 <-> ENABLED <-> PROTOCOL-SCADA Sielco Sistemi Winlog Pro stack buffer overflow attempt (protocol-scada.rules)
 * 1:21493 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows DRM technology msnetobj.dll ActiveX clsid access (browser-plugins.rules)
 * 1:21503 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel SXDB memory corruption (file-office.rules)
 * 1:21504 <-> ENABLED <-> OS-WINDOWS Microsoft Windows Object Packager ClickOnce object remote code execution attempt (os-windows.rules)
 * 1:21505 <-> ENABLED <-> OS-WINDOWS Microsoft Windows Object Packager ClickOnce object remote code execution attempt (os-windows.rules)
 * 1:21506 <-> ENABLED <-> OS-WINDOWS Microsoft Windows Object Packager ClickOnce object remote code execution attempt (os-windows.rules)
 * 1:21507 <-> ENABLED <-> OS-WINDOWS Microsoft Windows Object Packager ClickOnce object remote code execution attempt (os-windows.rules)
 * 1:21508 <-> ENABLED <-> OS-WINDOWS Microsoft Windows Object Packager ClickOnce object remote code execution attempt (os-windows.rules)
 * 1:21519 <-> DISABLED <-> INDICATOR-OBFUSCATION Dadongs obfuscated javascript (indicator-obfuscation.rules)
 * 1:21522 <-> DISABLED <-> SERVER-APACHE Apache Struts parameters interceptor remote code execution attempt (server-apache.rules)
 * 1:21529 <-> DISABLED <-> OS-WINDOWS SMB Trans2 Find_First2 filename overflow attempt (os-windows.rules)
 * 1:21533 <-> ENABLED <-> FILE-FLASH Adobe Actionscript Stage3D null dereference attempt (file-flash.rules)
 * 1:21534 <-> ENABLED <-> FILE-FLASH Adobe Actionscript Matrix3D.copyRawDataFrom buffer overflow attempt (file-flash.rules)
 * 1:21535 <-> ENABLED <-> FILE-FLASH Adobe Actionscript Matrix3D.copyRawDataFrom buffer overflow attempt (file-flash.rules)
 * 1:21536 <-> ENABLED <-> FILE-FLASH Adobe Actionscript Stage3D null dereference attempt (file-flash.rules)
 * 1:21558 <-> DISABLED <-> BROWSER-PLUGINS Symantec Norton Antivirus ActiveX clsid access (browser-plugins.rules)
 * 1:21559 <-> DISABLED <-> BROWSER-PLUGINS Symantec Norton Antivirus ActiveX clsid access (browser-plugins.rules)
 * 1:21560 <-> DISABLED <-> BROWSER-PLUGINS Symantec Norton Antivirus ActiveX clsid access (browser-plugins.rules)
 * 1:21561 <-> DISABLED <-> BROWSER-PLUGINS Symantec Norton Antivirus ActiveX function call access (browser-plugins.rules)
 * 1:21566 <-> ENABLED <-> OS-WINDOWS Microsoft Expression Design wintab32.dll dll-load exploit attempt (os-windows.rules)
 * 1:21567 <-> ENABLED <-> OS-WINDOWS Microsoft Expression Design wintab32.dll dll-load exploit attempt (os-windows.rules)
 * 1:21569 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer toStaticHTML XSS attempt (browser-ie.rules)
 * 1:21570 <-> ENABLED <-> OS-WINDOWS Microsoft Windows RemoteDesktop new session flood attempt (os-windows.rules)
 * 1:21577 <-> DISABLED <-> INDICATOR-OBFUSCATION JavaScript obfuscation - charcode (indicator-obfuscation.rules)
 * 1:21578 <-> DISABLED <-> INDICATOR-OBFUSCATION JavaScript obfuscation - eval (indicator-obfuscation.rules)
 * 1:21579 <-> DISABLED <-> INDICATOR-OBFUSCATION JavaScript obfuscation - fromCharCode (indicator-obfuscation.rules)
 * 1:21580 <-> DISABLED <-> INDICATOR-OBFUSCATION JavaScript obfuscation - fromCharCode (indicator-obfuscation.rules)
 * 1:21583 <-> DISABLED <-> FILE-PDF Possible malicious pdf detection - qwe123 (file-pdf.rules)
 * 1:21584 <-> ENABLED <-> FILE-IDENTIFY VisiWave VWR file download request (file-identify.rules)
 * 1:21585 <-> ENABLED <-> FILE-IDENTIFY VisiWave VWR file attachment detected (file-identify.rules)
 * 1:21586 <-> ENABLED <-> FILE-IDENTIFY VisiWave VWR file attachment detected (file-identify.rules)
 * 1:21587 <-> ENABLED <-> FILE-OTHER VisiWave VWR file parsing code execution attempt (file-other.rules)
 * 1:21595 <-> DISABLED <-> OS-MOBILE Android/Nickispy.D initialization request detection (os-mobile.rules)
 * 1:21596 <-> DISABLED <-> OS-MOBILE Android/Nickispy.D initialization response detection (os-mobile.rules)
 * 1:21597 <-> DISABLED <-> OS-MOBILE Android/Nickispy.D sms logging request detection (os-mobile.rules)
 * 1:21598 <-> DISABLED <-> OS-MOBILE Android/Nickispy.D sms logging response detection (os-mobile.rules)
 * 1:21607 <-> DISABLED <-> FILE-OTHER IBM Installation Manager iim uri code execution attempt (file-other.rules)
 * 1:21613 <-> DISABLED <-> FILE-IDENTIFY PNG file attachment detected (file-identify.rules)
 * 1:21614 <-> DISABLED <-> FILE-IDENTIFY PNG file attachment detected (file-identify.rules)
 * 1:21615 <-> DISABLED <-> FILE-IDENTIFY WMF file attachment detected (file-identify.rules)
 * 1:21616 <-> DISABLED <-> FILE-IDENTIFY WMF file attachment detected (file-identify.rules)
 * 1:21620 <-> DISABLED <-> FILE-IDENTIFY WAV file magic detected (file-identify.rules)
 * 1:21623 <-> ENABLED <-> FILE-IDENTIFY QUO file attachment detected (file-identify.rules)
 * 1:21624 <-> ENABLED <-> FILE-IDENTIFY QUO file attachment detected (file-identify.rules)
 * 1:21625 <-> ENABLED <-> FILE-IDENTIFY POR file attachment detected (file-identify.rules)
 * 1:21626 <-> ENABLED <-> FILE-IDENTIFY POR file attachment detected (file-identify.rules)
 * 1:21627 <-> ENABLED <-> FILE-IDENTIFY SUM file attachment detected (file-identify.rules)
 * 1:21628 <-> ENABLED <-> FILE-IDENTIFY SUM file attachment detected (file-identify.rules)
 * 1:21629 <-> DISABLED <-> FILE-OTHER ELF file parsing in different antivirus evasion attempt (file-other.rules)
 * 1:21630 <-> DISABLED <-> FILE-OTHER ELF file parsing in different antivirus evasion attempt (file-other.rules)
 * 1:21637 <-> DISABLED <-> POLICY-SPAM local user attempted to fill out paypal phishing form (policy-spam.rules)
 * 1:21644 <-> DISABLED <-> PUA-ADWARE Adware.MediaGetInstaller inbound connection - destination ip infected (pua-adware.rules)
 * 1:21645 <-> DISABLED <-> PUA-ADWARE Adware.MediaGetInstaller outbound connection - source ip infected (pua-adware.rules)
 * 1:21653 <-> ENABLED <-> FILE-FLASH Adobe Flash ActionScript getURL target null reference attempt (file-flash.rules)
 * 1:21654 <-> ENABLED <-> FILE-FLASH Adobe Flash Video invalid tag type attempt (file-flash.rules)
 * 1:21655 <-> ENABLED <-> FILE-FLASH Adobe Flash Video invalid tag type attempt (file-flash.rules)
 * 1:21656 <-> DISABLED <-> SERVER-APACHE Apache Struts remote code execution attempt ParametersInterceptor (server-apache.rules)
 * 1:21662 <-> DISABLED <-> SERVER-OTHER Blue Coat Systems WinProxy telnet denial of service attempt (server-other.rules)
 * 1:21663 <-> DISABLED <-> SERVER-OTHER CA BrightStor Agent for Microsoft SQL overflow attempt (server-other.rules)
 * 1:21664 <-> ENABLED <-> FILE-JAVA Oracle Java JRE sandbox Atomic breach attempt (file-java.rules)
 * 1:21665 <-> ENABLED <-> FILE-JAVA Oracle Java JRE sandbox Atomic breach attempt (file-java.rules)
 * 1:21666 <-> ENABLED <-> FILE-JAVA Oracle Java JRE sandbox Atomic breach attempt (file-java.rules)
 * 1:21667 <-> ENABLED <-> FILE-JAVA Oracle Java JRE sandbox Atomic breach attempt (file-java.rules)
 * 1:21671 <-> DISABLED <-> SERVER-WEBAPP PECL zip URL wrapper buffer overflow attempt (server-webapp.rules)
 * 1:21672 <-> DISABLED <-> PROTOCOL-VOIP Digium Asterisk SCCP capabilities response message capabilities count overflow attempt (protocol-voip.rules)
 * 1:21673 <-> DISABLED <-> PROTOCOL-VOIP Digium Asterisk SCCP overly large mem copy attempt (protocol-voip.rules)
 * 1:21691 <-> DISABLED <-> FILE-IDENTIFY SMIL file attachment detected (file-identify.rules)
 * 1:21692 <-> DISABLED <-> FILE-IDENTIFY SMIL file attachment detected (file-identify.rules)
 * 1:21695 <-> DISABLED <-> FILE-IDENTIFY SMI file attachment detected (file-identify.rules)
 * 1:21696 <-> DISABLED <-> FILE-IDENTIFY SMI file attachment detected (file-identify.rules)
 * 1:21697 <-> DISABLED <-> FILE-IDENTIFY SAMI file attachment detected (file-identify.rules)
 * 1:21698 <-> DISABLED <-> FILE-IDENTIFY SAMI file attachment detected (file-identify.rules)
 * 1:21701 <-> DISABLED <-> FILE-IDENTIFY FlashPix file attachment detected (file-identify.rules)
 * 1:21702 <-> DISABLED <-> FILE-IDENTIFY FlashPix file attachment detected (file-identify.rules)
 * 1:21703 <-> DISABLED <-> FILE-IDENTIFY 4XM file attachment detected (file-identify.rules)
 * 1:21704 <-> DISABLED <-> FILE-IDENTIFY 4XM file attachment detected (file-identify.rules)
 * 1:21705 <-> DISABLED <-> FILE-IDENTIFY BitTorrent torrent file attachment detected (file-identify.rules)
 * 1:21706 <-> DISABLED <-> FILE-IDENTIFY BitTorrent torrent file attachment detected (file-identify.rules)
 * 1:21711 <-> DISABLED <-> FILE-IDENTIFY PFA file download request (file-identify.rules)
 * 1:21712 <-> DISABLED <-> FILE-IDENTIFY PFA file magic detected (file-identify.rules)
 * 1:21713 <-> DISABLED <-> FILE-IDENTIFY PFA file attachment detected (file-identify.rules)
 * 1:21714 <-> DISABLED <-> FILE-IDENTIFY PFA file attachment detected (file-identify.rules)
 * 1:21715 <-> DISABLED <-> FILE-IDENTIFY PFB file download request (file-identify.rules)
 * 1:21716 <-> DISABLED <-> FILE-IDENTIFY PFB file attachment detected (file-identify.rules)
 * 1:21717 <-> DISABLED <-> FILE-IDENTIFY PFB file attachment detected (file-identify.rules)
 * 1:21718 <-> DISABLED <-> FILE-IDENTIFY PFM file download request (file-identify.rules)
 * 1:21719 <-> DISABLED <-> FILE-IDENTIFY PFM file attachment detected (file-identify.rules)
 * 1:21720 <-> DISABLED <-> FILE-IDENTIFY PFM file attachment detected (file-identify.rules)
 * 1:21721 <-> DISABLED <-> FILE-IDENTIFY AFM file download request (file-identify.rules)
 * 1:21722 <-> DISABLED <-> FILE-IDENTIFY AFM file attachment detected (file-identify.rules)
 * 1:21723 <-> DISABLED <-> FILE-IDENTIFY AFM file attachment detected (file-identify.rules)
 * 1:21724 <-> DISABLED <-> FILE-IDENTIFY ANI file download request (file-identify.rules)
 * 1:21725 <-> DISABLED <-> FILE-IDENTIFY ANI file attachment detected (file-identify.rules)
 * 1:21726 <-> DISABLED <-> FILE-IDENTIFY ANI file attachment detected (file-identify.rules)
 * 1:21727 <-> DISABLED <-> FILE-IDENTIFY ANI file magic detection (file-identify.rules)
 * 1:21742 <-> DISABLED <-> FILE-IDENTIFY Embedded Open Type Font file attachment detected (file-identify.rules)
 * 1:21743 <-> DISABLED <-> FILE-IDENTIFY Embedded Open Type Font file attachment detected (file-identify.rules)
 * 1:21748 <-> DISABLED <-> FILE-IDENTIFY HPJ file download request (file-identify.rules)
 * 1:21749 <-> DISABLED <-> FILE-IDENTIFY HPJ file attachment detected (file-identify.rules)
 * 1:21750 <-> DISABLED <-> FILE-IDENTIFY HPJ file attachment detected (file-identify.rules)
 * 1:21751 <-> DISABLED <-> FILE-IDENTIFY HPJ file magic detected (file-identify.rules)
 * 1:21752 <-> ENABLED <-> SERVER-OTHER Novell ZENWorks configuration management preboot request buffer overflow attempt (server-other.rules)
 * 1:21753 <-> DISABLED <-> PROTOCOL-VOIP Digium Asterisk Management Interface HTTP digest authentication stack buffer overflow attempt (protocol-voip.rules)
 * 1:21754 <-> DISABLED <-> OS-WINDOWS Microsoft Windows MSXML2 ActiveX malformed HTTP response (os-windows.rules)
 * 1:21759 <-> DISABLED <-> FILE-OTHER Ultra Shareware Office HttpUpload buffer overflow attempt (file-other.rules)
 * 1:2176 <-> DISABLED <-> OS-WINDOWS SMB startup folder access (os-windows.rules)
 * 1:21762 <-> DISABLED <-> SERVER-WEBAPP Youngzsoft CMailServer CMailCOM Buffer Overflow attempt (server-webapp.rules)
 * 1:21765 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader PDF subroutine pointer attempt (file-pdf.rules)
 * 1:21766 <-> DISABLED <-> FILE-IMAGE Apple QuickDraw PICT images ARGB records handling memory corruption attempt (file-image.rules)
 * 1:21776 <-> DISABLED <-> SERVER-MAIL Microsoft Windows Exchange MODPROPS denial of service attempt (server-mail.rules)
 * 1:21780 <-> DISABLED <-> INDICATOR-OBFUSCATION encoded waitfor delay function in POST - possible sql injection attempt (indicator-obfuscation.rules)
 * 1:21781 <-> DISABLED <-> INDICATOR-OBFUSCATION encoded union select function in POST - possible sql injection attempt (indicator-obfuscation.rules)
 * 1:21783 <-> DISABLED <-> INDICATOR-OBFUSCATION encoded script tag in POST parameters - likely cross-site scripting (indicator-obfuscation.rules)
 * 1:21784 <-> DISABLED <-> INDICATOR-OBFUSCATION encoded script tag in POST parameters - likely cross-site scripting (indicator-obfuscation.rules)
 * 1:21786 <-> DISABLED <-> INDICATOR-OBFUSCATION encoded javascript escape function in POST parameters - likely javascript injection (indicator-obfuscation.rules)
 * 1:21787 <-> DISABLED <-> INDICATOR-OBFUSCATION encoded javascript escape function in POST parameters - likely javascript injection (indicator-obfuscation.rules)
 * 1:21790 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer SelectAll dangling pointer use after free attempt (browser-ie.rules)
 * 1:21791 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer SelectAll dangling pointer use after free attempt (browser-ie.rules)
 * 1:21792 <-> ENABLED <-> FILE-EXECUTABLE Microsoft Windows .NET invalid parsing of graphics data attempt (file-executable.rules)
 * 1:21794 <-> ENABLED <-> FILE-OFFICE Microsoft Works 9 and Word 12 converter heap overflow attempt (file-office.rules)
 * 1:21795 <-> ENABLED <-> FILE-EXECUTABLE Microsoft Windows Authenticode signature verification bypass attempt (file-executable.rules)
 * 1:21796 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer iframe onreadystatechange handler use-after-free attempt (browser-ie.rules)
 * 1:2180 <-> DISABLED <-> PUA-P2P BitTorrent announce request (pua-p2p.rules)
 * 1:21806 <-> ENABLED <-> SERVER-SAMBA Samba malicious user defined array size and buffer attempt (server-samba.rules)
 * 1:21815 <-> ENABLED <-> FILE-IDENTIFY LZH file attachment detected (file-identify.rules)
 * 1:21816 <-> ENABLED <-> FILE-IDENTIFY LZH file attachment detected (file-identify.rules)
 * 1:2185 <-> ENABLED <-> PROTOCOL-RPC mountd UDP mount path overflow attempt (protocol-rpc.rules)
 * 1:21854 <-> DISABLED <-> FILE-IDENTIFY LNK file attachment detected (file-identify.rules)
 * 1:21855 <-> DISABLED <-> FILE-IDENTIFY LNK file attachment detected (file-identify.rules)
 * 1:21858 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader msiexec.exe file load exploit attempt (file-pdf.rules)
 * 1:21859 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader msiexec.exe file load exploit attempt (file-pdf.rules)
 * 1:21863 <-> ENABLED <-> FILE-IDENTIFY Google Chrome extension file attachment detected (file-identify.rules)
 * 1:21864 <-> ENABLED <-> FILE-IDENTIFY Google Chrome extension file attachment detected (file-identify.rules)
 * 1:21865 <-> DISABLED <-> FILE-IDENTIFY Microsoft Windows Fax Cover page document file attachment detected (file-identify.rules)
 * 1:21866 <-> DISABLED <-> FILE-IDENTIFY Microsoft Windows Fax Cover page document file attachment detected (file-identify.rules)
 * 1:21867 <-> DISABLED <-> FILE-IDENTIFY Microsoft Windows Fax Cover page document file attachment detected (file-identify.rules)
 * 1:21868 <-> DISABLED <-> FILE-IDENTIFY Microsoft Windows Fax Cover page document file attachment detected (file-identify.rules)
 * 1:21869 <-> ENABLED <-> FILE-OTHER Java JRE sandbox breach attempt (file-other.rules)
 * 1:21878 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader embedded TTF interger overflow attempt (file-pdf.rules)
 * 1:21881 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader javascript toolbar button use after free attempt (file-pdf.rules)
 * 1:21882 <-> ENABLED <-> BROWSER-PLUGINS ICONICS WebHMI ActiveX clsid access attempt (browser-plugins.rules)
 * 1:21883 <-> ENABLED <-> BROWSER-PLUGINS ICONICS WebHMI ActiveX clsid access attempt (browser-plugins.rules)
 * 1:21888 <-> DISABLED <-> FILE-IDENTIFY Microsoft Windows Movie Maker file attachment detected (file-identify.rules)
 * 1:21889 <-> DISABLED <-> FILE-IDENTIFY Microsoft Windows Movie Maker file attachment detected (file-identify.rules)
 * 1:21894 <-> ENABLED <-> FILE-IDENTIFY SVG file attachment detected (file-identify.rules)
 * 1:21895 <-> ENABLED <-> FILE-IDENTIFY SVG file attachment detected (file-identify.rules)
 * 1:21907 <-> DISABLED <-> FILE-OFFICE Microsoft Office rtf document generic exploit indicator (file-office.rules)
 * 1:21913 <-> DISABLED <-> SERVER-OTHER EMC data protection advisor DOS attempt (server-other.rules)
 * 1:21914 <-> ENABLED <-> SERVER-OTHER Novell ZENWorks configuration management preboot opcode 6C request buffer overflow attempt (server-other.rules)
 * 1:21918 <-> ENABLED <-> BROWSER-PLUGINS IBM Tivoli Provisioning Manager Express Buffer Overflow ActiveX clsid access attempt (browser-plugins.rules)
 * 1:21919 <-> ENABLED <-> BROWSER-PLUGINS IBM Tivoli Provisioning Manager Express Buffer Overflow ActiveX function call access attempt (browser-plugins.rules)
 * 1:21920 <-> DISABLED <-> SERVER-ORACLE Oracle Outside In CorelDRAW file parser buffer overflow attempt (server-oracle.rules)
 * 1:21921 <-> DISABLED <-> SERVER-ORACLE Oracle Outside In CorelDRAW file parser buffer overflow attempt (server-oracle.rules)
 * 1:21922 <-> ENABLED <-> FILE-OTHER VLC mms hostname buffer overflow attempt (file-other.rules)
 * 1:21924 <-> DISABLED <-> PUA-ADWARE Adware.Downware variant outbound connection attempt (pua-adware.rules)
 * 1:21926 <-> DISABLED <-> SERVER-WEBAPP JCE Joomla module vulnerable directory traversal or malicious file upload attempt (server-webapp.rules)
 * 1:21927 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel style handling overflow attempt (file-office.rules)
 * 1:21928 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel malformed FBI record (file-office.rules)
 * 1:21932 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel TXO and OBJ records parsing stack memory corruption attempt (file-office.rules)
 * 1:21933 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel MalformedPalette Record Memory Corruption attempt (file-office.rules)
 * 1:21934 <-> DISABLED <-> PUA-ADWARE 888Poker install outbound connection attempt (pua-adware.rules)
 * 1:21935 <-> ENABLED <-> FILE-OFFICE Microsoft Works 9 and Word 12 converter heap overflow attempt (file-office.rules)
 * 1:21938 <-> DISABLED <-> PROTOCOL-TELNET RuggedCom default backdoor login attempt (protocol-telnet.rules)
 * 1:21939 <-> DISABLED <-> PROTOCOL-TELNET RuggedCom telnet initial banner (protocol-telnet.rules)
 * 1:21940 <-> ENABLED <-> FILE-IDENTIFY EMF file magic detected (file-identify.rules)
 * 1:21941 <-> DISABLED <-> INDICATOR-COMPROMISE Wordpress Request for php file in fgallery directory (indicator-compromise.rules)
 * 1:21942 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel sheet object type confusion exploit attempt (file-office.rules)
 * 1:21943 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel sheet object type confusion exploit attempt (file-office.rules)
 * 1:21944 <-> DISABLED <-> SERVER-OTHER IBM Tivoli Endpoint Manager Web Reports xss attempt (server-other.rules)
 * 1:21948 <-> DISABLED <-> FILE-IMAGE Adobe Photoshop TIFF malicious SGILOG-compressed data attempt (file-image.rules)
 * 1:21953 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Multiple Products HTML href shell attempt (browser-firefox.rules)
 * 1:21991 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer data stream header remote code execution attempt (browser-ie.rules)
 * 1:21992 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer data stream header remote code execution attempt (browser-ie.rules)
 * 1:21993 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer data stream header remote code execution attempt (browser-ie.rules)
 * 1:21994 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 8 DOM memory corruption attempt (browser-ie.rules)
 * 1:22004 <-> ENABLED <-> SERVER-SAMBA Samba malicious user defined array size and buffer attempt (server-samba.rules)
 * 1:22005 <-> ENABLED <-> SERVER-SAMBA Samba malicious user defined array size and buffer attempt (server-samba.rules)
 * 1:22006 <-> ENABLED <-> SERVER-SAMBA Samba malicious user defined array size and buffer attempt (server-samba.rules)
 * 1:22007 <-> ENABLED <-> SERVER-SAMBA Samba malicious user defined array size and buffer attempt (server-samba.rules)
 * 1:22008 <-> ENABLED <-> SERVER-SAMBA Samba malicious user defined array size and buffer attempt (server-samba.rules)
 * 1:22009 <-> ENABLED <-> SERVER-SAMBA Samba malicious user defined array size and buffer attempt (server-samba.rules)
 * 1:22010 <-> ENABLED <-> SERVER-SAMBA Samba malicious user defined array size and buffer attempt (server-samba.rules)
 * 1:22011 <-> ENABLED <-> SERVER-SAMBA Samba malicious user defined array size and buffer attempt (server-samba.rules)
 * 1:22012 <-> ENABLED <-> SERVER-SAMBA Samba malicious user defined array size and buffer attempt (server-samba.rules)
 * 1:22025 <-> DISABLED <-> FILE-IDENTIFY Microsoft Visual Studio VAP file download request (file-identify.rules)
 * 1:22026 <-> DISABLED <-> FILE-IDENTIFY Microsoft Visual Studio VAP file attachment detected (file-identify.rules)
 * 1:22027 <-> DISABLED <-> FILE-IDENTIFY Microsoft Visual Studio VAP file attachment detected (file-identify.rules)
 * 1:22028 <-> DISABLED <-> FILE-IDENTIFY Microsoft Visual Studio VAP file magic detected (file-identify.rules)
 * 1:22032 <-> DISABLED <-> FILE-OTHER Visual Studio VAP file handling buffer overflow attempt (file-other.rules)
 * 1:22042 <-> ENABLED <-> FILE-EXECUTABLE Microsoft Windows .NET invalid parsing of graphics data attempt (file-executable.rules)
 * 1:22049 <-> DISABLED <-> BROWSER-PLUGINS Symantec Norton Internet Security ActiveX clsid access (browser-plugins.rules)
 * 1:22050 <-> DISABLED <-> BROWSER-PLUGINS Symantec Norton Internet Security ActiveX function call (browser-plugins.rules)
 * 1:22052 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel style record overflow attempt (file-office.rules)
 * 1:22063 <-> DISABLED <-> SERVER-WEBAPP PHP-CGI remote file include attempt (server-webapp.rules)
 * 1:22064 <-> DISABLED <-> SERVER-WEBAPP PHP-CGI command injection attempt (server-webapp.rules)
 * 1:22066 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word ScriptBridge OCX controller attempt (file-office.rules)
 * 1:22071 <-> DISABLED <-> INDICATOR-OBFUSCATION Microsoft Office Word JavaScript obfuscation - eval (indicator-obfuscation.rules)
 * 1:22072 <-> DISABLED <-> INDICATOR-OBFUSCATION Microsoft Office Word JavaScript obfuscation - fromCharCode (indicator-obfuscation.rules)
 * 1:22073 <-> DISABLED <-> INDICATOR-OBFUSCATION Microsoft Office Word JavaScript obfuscation - unescape (indicator-obfuscation.rules)
 * 1:22074 <-> DISABLED <-> INDICATOR-OBFUSCATION Microsoft Office Word JavaScript obfuscation - charCode (indicator-obfuscation.rules)
 * 1:22075 <-> ENABLED <-> FILE-OFFICE Microsoft Office Visio IndexDirectorySize greater than ChildrenSize memory access attempt (file-office.rules)
 * 1:22076 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel invalid Window2 BIFF record value attempt (file-office.rules)
 * 1:22077 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel ObjectLink invalid wLinkVar2 value attempt (file-office.rules)
 * 1:22078 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel invalid Window2 BIFF record value attempt (file-office.rules)
 * 1:22079 <-> ENABLED <-> OS-WINDOWS Microsoft .NET framework EvidenceBase class remote code execution attempt (os-windows.rules)
 * 1:22080 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer xbap custom ISeralizable object exception attempt (browser-ie.rules)
 * 1:22081 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel rtMergeCells heap overflow attempt (file-office.rules)
 * 1:22082 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office PowerPoint pptx file download request (file-identify.rules)
 * 1:22083 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office PowerPoint pptx file attachment detected (file-identify.rules)
 * 1:22084 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office PowerPoint pptx file attachment detected (file-identify.rules)
 * 1:22085 <-> ENABLED <-> FILE-OFFICE Microsoft Office GDI+ incorrect index validation of malformed EMF image attempt (file-office.rules)
 * 1:22086 <-> ENABLED <-> FILE-OFFICE Microsoft Office GDI+ incorrect index validation of malformed EMF image attempt (file-office.rules)
 * 1:22087 <-> ENABLED <-> FILE-OTHER Microsoft Windows True Type Font maxComponentPoints overflow attempt (file-other.rules)
 * 1:22092 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel SERIES record sdtY memory corruption attempt (file-office.rules)
 * 1:22093 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel SERIES record SerAuxTrend sdtX memory corruption attempt (file-office.rules)
 * 1:22094 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel SERIES record SerAuxErrBar sdtX memory corruption attempt (file-office.rules)
 * 1:22098 <-> DISABLED <-> INDICATOR-COMPROMISE hex-encoded create_function detected (indicator-compromise.rules)
 * 1:22104 <-> DISABLED <-> FILE-IMAGE libpng chunk decompression integer overflow attempt (file-image.rules)
 * 1:22105 <-> DISABLED <-> FILE-IMAGE libpng chunk decompression integer overflow attempt (file-image.rules)
 * 1:22106 <-> DISABLED <-> FILE-IMAGE libpng chunk decompression integer overflow attempt (file-image.rules)
 * 1:22107 <-> DISABLED <-> FILE-IMAGE libpng chunk decompression integer overflow attempt (file-image.rules)
 * 1:22108 <-> DISABLED <-> FILE-IMAGE libpng chunk decompression integer overflow attempt (file-image.rules)
 * 1:22109 <-> DISABLED <-> FILE-IMAGE libpng chunk decompression integer overflow attempt (file-image.rules)
 * 1:2252 <-> DISABLED <-> OS-WINDOWS SMB-DS DCERPC Remote Activation bind attempt (os-windows.rules)
 * 1:2253 <-> DISABLED <-> SERVER-MAIL XEXCH50 overflow attempt (server-mail.rules)
 * 1:2255 <-> DISABLED <-> PROTOCOL-RPC sadmind query with root credentials attempt TCP (protocol-rpc.rules)
 * 1:2256 <-> DISABLED <-> PROTOCOL-RPC sadmind query with root credentials attempt UDP (protocol-rpc.rules)
 * 1:2257 <-> DISABLED <-> OS-WINDOWS DCERPC Messenger Service buffer overflow attempt (os-windows.rules)
 * 1:2258 <-> DISABLED <-> OS-WINDOWS SMB-DS DCERPC Messenger Service buffer overflow attempt (os-windows.rules)
 * 1:2259 <-> DISABLED <-> SERVER-MAIL EXPN overflow attempt (server-mail.rules)
 * 1:2260 <-> DISABLED <-> SERVER-MAIL VRFY overflow attempt (server-mail.rules)
 * 1:2278 <-> DISABLED <-> SERVER-WEBAPP client negative Content-Length attempt (server-webapp.rules)
 * 1:22917 <-> DISABLED <-> INDICATOR-COMPROMISE c99shell.php command request - cmd (indicator-compromise.rules)
 * 1:22918 <-> DISABLED <-> INDICATOR-COMPROMISE c99shell.php command request - search (indicator-compromise.rules)
 * 1:22919 <-> DISABLED <-> INDICATOR-COMPROMISE c99shell.php command request - upload (indicator-compromise.rules)
 * 1:22920 <-> DISABLED <-> INDICATOR-COMPROMISE c99shell.php command request - about (indicator-compromise.rules)
 * 1:22921 <-> DISABLED <-> INDICATOR-COMPROMISE c99shell.php command request - encoder (indicator-compromise.rules)
 * 1:22922 <-> DISABLED <-> INDICATOR-COMPROMISE c99shell.php command request - bind (indicator-compromise.rules)
 * 1:22923 <-> DISABLED <-> INDICATOR-COMPROMISE c99shell.php command request - ps_aux (indicator-compromise.rules)
 * 1:22924 <-> DISABLED <-> INDICATOR-COMPROMISE c99shell.php command request - ftpquickbrute (indicator-compromise.rules)
 * 1:22925 <-> DISABLED <-> INDICATOR-COMPROMISE c99shell.php command request - security (indicator-compromise.rules)
 * 1:22926 <-> DISABLED <-> INDICATOR-COMPROMISE c99shell.php command request - sql (indicator-compromise.rules)
 * 1:22927 <-> DISABLED <-> INDICATOR-COMPROMISE c99shell.php command request - eval (indicator-compromise.rules)
 * 1:22928 <-> DISABLED <-> INDICATOR-COMPROMISE c99shell.php command request - feedback (indicator-compromise.rules)
 * 1:22929 <-> DISABLED <-> INDICATOR-COMPROMISE c99shell.php command request - selfremove (indicator-compromise.rules)
 * 1:22930 <-> DISABLED <-> INDICATOR-COMPROMISE c99shell.php command request - fsbuff (indicator-compromise.rules)
 * 1:22931 <-> DISABLED <-> INDICATOR-COMPROMISE c99shell.php command request - ls (indicator-compromise.rules)
 * 1:22932 <-> DISABLED <-> INDICATOR-COMPROMISE c99shell.php command request - phpinfo (indicator-compromise.rules)
 * 1:22933 <-> DISABLED <-> INDICATOR-COMPROMISE c99shell.php command request - tools (indicator-compromise.rules)
 * 1:22938 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader embedded TTF interger overflow attempt (file-pdf.rules)
 * 1:22940 <-> DISABLED <-> INDICATOR-COMPROMISE Win32.Virut web propagation detection (indicator-compromise.rules)
 * 1:22941 <-> DISABLED <-> FILE-PDF Possible malicious PDF detection - qweqwe= (file-pdf.rules)
 * 1:22942 <-> ENABLED <-> FILE-EXECUTABLE Microsoft Windows Authenticode signature verification bypass attempt (file-executable.rules)
 * 1:22943 <-> ENABLED <-> FILE-IDENTIFY NAB file download request (file-identify.rules)
 * 1:22944 <-> ENABLED <-> FILE-IDENTIFY NAB file attachment detected (file-identify.rules)
 * 1:22945 <-> ENABLED <-> FILE-IDENTIFY NAB file attachment detected (file-identify.rules)
 * 1:22946 <-> ENABLED <-> FILE-IDENTIFY NAB file magic detected (file-identify.rules)
 * 1:22947 <-> ENABLED <-> FILE-OTHER Novell Groupwise Addressbook buffer overflow attempt (file-other.rules)
 * 1:22950 <-> DISABLED <-> SERVER-WEBAPP EXIF header parsing integer overflow attempt big endian (server-webapp.rules)
 * 1:22951 <-> DISABLED <-> SERVER-WEBAPP EXIF header parsing integer overflow attempt little endian (server-webapp.rules)
 * 1:22952 <-> ENABLED <-> SERVER-OTHER Iron Mountain connected backup opcode 13 processing command injection attempt (server-other.rules)
 * 1:22954 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel Malformed SELECTION Record Code Execution attempt (file-office.rules)
 * 1:22979 <-> DISABLED <-> FILE-IDENTIFY M4V file attachment detected (file-identify.rules)
 * 1:22980 <-> DISABLED <-> FILE-IDENTIFY M4V file attachment detected (file-identify.rules)
 * 1:22999 <-> DISABLED <-> FILE-IDENTIFY Microsoft Windows Audio wmf file magic detected (file-identify.rules)
 * 1:23000 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Media Player DVR file attachment detected (file-identify.rules)
 * 1:23001 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Media Player DVR file attachment detected (file-identify.rules)
 * 1:23002 <-> ENABLED <-> FILE-IDENTIFY CSV file attachment detected (file-identify.rules)
 * 1:23003 <-> ENABLED <-> FILE-IDENTIFY CSV file attachment detected (file-identify.rules)
 * 1:23004 <-> ENABLED <-> PROTOCOL-SCADA Siemens SIMATIC WinCC flexible runtime stack buffer overflow attempt (protocol-scada.rules)
 * 1:23005 <-> ENABLED <-> PROTOCOL-SCADA Siemens SIMATIC WinCC flexible runtime stack buffer overflow attempt (protocol-scada.rules)
 * 1:23006 <-> ENABLED <-> PROTOCOL-SCADA Siemens SIMATIC WinCC flexible runtime stack buffer overflow attempt (protocol-scada.rules)
 * 1:23007 <-> ENABLED <-> PROTOCOL-SCADA Siemens SIMATIC WinCC flexible runtime stack buffer overflow attempt (protocol-scada.rules)
 * 1:23008 <-> ENABLED <-> FILE-JAVA Oracle Java Rhino script engine remote code execution attempt (file-java.rules)
 * 1:23010 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel FNGROUPNAME record memory corruption attempt (file-office.rules)
 * 1:23014 <-> DISABLED <-> FILE-OTHER Adobe Photoshop asset elements stack based buffer overflow attempt (file-other.rules)
 * 1:23015 <-> DISABLED <-> BROWSER-CHROME Google Chrome and Apple Safari runin handling use after free attempt (browser-chrome.rules)
 * 1:23016 <-> DISABLED <-> INDICATOR-COMPROMISE base64-encoded c99shell download (indicator-compromise.rules)
 * 1:23018 <-> DISABLED <-> INDICATOR-OBFUSCATION eval of base64-encoded data (indicator-obfuscation.rules)
 * 1:23043 <-> DISABLED <-> FILE-PDF Unknown malicious PDF - CreationDate (file-pdf.rules)
 * 1:23044 <-> DISABLED <-> FILE-PDF Unknown malicious PDF - CreationDate (file-pdf.rules)
 * 1:23045 <-> DISABLED <-> FILE-PDF Unknown malicious PDF - Title (file-pdf.rules)
 * 1:23046 <-> DISABLED <-> SERVER-WEBAPP Oracle GlassFish Enterprise server cross site scripting attempt (server-webapp.rules)
 * 1:23047 <-> DISABLED <-> SERVER-WEBAPP Oracle GlassFish Enterprise server cross site scripting attempt (server-webapp.rules)
 * 1:23048 <-> ENABLED <-> BROWSER-PLUGINS McAfee Virtual Technician Security Bypass ActiveX clsid attempt (browser-plugins.rules)
 * 1:23049 <-> ENABLED <-> BROWSER-PLUGINS McAfee Virtual Technician Security Bypass ActiveX function call attempt (browser-plugins.rules)
 * 1:23050 <-> ENABLED <-> BROWSER-PLUGINS McAfee Virtual Technician Security Bypass ActiveX function call attempt (browser-plugins.rules)
 * 1:23056 <-> ENABLED <-> SERVER-OTHER SAP NetWeaver Dispatcher buffer overflow attempt (server-other.rules)
 * 1:23059 <-> ENABLED <-> FILE-OFFICE Microsoft Office Visio TAG_xxxSect code execution attempt (file-office.rules)
 * 1:23060 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer style.position use-after-free memory corruption attempt (browser-ie.rules)
 * 1:23085 <-> DISABLED <-> INDICATOR-OBFUSCATION Obfuscated javascript string - join (indicator-obfuscation.rules)
 * 1:23086 <-> DISABLED <-> INDICATOR-OBFUSCATION Obfuscated javascript string - push (indicator-obfuscation.rules)
 * 1:23087 <-> DISABLED <-> INDICATOR-OBFUSCATION Obfuscated javascript string - xval (indicator-obfuscation.rules)
 * 1:23088 <-> DISABLED <-> INDICATOR-OBFUSCATION Obfuscated javascript string - qweqwe (indicator-obfuscation.rules)
 * 1:23089 <-> DISABLED <-> INDICATOR-OBFUSCATION Obfuscated javascript strings - obfuscation pattern (indicator-obfuscation.rules)
 * 1:23090 <-> DISABLED <-> SERVER-OTHER known malicious SSL certificate derived from Microsoft CA detected (server-other.rules)
 * 1:23091 <-> DISABLED <-> FILE-OFFICE EMF corruption attempt (file-office.rules)
 * 1:23092 <-> DISABLED <-> FILE-OFFICE EMF corruption attempt (file-office.rules)
 * 1:23093 <-> DISABLED <-> FILE-OFFICE EMF corruption attempt (file-office.rules)
 * 1:23094 <-> DISABLED <-> FILE-OFFICE EMF corruption attempt (file-office.rules)
 * 1:23095 <-> DISABLED <-> FILE-OFFICE EMF corruption attempt (file-office.rules)
 * 1:23096 <-> DISABLED <-> SERVER-OTHER VERITAS NetBackup java authentication service format string exploit attempt (server-other.rules)
 * 1:23097 <-> DISABLED <-> SERVER-OTHER IBM solidDB SELECT statement denial of service attempt (server-other.rules)
 * 1:23098 <-> ENABLED <-> FILE-MULTIMEDIA Adobe Flash Player MP4 sequence parameter set parsing overflow attempt (file-multimedia.rules)
 * 1:23099 <-> ENABLED <-> SERVER-OTHER SAP NetWeaver Dispatcher denial of service attempt (server-other.rules)
 * 1:23100 <-> DISABLED <-> FILE-OTHER Cisco WebEx recording integer overflow attempt (file-other.rules)
 * 1:23101 <-> DISABLED <-> FILE-OTHER Cisco WebEx recording integer overflow attempt (file-other.rules)
 * 1:23102 <-> ENABLED <-> POLICY-OTHER Seagate BlackArmor administrator password reset attempt (policy-other.rules)
 * 1:23105 <-> DISABLED <-> FILE-OFFICE EMF corruption attempt (file-office.rules)
 * 1:23107 <-> DISABLED <-> INDICATOR-COMPROMISE BeEF javascript hook.js download attempt (indicator-compromise.rules)
 * 1:23111 <-> ENABLED <-> POLICY-OTHER PHP uri tag injection attempt (policy-other.rules)
 * 1:23112 <-> DISABLED <-> SERVER-OTHER SAP NetWeaver Dispatcher denial of service attempt (server-other.rules)
 * 1:23113 <-> DISABLED <-> INDICATOR-OBFUSCATION eval gzinflate base64_decode call - likely malicious (indicator-obfuscation.rules)
 * 1:23114 <-> DISABLED <-> INDICATOR-OBFUSCATION GIF header with PHP tags - likely malicious (indicator-obfuscation.rules)
 * 1:23115 <-> DISABLED <-> SERVER-MYSQL MySQL/MariaDB client authentication bypass attempt (server-mysql.rules)
 * 1:23118 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer console object use after free attempt (browser-ie.rules)
 * 1:23121 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer center element dynamic manipulation attempt (browser-ie.rules)
 * 1:23122 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer use after free attempt (browser-ie.rules)
 * 1:23123 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer getBoundingClientRect incorrect rebalancing attempt (browser-ie.rules)
 * 1:23125 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer DOM manipulation memory corruption attempt (browser-ie.rules)
 * 1:23126 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer insertAdjacentText memory corruption attempt (browser-ie.rules)
 * 1:23127 <-> ENABLED <-> FILE-EXECUTABLE Microsoft Windows .NET xbap STGMEDIUM.unionmember arbitrary number overwrite attempt (file-executable.rules)
 * 1:23128 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 9 memory disclosure attempt (browser-ie.rules)
 * 1:23129 <-> ENABLED <-> FILE-FLASH Adobe Flash Player SecureSocket use without Connect attempt (file-flash.rules)
 * 1:23130 <-> ENABLED <-> FILE-FLASH Adobe Flash Player X509 direct instantiation property access attempt (file-flash.rules)
 * 1:23131 <-> ENABLED <-> FILE-FLASH Adobe Flash Player X500 DistinguishedName property access attempt (file-flash.rules)
 * 1:23132 <-> ENABLED <-> FILE-FLASH Adobe Flash Player DefineSound tag long recordheader length field attempt (file-flash.rules)
 * 1:23133 <-> ENABLED <-> FILE-FLASH Adobe Flash Player flash.display.BitmapData constuctor overflow attempt (file-flash.rules)
 * 1:23134 <-> ENABLED <-> FILE-FLASH Adobe Flash Player broker destructor DoS attempt (file-flash.rules)
 * 1:23135 <-> ENABLED <-> FILE-FLASH Adobe Flash Player flash.DisplayObject memory corruption attempt (file-flash.rules)
 * 1:23138 <-> DISABLED <-> SERVER-OTHER Apple CUPS IPP memory corruption attempt (server-other.rules)
 * 1:23139 <-> DISABLED <-> SERVER-OTHER Apple CUPS IPP memory corruption attempt (server-other.rules)
 * 1:23140 <-> DISABLED <-> FILE-PDF Unknown Malicious PDF - CreationDate (file-pdf.rules)
 * 1:23150 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel malformed graphic record code execution attempt (file-office.rules)
 * 1:23151 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel zero-width worksheet code execution attempt (file-office.rules)
 * 1:23152 <-> DISABLED <-> FILE-OTHER OpenType Font file integer overflow attempt (file-other.rules)
 * 1:23153 <-> DISABLED <-> FILE-OTHER OpenType Font file integer overflow attempt (file-other.rules)
 * 1:23154 <-> DISABLED <-> FILE-OTHER OpenType Font file integer overflow attempt (file-other.rules)
 * 1:23155 <-> DISABLED <-> FILE-OTHER OpenType Font file integer overflow attempt (file-other.rules)
 * 1:23156 <-> DISABLED <-> EXPLOIT-KIT Nuclear Pack exploit kit landing page (exploit-kit.rules)
 * 1:23160 <-> DISABLED <-> INDICATOR-OBFUSCATION Javascript obfuscation - fromCharCode (indicator-obfuscation.rules)
 * 1:23161 <-> DISABLED <-> INDICATOR-OBFUSCATION Javascript obfuscation - eval (indicator-obfuscation.rules)
 * 1:23162 <-> ENABLED <-> OS-WINDOWS Microsoft Lync Online ncrypt.dll dll-load exploit attempt (os-windows.rules)
 * 1:23163 <-> ENABLED <-> OS-WINDOWS Microsoft Lync Online wlanapi.dll dll-load exploit attempt (os-windows.rules)
 * 1:23164 <-> ENABLED <-> SERVER-OTHER Microsoft Lync Online ncrypt.dll dll-load exploit attempt (server-other.rules)
 * 1:23165 <-> ENABLED <-> SERVER-OTHER Microsoft Lync Online wlanapi.dll dll-load exploit attempt (server-other.rules)
 * 1:23170 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime MPEG stream padding buffer overflow attempt (file-multimedia.rules)
 * 1:23171 <-> DISABLED <-> INDICATOR-COMPROMISE Wordpress Request for html file in fgallery directory (indicator-compromise.rules)
 * 1:23172 <-> DISABLED <-> SERVER-WEBAPP Microsoft ASP.NET improper comment handling XSS attempt (server-webapp.rules)
 * 1:23173 <-> DISABLED <-> OS-MOBILE Android Zitmo trojan command and control channel traffic (os-mobile.rules)
 * 1:23174 <-> ENABLED <-> BROWSER-PLUGINS IBM Lotus Quickr ActiveX stack buffer overflow attempt (browser-plugins.rules)
 * 1:23175 <-> ENABLED <-> BROWSER-PLUGINS IBM Lotus Quickr ActiveX stack buffer overflow attempt (browser-plugins.rules)
 * 1:23177 <-> DISABLED <-> SERVER-WEBAPP Symantec Web Gateway timer.php cross site scripting attempt (server-webapp.rules)
 * 1:23181 <-> ENABLED <-> FILE-EXECUTABLE Microsoft Windows .NET Framework xbap DataObject object pointer attempt (file-executable.rules)
 * 1:23186 <-> DISABLED <-> BROWSER-PLUGINS Dell CrazyTalk.DLL ActiveX clsid access (browser-plugins.rules)
 * 1:23188 <-> DISABLED <-> FILE-IDENTIFY Windows Media Metafile file attachment detected (file-identify.rules)
 * 1:23189 <-> DISABLED <-> FILE-IDENTIFY Windows Media Metafile file attachment detected (file-identify.rules)
 * 1:23209 <-> DISABLED <-> PROTOCOL-VOIP Digium Asterisk Manager command shell execution attempt (protocol-voip.rules)
 * 1:23210 <-> DISABLED <-> PROTOCOL-VOIP Digium Asterisk Manager command shell execution attempt (protocol-voip.rules)
 * 1:23211 <-> DISABLED <-> FILE-OFFICE Microsoft Office Outlook arbitrary command line attempt (file-office.rules)
 * 1:23212 <-> ENABLED <-> BROWSER-FIREFOX Mozilla Firefox IDB use-after-free attempt (browser-firefox.rules)
 * 1:23217 <-> DISABLED <-> INDICATOR-SHELLCODE x86 OS agnostic avoid_utf8_tolower javascript encoder (indicator-shellcode.rules)
 * 1:23226 <-> DISABLED <-> INDICATOR-OBFUSCATION JavaScript error suppression routine (indicator-obfuscation.rules)
 * 1:23227 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel rtMergeCells heap overflow attempt (file-office.rules)
 * 1:23228 <-> DISABLED <-> BROWSER-PLUGINS Oracle Webcenter ActiveX clsid access (browser-plugins.rules)
 * 1:23229 <-> DISABLED <-> BROWSER-PLUGINS Oracle Webcenter ActiveX function call access (browser-plugins.rules)
 * 1:23236 <-> DISABLED <-> INDICATOR-SHELLCODE x86 OS agnostic alpha numeric upper case javascript decoder (indicator-shellcode.rules)
 * 1:23238 <-> ENABLED <-> NETBIOS Wireshark console.lua file load exploit attempt (netbios.rules)
 * 1:23239 <-> ENABLED <-> SERVER-OTHER Wireshark console.lua file load exploit attempt (server-other.rules)
 * 1:23240 <-> ENABLED <-> SERVER-SAMBA Samba malicious user defined array size and buffer attempt (server-samba.rules)
 * 1:23241 <-> ENABLED <-> SERVER-OTHER HP DPNECentral RequestCopy type SQL injection attempt (server-other.rules)
 * 1:23243 <-> DISABLED <-> FILE-JAVA Oracle Java Zip file directory record overflow attempt (file-java.rules)
 * 1:23246 <-> DISABLED <-> PUA-ADWARE Wajam Monitizer url outbound connection - post install (pua-adware.rules)
 * 1:23247 <-> DISABLED <-> PUA-ADWARE Wajam Monitizer outbound connection - post install (pua-adware.rules)
 * 1:23253 <-> DISABLED <-> BROWSER-PLUGINS HP Easy Printer Care XMLSimpleAccessor ActiveX function call access attempt (browser-plugins.rules)
 * 1:23260 <-> DISABLED <-> SERVER-WEBAPP SAP NetWeaver cross site scripting attempt (server-webapp.rules)
 * 1:23263 <-> DISABLED <-> FILE-PDF Adobe flash player newfunction memory corruption attempt (file-pdf.rules)
 * 1:23264 <-> DISABLED <-> FILE-FLASH Adobe Flash Player newfunction memory corruption attempt (file-flash.rules)
 * 1:23265 <-> DISABLED <-> FILE-FLASH Adobe Flash Player newfunction memory corruption attempt (file-flash.rules)
 * 1:23266 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word crafted sprm structure memory corruption attempt (file-office.rules)
 * 1:23267 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word crafted sprm structure memory corruption attempt (file-office.rules)
 * 1:23268 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word crafted sprm structure memory corruption attempt (file-office.rules)
 * 1:23269 <-> ENABLED <-> FILE-OTHER Cisco WebEx recording integer overflow attempt (file-other.rules)
 * 1:23271 <-> ENABLED <-> FILE-MULTIMEDIA Apple iTunes Extended M3U playlist record overflow attempt (file-multimedia.rules)
 * 1:23272 <-> ENABLED <-> FILE-MULTIMEDIA Apple iTunes Extended M3U playlist record overflow attempt (file-multimedia.rules)
 * 1:23273 <-> ENABLED <-> FILE-JAVA Oracle Java field bytecode verifier cache code execution attempt (file-java.rules)
 * 1:23274 <-> ENABLED <-> FILE-JAVA Oracle Java field bytecode verifier cache code execution attempt (file-java.rules)
 * 1:23275 <-> ENABLED <-> FILE-JAVA Oracle Java field bytecode verifier cache code execution attempt (file-java.rules)
 * 1:23276 <-> ENABLED <-> FILE-JAVA Oracle Java field bytecode verifier cache code execution attempt (file-java.rules)
 * 1:23277 <-> ENABLED <-> FILE-JAVA Oracle Java field bytecode verifier cache code execution attempt (file-java.rules)
 * 1:23278 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer nested list memory corruption attempt (browser-ie.rules)
 * 1:23279 <-> DISABLED <-> SERVER-WEBAPP Microsoft Office SharePoint name field cross site scripting attempt (server-webapp.rules)
 * 1:23280 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer corrupted HROW instance write access violation attempt (browser-ie.rules)
 * 1:23281 <-> DISABLED <-> SERVER-WEBAPP Microsoft Office SharePoint scriptresx.ashx XSS attempt (server-webapp.rules)
 * 1:23282 <-> DISABLED <-> SERVER-WEBAPP Microsoft Office SharePoint query.iqy XSS attempt (server-webapp.rules)
 * 1:23283 <-> DISABLED <-> BROWSER-PLUGINS Oracle WebCenter Forms Recognition ActiveX clsid attempt (browser-plugins.rules)
 * 1:23284 <-> DISABLED <-> BROWSER-PLUGINS Oracle WebCenter Forms Recognition ActiveX function call attempt (browser-plugins.rules)
 * 1:23285 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer OnReadyStateChange use after free attempt (browser-ie.rules)
 * 1:23309 <-> DISABLED <-> FILE-EXECUTABLE Portable Executable multiple antivirus evasion attempt (file-executable.rules)
 * 1:23310 <-> DISABLED <-> FILE-EXECUTABLE Portable Executable multiple antivirus evasion attempt (file-executable.rules)
 * 1:23311 <-> DISABLED <-> FILE-EXECUTABLE Portable Executable multiple antivirus evasion attempt (file-executable.rules)
 * 1:23312 <-> DISABLED <-> FILE-EXECUTABLE Portable Executable multiple antivirus evasion attempt (file-executable.rules)
 * 1:23313 <-> DISABLED <-> FILE-EXECUTABLE Portable Executable multiple antivirus evasion attempt (file-executable.rules)
 * 1:23314 <-> ENABLED <-> OS-WINDOWS SMB invalid character argument injection attempt (os-windows.rules)
 * 1:23318 <-> DISABLED <-> FILE-OTHER ELF multiple antivirus evasion attempts (file-other.rules)
 * 1:23322 <-> DISABLED <-> FILE-IDENTIFY TAR file download request (file-identify.rules)
 * 1:23323 <-> DISABLED <-> FILE-OTHER TAR multiple antivirus evasion attempt (file-other.rules)
 * 1:23324 <-> DISABLED <-> FILE-OTHER TAR multiple antivirus evasion attempt (file-other.rules)
 * 1:23325 <-> DISABLED <-> FILE-OTHER TAR multiple antivirus evasion attempt (file-other.rules)
 * 1:23326 <-> DISABLED <-> FILE-OTHER TAR multiple antivirus evasion attempt (file-other.rules)
 * 1:23328 <-> DISABLED <-> FILE-OTHER TAR multiple antivirus evasion attempt (file-other.rules)
 * 1:23329 <-> DISABLED <-> FILE-OTHER TAR multiple antivirus evasion attempt (file-other.rules)
 * 1:23330 <-> ENABLED <-> PROTOCOL-SCADA ScadaTec Procyon Core server password overflow attempt (protocol-scada.rules)
 * 1:23351 <-> DISABLED <-> FILE-OTHER TAR multiple antivirus evasion attempt (file-other.rules)
 * 1:23352 <-> ENABLED <-> BROWSER-PLUGINS Cisco Linksys PlayerPT ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23353 <-> ENABLED <-> BROWSER-PLUGINS Cisco Linksys PlayerPT ActiveX function call access attempt (browser-plugins.rules)
 * 1:23354 <-> DISABLED <-> SERVER-WEBAPP Novell iManager buffer overflow attempt (server-webapp.rules)
 * 1:23355 <-> ENABLED <-> SERVER-OTHER Trend Micro Control Manager AddTask stack buffer overflow attempt (server-other.rules)
 * 1:23356 <-> DISABLED <-> FILE-OFFICE Microsoft Office WordPad and Office text converters integer underflow attempt (file-office.rules)
 * 1:23357 <-> DISABLED <-> FILE-OTHER ELF multiple antivirus evasion attempts (file-other.rules)
 * 1:23358 <-> DISABLED <-> FILE-OTHER TAR multiple antivirus evasion attempt (file-other.rules)
 * 1:23369 <-> DISABLED <-> PUA-ADWARE Adware.Phono post infection download attempt (pua-adware.rules)
 * 1:23371 <-> DISABLED <-> FILE-OTHER Adobe Director file file Shockwave 3D overflow attempt (file-other.rules)
 * 1:23372 <-> DISABLED <-> BROWSER-PLUGINS Teechart Professional ActiveX clsid access (browser-plugins.rules)
 * 1:23373 <-> DISABLED <-> BROWSER-PLUGINS Teechart Professional ActiveX clsid access (browser-plugins.rules)
 * 1:23374 <-> DISABLED <-> BROWSER-PLUGINS Teechart Professional ActiveX clsid access (browser-plugins.rules)
 * 1:23375 <-> DISABLED <-> BROWSER-PLUGINS Teechart Professional ActiveX clsid access (browser-plugins.rules)
 * 1:23376 <-> DISABLED <-> BROWSER-PLUGINS Teechart Professional ActiveX clsid access (browser-plugins.rules)
 * 1:2338 <-> DISABLED <-> PROTOCOL-FTP LIST buffer overflow attempt (protocol-ftp.rules)
 * 1:23384 <-> DISABLED <-> SERVER-WEBAPP Novell Groupwise Messenger parameter memory corruption attempt (server-webapp.rules)
 * 1:23385 <-> DISABLED <-> SERVER-WEBAPP Novell Groupwise Messenger parameter memory corruption attempt (server-webapp.rules)
 * 1:23392 <-> DISABLED <-> SERVER-OTHER IBM SolidDB redundant where clause DoS attempt (server-other.rules)
 * 1:23395 <-> ENABLED <-> BROWSER-PLUGINS Quest InTrust Annotation Objects ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23396 <-> ENABLED <-> BROWSER-PLUGINS Quest InTrust Annotation Objects ActiveX function call access attempt (browser-plugins.rules)
 * 1:23400 <-> ENABLED <-> FILE-OTHER Apple Quicktime JPEG2000 length integer underflow attempt (file-other.rules)
 * 1:23401 <-> DISABLED <-> SERVER-WEBAPP Oracle GlassFish server REST interface cross site request forgery attempt (server-webapp.rules)
 * 1:23402 <-> DISABLED <-> SERVER-WEBAPP CVS remote file information disclosure attempt (server-webapp.rules)
 * 1:23403 <-> DISABLED <-> SERVER-WEBAPP Adobe JRun directory traversal attempt (server-webapp.rules)
 * 1:23404 <-> DISABLED <-> SERVER-MAIL Mortal Universe POP Peeper date header overflow attempt (server-mail.rules)
 * 1:23408 <-> DISABLED <-> OS-WINDOWS Microsoft Windows large image resize denial of service attempt (os-windows.rules)
 * 1:23433 <-> DISABLED <-> SERVER-WEBAPP IBM Lotus Domino cross site scripting attempt (server-webapp.rules)
 * 1:23434 <-> DISABLED <-> SERVER-WEBAPP IBM Lotus Domino cross site scripting attempt (server-webapp.rules)
 * 1:23438 <-> DISABLED <-> INDICATOR-COMPROMISE php-shell remote command shell initialization attempt (indicator-compromise.rules)
 * 1:23439 <-> DISABLED <-> INDICATOR-COMPROMISE php-shell remote command shell upload attempt (indicator-compromise.rules)
 * 1:23440 <-> DISABLED <-> INDICATOR-COMPROMISE php-shell remote command shell upload attempt (indicator-compromise.rules)
 * 1:23441 <-> DISABLED <-> INDICATOR-COMPROMISE php-shell remote command shell upload attempt (indicator-compromise.rules)
 * 1:23443 <-> DISABLED <-> INDICATOR-COMPROMISE php-shell failed remote command injection attempt (indicator-compromise.rules)
 * 1:23444 <-> DISABLED <-> SERVER-OTHER Flexera FlexNet License Server buffer overflow attempt (server-other.rules)
 * 1:23445 <-> ENABLED <-> BROWSER-FIREFOX Mozilla Firefox use-after free remote code execution attempt (browser-firefox.rules)
 * 1:23461 <-> ENABLED <-> FILE-OTHER Apple Quicktime TeXML Transform attribute overflow attempt (file-other.rules)
 * 1:23462 <-> ENABLED <-> FILE-OTHER Apple Quicktime TeXML Style attribute overflow attempt (file-other.rules)
 * 1:23463 <-> ENABLED <-> FILE-OTHER Apple Quicktime TeXML sampleData attribute overflow attempt (file-other.rules)
 * 1:23464 <-> ENABLED <-> FILE-OTHER Apple Quicktime TeXML description attribute overflow attempt (file-other.rules)
 * 1:23465 <-> ENABLED <-> FILE-OTHER Apple Quicktime TeXML Style attribute overflow attempt (file-other.rules)
 * 1:23466 <-> DISABLED <-> SERVER-WEBAPP IBM System Storage DS storage manager profiler XSS attempt (server-webapp.rules)
 * 1:23470 <-> DISABLED <-> BROWSER-PLUGINS StoneTrip S3DPlayer ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23471 <-> DISABLED <-> BROWSER-CHROME Google Chrome net-internals uri fragment identifier XSS attempt (browser-chrome.rules)
 * 1:23472 <-> DISABLED <-> PUA-ADWARE FakeAV landing page request (pua-adware.rules)
 * 1:23474 <-> ENABLED <-> FILE-IDENTIFY PLP file download request (file-identify.rules)
 * 1:23475 <-> ENABLED <-> FILE-IDENTIFY PLP file attachment detected (file-identify.rules)
 * 1:23476 <-> ENABLED <-> FILE-IDENTIFY PLP file attachment detected (file-identify.rules)
 * 1:23477 <-> ENABLED <-> FILE-IDENTIFY PLP file magic detected (file-identify.rules)
 * 1:23478 <-> ENABLED <-> FILE-OTHER ACDSee FotoSlate PLP file buffer overflow attempt (file-other.rules)
 * 1:23479 <-> ENABLED <-> FILE-OTHER ACDSee FotoSlate PLP file buffer overflow attempt (file-other.rules)
 * 1:23480 <-> DISABLED <-> SERVER-WEBAPP IBM Lotus Domino webadmin.nsf directory traversal attempt (server-webapp.rules)
 * 1:23485 <-> DISABLED <-> SERVER-WEBAPP Wordpress Invit0r plugin php upload attempt (server-webapp.rules)
 * 1:23490 <-> DISABLED <-> FILE-MULTIMEDIA Oracle Java MixerSequencer RMF MIDI structure handling exploit attempt (file-multimedia.rules)
 * 1:23500 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader spell.customDictionaryOpen exploit attempt (file-pdf.rules)
 * 1:23501 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader javascript getIcon method buffer overflow attempt (file-pdf.rules)
 * 1:23502 <-> DISABLED <-> FILE-PDF Adobe Acrobat JavaScript getIcon method buffer overflow attempt (file-pdf.rules)
 * 1:23503 <-> DISABLED <-> FILE-PDF Adobe Acrobat JavaScript getIcon method buffer overflow attempt (file-pdf.rules)
 * 1:23504 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader getAnnots exploit attempt (file-pdf.rules)
 * 1:23505 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader compressed media.newPlayer memory corruption attempt (file-pdf.rules)
 * 1:23506 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader media.newPlayer memory corruption attempt (file-pdf.rules)
 * 1:23507 <-> DISABLED <-> FILE-PDF Adobe Acrobat font parsing integer overflow attempt (file-pdf.rules)
 * 1:23508 <-> DISABLED <-> FILE-PDF Microsoft Windows kernel-mode drivers core font parsing integer overflow attempt (file-pdf.rules)
 * 1:23510 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader File containing Flash use-after-free attack attempt (file-pdf.rules)
 * 1:23511 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader authplay.dll vulnerability exploit attempt (file-pdf.rules)
 * 1:23512 <-> DISABLED <-> FILE-PDF Adobe flash player newfunction memory corruption attempt (file-pdf.rules)
 * 1:23513 <-> DISABLED <-> FILE-PDF PDF with click-to-launch executable (file-pdf.rules)
 * 1:23514 <-> DISABLED <-> FILE-PDF PDF with click-to-launch executable (file-pdf.rules)
 * 1:23515 <-> DISABLED <-> FILE-PDF PDF with click-to-launch executable (file-pdf.rules)
 * 1:23516 <-> DISABLED <-> FILE-PDF PDF with click-to-launch executable (file-pdf.rules)
 * 1:23517 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader libtiff TIFFFetchShortPair stack buffer overflow attempt (file-pdf.rules)
 * 1:23518 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader libtiff TIFFFetchShortPair stack buffer overflow attempt (file-pdf.rules)
 * 1:23520 <-> DISABLED <-> FILE-PDF Possible unknown malicious PDF (file-pdf.rules)
 * 1:23521 <-> DISABLED <-> FILE-PDF Possible unknown malicious PDF (file-pdf.rules)
 * 1:23522 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malicious TIFF remote code execution attempt (file-pdf.rules)
 * 1:23523 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malformed TIFF remote code execution attempt (file-pdf.rules)
 * 1:23524 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malformed TIFF remote code execution attempt (file-pdf.rules)
 * 1:23525 <-> DISABLED <-> FILE-OFFICE Microsoft Office BMP header biClrUsed integer overflow attempt (file-office.rules)
 * 1:23526 <-> DISABLED <-> FILE-OFFICE Microsoft Office .CGM file cell array heap overflow attempt (file-office.rules)
 * 1:23527 <-> DISABLED <-> FILE-OFFICE Microsoft Office .CGM file cell array heap overflow attempt (file-office.rules)
 * 1:23531 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel invalid Lbl record (file-office.rules)
 * 1:23532 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel invalid Lbl record (file-office.rules)
 * 1:23533 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel invalid Lbl record (file-office.rules)
 * 1:23534 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint paragraph format array inner header overflow attempt (file-office.rules)
 * 1:23535 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint Download of version 4.0 file (file-office.rules)
 * 1:23536 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint CurrentUserAtom remote code execution attempt (file-office.rules)
 * 1:23537 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint HashCode10Atom memory corruption attempt (file-office.rules)
 * 1:23538 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint PP7 Component buffer overflow attempt (file-office.rules)
 * 1:23539 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint Legacy file format picture object code execution attempt (file-office.rules)
 * 1:23540 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word GDI+ Office Art Property Table remote code execution attempt (file-office.rules)
 * 1:23541 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel GDI+ Office Art Property Table remote code execution attempt (file-office.rules)
 * 1:23542 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel integer field in row record improper validation remote code execution attempt (file-office.rules)
 * 1:23543 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel file SxView record exploit attempt (file-office.rules)
 * 1:23544 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel OBJ record stack buffer overflow attempt (file-office.rules)
 * 1:23545 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel OBJ record stack buffer overflow attempt - with macro (file-office.rules)
 * 1:23546 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel OBJ record stack buffer overflow attempt - with linkFmla (file-office.rules)
 * 1:23547 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel OBJ record stack buffer overflow attempt - with macro and linkFmla (file-office.rules)
 * 1:23548 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel RTD buffer overflow attempt (file-office.rules)
 * 1:23549 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel RTD buffer overflow attempt (file-office.rules)
 * 1:23550 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel RealTimeData record stack buffer overflow attempt (file-office.rules)
 * 1:23552 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel SxView record memory pointer corruption attempt (file-office.rules)
 * 1:23554 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel WOpt record memory corruption attempt (file-office.rules)
 * 1:23555 <-> DISABLED <-> FILE-OFFICE Microsoft HtmlDlgHelper ActiveX clsid access (file-office.rules)
 * 1:23557 <-> DISABLED <-> FILE-OFFICE Microsoft Office WordPad and Office text converters integer underflow attempt (file-office.rules)
 * 1:23560 <-> DISABLED <-> FILE-JAVA Oracle Java Zip file directory record overflow attempt (file-java.rules)
 * 1:23561 <-> DISABLED <-> FILE-IMAGE Microsoft Kodak Imaging large offset malformed tiff - big-endian (file-image.rules)
 * 1:23564 <-> DISABLED <-> FILE-OTHER Adobe Illustrator DSC comment overflow attempt (file-other.rules)
 * 1:23566 <-> DISABLED <-> FILE-OTHER Microsoft Windows Embedded Open Type Font malformed name table overflow attempt (file-other.rules)
 * 1:23567 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows AVI Header insufficient data corruption attempt (file-multimedia.rules)
 * 1:23568 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows AVIFile media file processing memory corruption attempt (file-multimedia.rules)
 * 1:23569 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows AVIFile truncated media file processing memory corruption attempt (file-multimedia.rules)
 * 1:23570 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows Media sample duration header RCE attempt (file-multimedia.rules)
 * 1:23571 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows Media Timecode header RCE attempt (file-multimedia.rules)
 * 1:23572 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows Media file name header RCE attempt (file-multimedia.rules)
 * 1:23573 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows Media content type header RCE attempt (file-multimedia.rules)
 * 1:23574 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows Media pixel aspect ratio header RCE attempt (file-multimedia.rules)
 * 1:23575 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows Media encryption sample ID header RCE attempt (file-multimedia.rules)
 * 1:23576 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows Media encryption sample ID header RCE attempt (file-multimedia.rules)
 * 1:23577 <-> ENABLED <-> FILE-OTHER VLC mms hostname buffer overflow attempt (file-other.rules)
 * 1:23578 <-> DISABLED <-> FILE-OTHER Microsoft Windows malformed ASF voice codec memory corruption attempt (file-other.rules)
 * 1:23579 <-> DISABLED <-> FILE-FLASH Adobe Flash use-after-free attack attempt (file-flash.rules)
 * 1:23581 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime MPEG stream padding buffer overflow attempt (file-multimedia.rules)
 * 1:23582 <-> ENABLED <-> FILE-OTHER Apple Quicktime TeXML Transform attribute overflow attempt (file-other.rules)
 * 1:23583 <-> ENABLED <-> FILE-OTHER Apple Quicktime TeXML Style attribute overflow attempt (file-other.rules)
 * 1:23584 <-> ENABLED <-> FILE-OTHER Apple Quicktime TeXML sampleData attribute overflow attempt (file-other.rules)
 * 1:23585 <-> ENABLED <-> FILE-OTHER Apple Quicktime TeXML description attribute overflow attempt (file-other.rules)
 * 1:23586 <-> ENABLED <-> FILE-OTHER Apple Quicktime TeXML Style attribute overflow attempt (file-other.rules)
 * 1:23587 <-> ENABLED <-> FILE-MULTIMEDIA Apple iTunes Extended M3U playlist record overflow attempt (file-multimedia.rules)
 * 1:23588 <-> ENABLED <-> FILE-MULTIMEDIA Apple iTunes Extended M3U playlist record overflow attempt (file-multimedia.rules)
 * 1:23589 <-> DISABLED <-> FILE-IMAGE Microsoft Windows GDI+ TIFF file parsing heap overflow attempt (file-image.rules)
 * 1:23590 <-> DISABLED <-> FILE-IMAGE Microsoft Windows GDI+ TIFF file parsing heap overflow attempt (file-image.rules)
 * 1:23591 <-> DISABLED <-> FILE-FLASH Adobe Flash Player newfunction memory corruption attempt (file-flash.rules)
 * 1:23592 <-> DISABLED <-> FILE-FLASH Adobe Flash Player newfunction memory corruption exploit attempt (file-flash.rules)
 * 1:23601 <-> DISABLED <-> INDICATOR-SCAN Skipfish scan default agent string (indicator-scan.rules)
 * 1:23602 <-> DISABLED <-> INDICATOR-SCAN Skipfish scan Firefox agent string (indicator-scan.rules)
 * 1:23603 <-> DISABLED <-> INDICATOR-SCAN Skipfish scan MSIE agent string (indicator-scan.rules)
 * 1:23604 <-> DISABLED <-> INDICATOR-SCAN Skipfish scan iPhone agent string (indicator-scan.rules)
 * 1:23609 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer getBoundingClientRect incorrect rebalancing attempt (browser-ie.rules)
 * 1:23611 <-> ENABLED <-> FILE-PDF JavaScript contained in an xml template embedded in a pdf attempt (file-pdf.rules)
 * 1:23612 <-> ENABLED <-> FILE-PDF JavaScript contained in an xml template embedded in a pdf attempt (file-pdf.rules)
 * 1:23621 <-> DISABLED <-> INDICATOR-OBFUSCATION known packer routine with secondary obfuscation (indicator-obfuscation.rules)
 * 1:23622 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page request - tkr (exploit-kit.rules)
 * 1:23623 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime VR Track Header Atom heap corruption attempt (file-multimedia.rules)
 * 1:23624 <-> ENABLED <-> SERVER-OTHER Ubisoft Uplay browser plugin backdoor attempt (server-other.rules)
 * 1:23626 <-> DISABLED <-> SERVER-IIS cmd.exe access (server-iis.rules)
 * 1:23632 <-> ENABLED <-> SERVER-OTHER HP Data Protector Express stack buffer overflow attempt (server-other.rules)
 * 1:23636 <-> DISABLED <-> INDICATOR-OBFUSCATION JavaScript built-in function parseInt appears obfuscated - likely packer or encoder (indicator-obfuscation.rules)
 * 1:23648 <-> DISABLED <-> FILE-IDENTIFY MP3 file magic detected (file-identify.rules)
 * 1:23664 <-> DISABLED <-> FILE-IDENTIFY PNG file magic detected (file-identify.rules)
 * 1:23666 <-> DISABLED <-> FILE-IDENTIFY MP3 file magic detected (file-identify.rules)
 * 1:23691 <-> DISABLED <-> FILE-IDENTIFY dmg file magic detected (file-identify.rules)
 * 1:23698 <-> DISABLED <-> FILE-IDENTIFY Microsoft Windows Media ASF file magic detected (file-identify.rules)
 * 1:23703 <-> DISABLED <-> FILE-IDENTIFY Microsoft asf file magic detected (file-identify.rules)
 * 1:23707 <-> DISABLED <-> FILE-IDENTIFY Microsoft Compound File Binary v3 file magic detected (file-identify.rules)
 * 1:23709 <-> DISABLED <-> FILE-IDENTIFY Tiff little endian file magic detected (file-identify.rules)
 * 1:23715 <-> DISABLED <-> FILE-IDENTIFY Microsoft Office Access file magic detected (file-identify.rules)
 * 1:23716 <-> DISABLED <-> FILE-IDENTIFY Microsoft Office Access JSDB file magic detected (file-identify.rules)
 * 1:23717 <-> DISABLED <-> FILE-IDENTIFY Microsoft Office Access TJDB file magic detected (file-identify.rules)
 * 1:23718 <-> DISABLED <-> FILE-IDENTIFY Microsoft Office Access MSISAM file magic detected (file-identify.rules)
 * 1:23722 <-> DISABLED <-> FILE-IDENTIFY Microsoft Windows Address Book file magic detected (file-identify.rules)
 * 1:23731 <-> DISABLED <-> FILE-IDENTIFY CDR file magic detected (file-identify.rules)
 * 1:23732 <-> DISABLED <-> FILE-IDENTIFY Microsoft Media Player .asf file magic detected (file-identify.rules)
 * 1:23733 <-> ENABLED <-> FILE-IDENTIFY webm file magic detected (file-identify.rules)
 * 1:23735 <-> ENABLED <-> FILE-IDENTIFY MIDI file magic detected (file-identify.rules)
 * 1:23737 <-> DISABLED <-> FILE-IDENTIFY SMIL file magic detected (file-identify.rules)
 * 1:2374 <-> DISABLED <-> PROTOCOL-FTP NLST overflow attempt (protocol-ftp.rules)
 * 1:23749 <-> DISABLED <-> FILE-IDENTIFY SAMI file magic detected (file-identify.rules)
 * 1:23757 <-> DISABLED <-> FILE-IDENTIFY Microsoft Windows CHM file magic detected (file-identify.rules)
 * 1:23760 <-> DISABLED <-> FILE-IDENTIFY WAV file magic detected (file-identify.rules)
 * 1:23762 <-> DISABLED <-> FILE-IDENTIFY PFA file magic detected (file-identify.rules)
 * 1:23763 <-> DISABLED <-> FILE-IDENTIFY HPJ file magic detected (file-identify.rules)
 * 1:23766 <-> ENABLED <-> FILE-IDENTIFY EMF file magic detected (file-identify.rules)
 * 1:23772 <-> DISABLED <-> FILE-IDENTIFY Microsoft Visual Studio VAP file magic detected (file-identify.rules)
 * 1:23774 <-> ENABLED <-> FILE-IDENTIFY NAB file magic detected (file-identify.rules)
 * 1:23776 <-> ENABLED <-> FILE-IDENTIFY PLP file magic detected (file-identify.rules)
 * 1:23777 <-> DISABLED <-> FILE-IDENTIFY Armadillo v1.xx - v2.xx file magic detected (file-identify.rules)
 * 1:23781 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page (exploit-kit.rules)
 * 1:23783 <-> ENABLED <-> SERVER-WEBAPP Symantec Web Gateway pbcontrol.php filename parameter command injection attempt (server-webapp.rules)
 * 1:23785 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page with specific structure - Math.floor catch (exploit-kit.rules)
 * 1:23786 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page with specific structure - Math.round catch (exploit-kit.rules)
 * 1:23789 <-> ENABLED <-> BROWSER-FIREFOX Mozilla Multiple Products table frames memory corruption attempt (browser-firefox.rules)
 * 1:23790 <-> ENABLED <-> BROWSER-FIREFOX Mozilla Multiple Products table frames memory corruption attempt (browser-firefox.rules)
 * 1:23805 <-> ENABLED <-> BROWSER-WEBKIT WebKit button column memory corruption attempt (browser-webkit.rules)
 * 1:23806 <-> DISABLED <-> FILE-OTHER Oracle Outside-In JPEG2000 QCD segment processing heap buffer overflow attempt (file-other.rules)
 * 1:23827 <-> DISABLED <-> SERVER-WEBAPP Joomla Remote File Include upload attempt (server-webapp.rules)
 * 1:23828 <-> DISABLED <-> SERVER-WEBAPP Joomla Remote File Include upload attempt (server-webapp.rules)
 * 1:23829 <-> DISABLED <-> INDICATOR-COMPROMISE Loaderz Web Shell (indicator-compromise.rules)
 * 1:23830 <-> DISABLED <-> INDICATOR-COMPROMISE Alsa3ek Web Shell (indicator-compromise.rules)
 * 1:23831 <-> DISABLED <-> INDICATOR-OBFUSCATION non-alphanumeric javascript detected (indicator-obfuscation.rules)
 * 1:23832 <-> DISABLED <-> INDICATOR-OBFUSCATION non-alphanumeric javascript detected (indicator-obfuscation.rules)
 * 1:23834 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer asynchronous code execution attempt (browser-ie.rules)
 * 1:23835 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer asynchronous code execution attempt (browser-ie.rules)
 * 1:23837 <-> ENABLED <-> OS-WINDOWS SMB host announcement format string exploit attempt (os-windows.rules)
 * 1:23838 <-> ENABLED <-> OS-WINDOWS SMB NetServerEnum response host format string exploit attempt (os-windows.rules)
 * 1:23839 <-> ENABLED <-> OS-WINDOWS SMB Microsoft Windows RAP API NetServerEnum2 long server name buffer overflow attempt (os-windows.rules)
 * 1:23840 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer sign extension vulnerability exploitation attempt (browser-ie.rules)
 * 1:23841 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer sign extension vulnerability exploitation attempt (browser-ie.rules)
 * 1:23842 <-> ENABLED <-> FILE-OFFICE Microsoft Office Visio DXF file text overflow attempt (file-office.rules)
 * 1:23843 <-> ENABLED <-> FILE-OFFICE Microsoft Office Visio DXF file text overflow attempt (file-office.rules)
 * 1:23844 <-> ENABLED <-> FILE-OFFICE Microsoft Office MSCOMCTL ActiveX control tabstrip method attempt (file-office.rules)
 * 1:23846 <-> ENABLED <-> OS-WINDOWS Microsoft Windows Terminal server RDP freed memory write attempt (os-windows.rules)
 * 1:23851 <-> DISABLED <-> FILE-PDF Blackhole exploit kit related malicious file detection (file-pdf.rules)
 * 1:23852 <-> DISABLED <-> FILE-PDF Blackhole exploit kit related malicious file detection (file-pdf.rules)
 * 1:23855 <-> DISABLED <-> FILE-FLASH string heapspray flash file - likely attack (file-flash.rules)
 * 1:23856 <-> DISABLED <-> FILE-FLASH string heapspray flash file - likely attack (file-flash.rules)
 * 1:23863 <-> DISABLED <-> PUA-ADWARE LiveSecurityPlatinum.A outbound connection - initial connection (pua-adware.rules)
 * 1:23864 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader invalid font WeightVector attempt (file-pdf.rules)
 * 1:23865 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader invalid font WeightVector attempt (file-pdf.rules)
 * 1:23866 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader invalid inline image attempt (file-pdf.rules)
 * 1:23867 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader invalid inline image attempt (file-pdf.rules)
 * 1:23868 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader invalid inline image attempt (file-pdf.rules)
 * 1:23869 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader invalid inline image attempt (file-pdf.rules)
 * 1:23870 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader invalid inline image attempt (file-pdf.rules)
 * 1:23871 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader invalid inline image attempt (file-pdf.rules)
 * 1:23874 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader postscript font execution malformed subroutine entries attempt (file-pdf.rules)
 * 1:23875 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader postscript font execution malformed subroutine entries attempt (file-pdf.rules)
 * 1:23879 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader Texture Declaration buffer overflow attempt (file-pdf.rules)
 * 1:23880 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader Texture Declaration buffer overflow attempt (file-pdf.rules)
 * 1:23881 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader getAnnotsRichMedia return type confusion attempt (file-pdf.rules)
 * 1:23882 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader getAnnotsRichMedia return type confusion attempt (file-pdf.rules)
 * 1:23883 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader JBIG2 encoding invalid symbol in dictionary segment (file-pdf.rules)
 * 1:23884 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader JBIG2 encoding invalid symbol in dictionary segment (file-pdf.rules)
 * 1:23889 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader getAnnotsRichMedia return type confusion attempt (file-pdf.rules)
 * 1:23890 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader getAnnotsRichMedia return type confusion attempt (file-pdf.rules)
 * 1:23891 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader getAnnotsRichMedia return type confusion attempt (file-pdf.rules)
 * 1:23892 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader getAnnotsRichMedia return type confusion attempt (file-pdf.rules)
 * 1:23894 <-> DISABLED <-> SERVER-WEBAPP truncated crypt function attempt (server-webapp.rules)
 * 1:23895 <-> DISABLED <-> SERVER-WEBAPP PHP truncated crypt function attempt (server-webapp.rules)
 * 1:23896 <-> DISABLED <-> SERVER-WEBAPP PHP truncated crypt function attempt (server-webapp.rules)
 * 1:23898 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader collab.collectEmailInfo exploit attempt (file-pdf.rules)
 * 1:23899 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader Javascript buffer overflow attempt (file-pdf.rules)
 * 1:23900 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader Javascript buffer overflow attempt (file-pdf.rules)
 * 1:23901 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader Javascript buffer overflow attempt (file-pdf.rules)
 * 1:23902 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader Javascript buffer overflow attempt (file-pdf.rules)
 * 1:23934 <-> DISABLED <-> SERVER-WEBAPP Symantec Web Gateway blocked.php blind sql injection attempt (server-webapp.rules)
 * 1:23937 <-> DISABLED <-> SERVER-WEBAPP Invalid global flag attachment attempt (server-webapp.rules)
 * 1:23939 <-> DISABLED <-> SERVER-ORACLE Oracle Business Transaction Management FlashTunnelService directory traversal attempt (server-oracle.rules)
 * 1:23940 <-> DISABLED <-> SERVER-ORACLE Oracle Business Transaction Management FlashTunnelService directory traversal attempt (server-oracle.rules)
 * 1:23943 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows Visual Basic 6.0 malformed AVI buffer overflow attempt (file-multimedia.rules)
 * 1:23950 <-> ENABLED <-> OS-WINDOWS Microsoft Windows DNS NAPTR remote unauthenticated code execution vulnerability attempt (os-windows.rules)
 * 1:23951 <-> ENABLED <-> OS-WINDOWS Microsoft Windows DNS NAPTR remote unauthenticated code execution vulnerability attempt (os-windows.rules)
 * 1:23954 <-> DISABLED <-> OS-MOBILE Android SMSZombie APK file download attempt (os-mobile.rules)
 * 1:23956 <-> ENABLED <-> FILE-OFFICE Microsoft Office Visio DXF file text overflow attempt (file-office.rules)
 * 1:23957 <-> ENABLED <-> FILE-OFFICE Microsoft Office Visio DXF file text overflow attempt (file-office.rules)
 * 1:23958 <-> ENABLED <-> SERVER-WEBAPP HP OpenView Operations Agent buffer overflow attempt (server-webapp.rules)
 * 1:23959 <-> ENABLED <-> SERVER-WEBAPP HP OpenView Operations Agent buffer overflow attempt (server-webapp.rules)
 * 1:23960 <-> ENABLED <-> SERVER-WEBAPP HP OpenView Operations Agent buffer overflow attempt (server-webapp.rules)
 * 1:23961 <-> ENABLED <-> SERVER-WEBAPP HP OpenView Operations Agent buffer overflow attempt (server-webapp.rules)
 * 1:23964 <-> ENABLED <-> PROTOCOL-SCADA BroadWin WebAccess Client format string exploit attempt (protocol-scada.rules)
 * 1:23965 <-> ENABLED <-> PROTOCOL-SCADA BroadWin WebAccess Client arbitrary memory corruption attempt (protocol-scada.rules)
 * 1:23967 <-> ENABLED <-> FILE-FLASH Adobe Flash OpenType font memory corruption attempt - compressed (file-flash.rules)
 * 1:23969 <-> DISABLED <-> OS-MOBILE Android SMSZombie APK file download (os-mobile.rules)
 * 1:23974 <-> DISABLED <-> SERVER-WEBAPP calendar conversion remote integer overflow attempt (server-webapp.rules)
 * 1:23975 <-> DISABLED <-> SERVER-WEBAPP calendar conversion remote integer overflow attempt (server-webapp.rules)
 * 1:23979 <-> ENABLED <-> SERVER-OTHER HP Data Protector Express stack buffer overflow attempt (server-other.rules)
 * 1:23980 <-> ENABLED <-> SERVER-OTHER HP Data Protector Express stack buffer overflow attempt (server-other.rules)
 * 1:23981 <-> ENABLED <-> SERVER-OTHER HP Data Protector Express stack buffer overflow attempt (server-other.rules)
 * 1:23982 <-> ENABLED <-> SERVER-OTHER HP Data Protector Express stack buffer overflow attempt (server-other.rules)
 * 1:23983 <-> ENABLED <-> SERVER-OTHER HP Data Protector Express stack buffer overflow attempt (server-other.rules)
 * 1:23984 <-> DISABLED <-> SERVER-WEBAPP LongTail Video JW Player XSS attempt link param (server-webapp.rules)
 * 1:23985 <-> ENABLED <-> BROWSER-PLUGINS Apple Quicktime plugin SetLanguage buffer overflow attempt (browser-plugins.rules)
 * 1:23986 <-> ENABLED <-> BROWSER-PLUGINS Apple Quicktime plugin SetLanguage buffer overflow attempt (browser-plugins.rules)
 * 1:23988 <-> DISABLED <-> SERVER-WEBAPP ocPortal cms cross site request forgery attempt (server-webapp.rules)
 * 1:23993 <-> DISABLED <-> SERVER-OTHER Dhcpcd packet size buffer overflow attempt (server-other.rules)
 * 1:23994 <-> DISABLED <-> SERVER-WEBAPP zend_strndup null pointer dereference attempt (server-webapp.rules)
 * 1:23995 <-> DISABLED <-> SERVER-WEBAPP libtidy null pointer dereference attempt (server-webapp.rules)
 * 1:23996 <-> ENABLED <-> FILE-FLASH Adobe Flash ActionScript float index array memory corruption attempt (file-flash.rules)
 * 1:23997 <-> ENABLED <-> FILE-FLASH Adobe Flash ActionScript float index array memory corruption attempt (file-flash.rules)
 * 1:23999 <-> ENABLED <-> FILE-OTHER Microsoft Windows Media MIDI file memory corruption attempt (file-other.rules)
 * 1:24000 <-> ENABLED <-> FILE-OTHER Microsoft Windows Media MIDI file memory corruption attempt (file-other.rules)
 * 1:24001 <-> ENABLED <-> FILE-OTHER Microsoft Windows Media MIDI file memory corruption attempt (file-other.rules)
 * 1:24002 <-> ENABLED <-> FILE-OTHER Microsoft Windows Media MIDI file memory corruption attempt (file-other.rules)
 * 1:24003 <-> ENABLED <-> FILE-OTHER Microsoft Windows Media MIDI file memory corruption attempt (file-other.rules)
 * 1:24004 <-> ENABLED <-> FILE-OFFICE Microsoft Office MSCOMCTL ActiveX control tabstrip method access (file-office.rules)
 * 1:24005 <-> ENABLED <-> FILE-OFFICE Microsoft Office MSCOMCTL ActiveX control tabstrip method access (file-office.rules)
 * 1:24006 <-> ENABLED <-> FILE-OFFICE Microsoft Office MSCOMCTL ActiveX control tabstrip method attempt (file-office.rules)
 * 1:24007 <-> ENABLED <-> OS-WINDOWS SMB Microsoft Windows RAP API NetServerEnum2 long server name buffer overflow attempt (os-windows.rules)
 * 1:2401 <-> DISABLED <-> NETBIOS SMB Session Setup andx username overflow attempt (netbios.rules)
 * 1:24020 <-> ENABLED <-> FILE-JAVA Oracle Java privileged protection domain exploitation attempt (file-java.rules)
 * 1:24021 <-> ENABLED <-> FILE-JAVA Oracle Java privileged protection domain exploitation attempt (file-java.rules)
 * 1:24022 <-> ENABLED <-> FILE-JAVA Oracle Java privileged protection domain exploitation attempt (file-java.rules)
 * 1:24023 <-> ENABLED <-> FILE-JAVA Oracle Java privileged protection domain exploitation attempt (file-java.rules)
 * 1:24024 <-> ENABLED <-> FILE-JAVA Oracle Java privileged protection domain exploitation attempt (file-java.rules)
 * 1:24025 <-> ENABLED <-> FILE-JAVA Oracle Java privileged protection domain exploitation attempt (file-java.rules)
 * 1:24026 <-> ENABLED <-> FILE-JAVA Oracle Java privileged protection domain exploitation attempt (file-java.rules)
 * 1:24027 <-> ENABLED <-> FILE-JAVA Oracle Java privileged protection domain exploitation attempt (file-java.rules)
 * 1:24028 <-> ENABLED <-> FILE-JAVA Oracle Java privileged protection domain exploitation attempt (file-java.rules)
 * 1:2403 <-> DISABLED <-> NETBIOS SMB Session Setup unicode username overflow attempt (netbios.rules)
 * 1:24036 <-> ENABLED <-> FILE-JAVA Oracle Java privileged protection domain exploitation attempt (file-java.rules)
 * 1:24037 <-> ENABLED <-> FILE-JAVA Oracle Java privileged protection domain exploitation attempt (file-java.rules)
 * 1:24038 <-> ENABLED <-> FILE-JAVA Oracle Java privileged protection domain exploitation attempt (file-java.rules)
 * 1:24039 <-> ENABLED <-> BROWSER-PLUGINS HP Easy Printer Care Software ActiveX function call access (browser-plugins.rules)
 * 1:24040 <-> ENABLED <-> BROWSER-PLUGINS HP Easy Printer Care Software ActiveX clsid access (browser-plugins.rules)
 * 1:24041 <-> ENABLED <-> BROWSER-PLUGINS HP Easy Printer Care Software ActiveX clsid access (browser-plugins.rules)
 * 1:24042 <-> ENABLED <-> BROWSER-PLUGINS HP Easy Printer Care Software ActiveX clsid access (browser-plugins.rules)
 * 1:24043 <-> ENABLED <-> BROWSER-PLUGINS HP Easy Printer Care Software ActiveX clsid access (browser-plugins.rules)
 * 1:24044 <-> ENABLED <-> BROWSER-PLUGINS HP Easy Printer Care Software ActiveX clsid access (browser-plugins.rules)
 * 1:24053 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page with specific structure (exploit-kit.rules)
 * 1:24055 <-> ENABLED <-> FILE-JAVA Oracle Java privileged protection domain exploitation attempt (file-java.rules)
 * 1:24056 <-> ENABLED <-> FILE-JAVA Oracle Java privileged protection domain exploitation attempt (file-java.rules)
 * 1:24057 <-> ENABLED <-> FILE-JAVA Oracle Java privileged protection domain exploitation attempt (file-java.rules)
 * 1:24058 <-> ENABLED <-> FILE-JAVA Oracle Java privileged protection domain exploitation attempt (file-java.rules)
 * 1:24063 <-> ENABLED <-> FILE-JAVA Oracle Java privileged protection domain exploitation attempt (file-java.rules)
 * 1:24064 <-> ENABLED <-> FILE-JAVA Oracle Java privileged protection domain exploitation attempt (file-java.rules)
 * 1:24065 <-> ENABLED <-> FILE-JAVA Oracle Java privileged protection domain exploitation attempt (file-java.rules)
 * 1:24066 <-> ENABLED <-> FILE-JAVA Oracle Java privileged protection domain exploitation attempt (file-java.rules)
 * 1:24074 <-> DISABLED <-> FILE-IDENTIFY MP3 file download request (file-identify.rules)
 * 1:24075 <-> DISABLED <-> FILE-IDENTIFY MP3 file attachment detected (file-identify.rules)
 * 1:24076 <-> DISABLED <-> FILE-IDENTIFY MP3 file attachment detected (file-identify.rules)
 * 1:24080 <-> DISABLED <-> FILE-IDENTIFY Microsoft Works file attachment detected (file-identify.rules)
 * 1:24081 <-> DISABLED <-> FILE-IDENTIFY Microsoft Works file attachment detected (file-identify.rules)
 * 1:24083 <-> ENABLED <-> FILE-OTHER ESTsoft ALZip MIM file buffer overflow attempt (file-other.rules)
 * 1:24084 <-> ENABLED <-> FILE-JAVA Oracle Java privileged protection domain exploitation attempt (file-java.rules)
 * 1:24085 <-> ENABLED <-> FILE-JAVA Oracle Java privileged protection domain exploitation attempt (file-java.rules)
 * 1:24086 <-> DISABLED <-> PUA-ADWARE Adware.AdultAds outbound connection (pua-adware.rules)
 * 1:24089 <-> ENABLED <-> OS-WINDOWS Microsoft WebDAV PROPFIND request (os-windows.rules)
 * 1:24090 <-> ENABLED <-> OS-WINDOWS Microsoft Windows WebDAV invalid character argument injection attempt (os-windows.rules)
 * 1:24093 <-> DISABLED <-> SERVER-WEBAPP RFC1867 file-upload implementation denial of service attempt (server-webapp.rules)
 * 1:24113 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer 8 ieframe.dll ActiveX clsid access (browser-plugins.rules)
 * 1:24114 <-> DISABLED <-> INDICATOR-SHELLCODE x86 OS agnostic avoid_underscore_tolower encoder (indicator-shellcode.rules)
 * 1:2412 <-> DISABLED <-> INDICATOR-COMPROMISE successful cross site scripting forced download attempt (indicator-compromise.rules)
 * 1:24125 <-> ENABLED <-> FILE-JAVA Oracle Java privileged protection domain exploitation attempt (file-java.rules)
 * 1:24126 <-> ENABLED <-> FILE-JAVA Oracle Java privileged protection domain exploitation attempt (file-java.rules)
 * 1:24128 <-> DISABLED <-> OS-WINDOWS Microsoft SCCM ReportChart xss attempt (os-windows.rules)
 * 1:24129 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel catLabel pointer manipulation attempt (file-office.rules)
 * 1:24130 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel catLabel pointer manipulation attempt (file-office.rules)
 * 1:24131 <-> DISABLED <-> OS-WINDOWS Visual Studio Team Web Access console cross site scripting attempt (os-windows.rules)
 * 1:24132 <-> DISABLED <-> OS-WINDOWS Visual Studio Team Web Access console cross site scripting attempt (os-windows.rules)
 * 1:24133 <-> DISABLED <-> OS-WINDOWS Visual Studio Team Web Access console cross site scripting attempt (os-windows.rules)
 * 1:24134 <-> DISABLED <-> OS-WINDOWS Visual Studio Team Web Access console cross site scripting attempt (os-windows.rules)
 * 1:24135 <-> DISABLED <-> OS-WINDOWS Visual Studio Team Web Access console cross site scripting attempt (os-windows.rules)
 * 1:24136 <-> DISABLED <-> OS-WINDOWS Visual Studio Team Web Access console cross site scripting attempt (os-windows.rules)
 * 1:24137 <-> DISABLED <-> OS-WINDOWS Visual Studio Team Web Access console cross site scripting attempt (os-windows.rules)
 * 1:24138 <-> ENABLED <-> FILE-FLASH Adobe Flash malformed RTMP response attempt (file-flash.rules)
 * 1:24139 <-> ENABLED <-> FILE-FLASH Adobe Flash malformed RTMP response attempt (file-flash.rules)
 * 1:24140 <-> ENABLED <-> FILE-FLASH Adobe Flash malformed RTMP response attempt (file-flash.rules)
 * 1:24147 <-> ENABLED <-> SERVER-WEBAPP HP OpenView Network Node Manager nnmRptConfig.exe multiple parameters buffer overflow attempt (server-webapp.rules)
 * 1:24148 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader malicious charstring stream attempt (file-pdf.rules)
 * 1:24149 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader malicious charstring stream attempt (file-pdf.rules)
 * 1:24150 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader TrueType font corrupt header attempt (file-pdf.rules)
 * 1:24151 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader TrueType font corrupt header attempt (file-pdf.rules)
 * 1:24152 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader embedded TTF bytecode memory corruption attempt (file-pdf.rules)
 * 1:24153 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader embedded TTF bytecode memory corruption attempt (file-pdf.rules)
 * 1:24154 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader free text annotation invalid IT value denial of service attempt (file-pdf.rules)
 * 1:24155 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader free text annotation invalid IT value denial of service attempt (file-pdf.rules)
 * 1:24167 <-> DISABLED <-> INDICATOR-OBFUSCATION document write of unescaped value with remote script (indicator-obfuscation.rules)
 * 1:2417 <-> DISABLED <-> PROTOCOL-FTP format string attempt (protocol-ftp.rules)
 * 1:24176 <-> DISABLED <-> FILE-OTHER eZip Wizard stack overflow attempt (file-other.rules)
 * 1:24177 <-> DISABLED <-> FILE-OTHER eZip Wizard stack overflow attempt (file-other.rules)
 * 1:24178 <-> DISABLED <-> FILE-OTHER eZip Wizard stack overflow attempt (file-other.rules)
 * 1:24179 <-> DISABLED <-> FILE-OTHER eZip Wizard stack overflow attempt (file-other.rules)
 * 1:24180 <-> DISABLED <-> FILE-OTHER eZip Wizard stack overflow attempt (file-other.rules)
 * 1:24181 <-> DISABLED <-> FILE-OTHER eZip Wizard stack overflow attempt (file-other.rules)
 * 1:24186 <-> DISABLED <-> FILE-OFFICE Microsoft Office Visio DXF variable name overflow attempt (file-office.rules)
 * 1:24187 <-> ENABLED <-> BROWSER-FIREFOX Mozilla Array.reduceRight integer overflow (browser-firefox.rules)
 * 1:24188 <-> ENABLED <-> BROWSER-FIREFOX Mozilla Array.reduceRight integer overflow (browser-firefox.rules)
 * 1:24189 <-> DISABLED <-> FILE-IMAGE XPM file format overflow attempt (file-image.rules)
 * 1:2419 <-> DISABLED <-> FILE-IDENTIFY RealNetworks Realplayer .ram playlist file download request (file-identify.rules)
 * 1:24190 <-> DISABLED <-> FILE-IDENTIFY X PixMap file magic detected (file-identify.rules)
 * 1:24196 <-> ENABLED <-> BROWSER-PLUGINS GE Intelligent Platforms Proficy HTML help ActiveX clsid access attempt (browser-plugins.rules)
 * 1:24197 <-> ENABLED <-> BROWSER-PLUGINS GE Intelligent Platforms Proficy HTML help ActiveX function call attempt (browser-plugins.rules)
 * 1:24198 <-> DISABLED <-> SERVER-WEBAPP Microsoft Office SharePoint name field cross site scripting attempt (server-webapp.rules)
 * 1:24199 <-> ENABLED <-> SERVER-MAIL IBM Lotus Notes URI handler command execution attempt (server-mail.rules)
 * 1:2420 <-> DISABLED <-> FILE-IDENTIFY RealNetworks Realplayer .rmp playlist file download request (file-identify.rules)
 * 1:24200 <-> ENABLED <-> SERVER-MAIL IBM Lotus Notes URI handler command execution attempt (server-mail.rules)
 * 1:24201 <-> ENABLED <-> FILE-JAVA Oracle Java field bytecode verifier cache code execution attempt (file-java.rules)
 * 1:24202 <-> ENABLED <-> FILE-JAVA Oracle Java field bytecode verifier cache code execution attempt (file-java.rules)
 * 1:24206 <-> ENABLED <-> FILE-IDENTIFY LZH archive file magic detected (file-identify.rules)
 * 1:24207 <-> ENABLED <-> FILE-OTHER IBM Lotus Notes LZH Attachment Viewer buffer overflow (file-other.rules)
 * 1:24208 <-> ENABLED <-> FILE-OTHER IBM Lotus Notes LZH Attachment Viewer buffer overflow (file-other.rules)
 * 1:24209 <-> ENABLED <-> FILE-OTHER IBM Lotus Notes LZH Attachment Viewer buffer overflow (file-other.rules)
 * 1:24210 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer execCommand use-after-free attempt (browser-ie.rules)
 * 1:24218 <-> DISABLED <-> FILE-IDENTIFY SMIL file magic detected (file-identify.rules)
 * 1:24219 <-> DISABLED <-> FILE-IDENTIFY SMIL file magic detected (file-identify.rules)
 * 1:2422 <-> DISABLED <-> FILE-IDENTIFY RealNetworks Realplayer .rt playlist file download request (file-identify.rules)
 * 1:24220 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime streaming debug error logging buffer overflow attempt (file-multimedia.rules)
 * 1:24221 <-> ENABLED <-> SERVER-OTHER HP Data Protector client EXEC_CMD command execution attempt (server-other.rules)
 * 1:24222 <-> ENABLED <-> SERVER-OTHER HP Data Protector client EXEC_CMD command execution attempt (server-other.rules)
 * 1:24223 <-> ENABLED <-> SERVER-OTHER HP Data Protector client EXEC_CMD command execution attempt (server-other.rules)
 * 1:24229 <-> DISABLED <-> FILE-OTHER RealNetworks Netzip Classic zip archive long filename buffer overflow attempt (file-other.rules)
 * 1:2423 <-> DISABLED <-> FILE-IDENTIFY RealNetworks Realplayer .rp playlist file download request (file-identify.rules)
 * 1:24230 <-> DISABLED <-> FILE-OTHER RealNetworks Netzip Classic zip archive long filename buffer overflow attempt (file-other.rules)
 * 1:24237 <-> DISABLED <-> FILE-EXECUTABLE ClamAV UPX File Handling Heap overflow attempt (file-executable.rules)
 * 1:24238 <-> DISABLED <-> FILE-EXECUTABLE ClamAV UPX File Handling Heap overflow attempt (file-executable.rules)
 * 1:24239 <-> ENABLED <-> SERVER-WEBAPP Novell GroupWise Internet Agent content-length integer overflow attempt (server-webapp.rules)
 * 1:24240 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel drawing layer use after free attempt (file-office.rules)
 * 1:24241 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel drawing layer use after free attempt (file-office.rules)
 * 1:24242 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel drawing layer use after free attempt (file-office.rules)
 * 1:24244 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Matrix3D integer overflow attempt (file-flash.rules)
 * 1:24245 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Matrix3D integer overflow attempt (file-flash.rules)
 * 1:24246 <-> DISABLED <-> BROWSER-PLUGINS AdminStudio and InstallShield ActiveX clsid access attempt (browser-plugins.rules)
 * 1:24247 <-> DISABLED <-> BROWSER-PLUGINS AdminStudio and InstallShield ActiveX clsid access attempt (browser-plugins.rules)
 * 1:24248 <-> DISABLED <-> BROWSER-PLUGINS AdminStudio and InstallShield ActiveX function call access attempt (browser-plugins.rules)
 * 1:24249 <-> DISABLED <-> BROWSER-PLUGINS AdminStudio and InstallShield ActiveX function call access attempt (browser-plugins.rules)
 * 1:24251 <-> DISABLED <-> OS-MOBILE Android/Fakelash.A!tr.spy trojan command and control channel traffic (os-mobile.rules)
 * 1:24253 <-> DISABLED <-> INDICATOR-COMPROMISE IP only webpage redirect attempt (indicator-compromise.rules)
 * 1:24254 <-> DISABLED <-> INDICATOR-COMPROMISE IP only webpage redirect attempt (indicator-compromise.rules)
 * 1:24256 <-> DISABLED <-> SERVER-WEBAPP phpMyAdmin server_sync.php backdoor access attempt (server-webapp.rules)
 * 1:24263 <-> DISABLED <-> FILE-PDF Overly large CreationDate within a pdf - likely malicious (file-pdf.rules)
 * 1:24264 <-> DISABLED <-> FILE-PDF Overly large CreationDate within a pdf - likely malicious (file-pdf.rules)
 * 1:24266 <-> DISABLED <-> FILE-PDF xpdf ObjectStream integer overflow (file-pdf.rules)
 * 1:24272 <-> DISABLED <-> FILE-OTHER Adobe Director file file Shockwave 3D overflow attempt (file-other.rules)
 * 1:24273 <-> DISABLED <-> FILE-OTHER Adobe Director file file Shockwave 3D overflow attempt (file-other.rules)
 * 1:24274 <-> DISABLED <-> SERVER-IIS Microsoft Windows IIS stack exhaustion DoS attempt (server-iis.rules)
 * 1:24275 <-> DISABLED <-> SERVER-IIS Microsoft Windows IIS stack exhaustion DoS attempt (server-iis.rules)
 * 1:24277 <-> DISABLED <-> FILE-OTHER Adobe Shockwave Director rcsL chunk memory corruption attempt (file-other.rules)
 * 1:24278 <-> DISABLED <-> FILE-OTHER Adobe Shockwave Director rcsL chunk memory corruption attempt (file-other.rules)
 * 1:24279 <-> DISABLED <-> FILE-OTHER Adobe Shockwave Director rcsL chunk remote code execution attempt (file-other.rules)
 * 1:24280 <-> DISABLED <-> FILE-OTHER Adobe Shockwave Director rcsL chunk remote code execution attempt (file-other.rules)
 * 1:24281 <-> ENABLED <-> BROWSER-PLUGINS Cisco Secure Desktop CSDWebInstaller ActiveX clsid access (browser-plugins.rules)
 * 1:24282 <-> ENABLED <-> BROWSER-PLUGINS Cisco Secure Desktop CSDWebInstaller ActiveX function call access (browser-plugins.rules)
 * 1:24283 <-> ENABLED <-> FILE-MULTIMEDIA VideoLAN VLC webm memory corruption attempt (file-multimedia.rules)
 * 1:24289 <-> DISABLED <-> SERVER-WEBAPP Fortinet FortiOS appliedTags field cross site scripting attempt (server-webapp.rules)
 * 1:24290 <-> DISABLED <-> SERVER-OTHER Fortinet FortiOS appliedTags field cross site scripting attempt (server-other.rules)
 * 1:24291 <-> ENABLED <-> SERVER-WEBAPP HP SiteScope APISiteScopeImpl information disclosure attempt (server-webapp.rules)
 * 1:24292 <-> ENABLED <-> SERVER-WEBAPP HP SiteScope APISiteScopeImpl information disclosure attempt (server-webapp.rules)
 * 1:24293 <-> DISABLED <-> SERVER-OTHER EMC NetWorker SunRPC buffer overflow attempt (server-other.rules)
 * 1:2430 <-> DISABLED <-> PROTOCOL-NNTP newgroup overflow attempt (protocol-nntp.rules)
 * 1:24306 <-> DISABLED <-> SERVER-APACHE HP Operations Dashboard Apache Tomcat default admin account access attempt (server-apache.rules)
 * 1:2431 <-> DISABLED <-> PROTOCOL-NNTP rmgroup overflow attempt (protocol-nntp.rules)
 * 1:24313 <-> ENABLED <-> SERVER-WEBAPP HP OpenView Operations Agent request attempt (server-webapp.rules)
 * 1:24314 <-> ENABLED <-> SERVER-WEBAPP HP OpenView Operations Agent buffer overflow attempt (server-webapp.rules)
 * 1:24315 <-> ENABLED <-> SERVER-WEBAPP HP OpenView Operations Agent buffer overflow attempt (server-webapp.rules)
 * 1:24316 <-> ENABLED <-> SERVER-WEBAPP HP OpenView Operations Agent buffer overflow attempt (server-webapp.rules)
 * 1:24317 <-> ENABLED <-> SERVER-WEBAPP HP OpenView Operations Agent buffer overflow attempt (server-webapp.rules)
 * 1:24318 <-> ENABLED <-> SERVER-WEBAPP HP OpenView Operations Agent buffer overflow attempt (server-webapp.rules)
 * 1:24319 <-> ENABLED <-> SERVER-WEBAPP HP OpenView Operations Agent buffer overflow attempt (server-webapp.rules)
 * 1:24320 <-> ENABLED <-> SERVER-WEBAPP HP OpenView Operations Agent buffer overflow attempt (server-webapp.rules)
 * 1:24321 <-> DISABLED <-> SERVER-OTHER HP StorageWorks File Migration Agent buffer overflow attempt (server-other.rules)
 * 1:24324 <-> DISABLED <-> SERVER-OTHER EMC AutoStart ftAgent.exe integer overflow attempt (server-other.rules)
 * 1:24325 <-> DISABLED <-> SERVER-OTHER EMC AutoStart ftAgent.exe integer overflow attempt (server-other.rules)
 * 1:24326 <-> DISABLED <-> SERVER-OTHER EMC AutoStart ftAgent.exe integer overflow attempt (server-other.rules)
 * 1:24327 <-> DISABLED <-> SERVER-OTHER EMC AutoStart ftAgent.exe integer overflow attempt (server-other.rules)
 * 1:24328 <-> DISABLED <-> SERVER-OTHER EMC AutoStart ftAgent.exe integer overflow attempt (server-other.rules)
 * 1:24329 <-> DISABLED <-> SERVER-OTHER EMC AutoStart ftAgent.exe integer overflow attempt (server-other.rules)
 * 1:24330 <-> DISABLED <-> SERVER-OTHER EMC AutoStart ftAgent.exe integer overflow attempt (server-other.rules)
 * 1:24331 <-> DISABLED <-> SERVER-OTHER EMC AutoStart ftAgent.exe integer overflow attempt (server-other.rules)
 * 1:24332 <-> DISABLED <-> SERVER-OTHER EMC AutoStart ftAgent.exe integer overflow attempt (server-other.rules)
 * 1:24333 <-> DISABLED <-> SERVER-OTHER EMC AutoStart ftAgent.exe integer overflow attempt (server-other.rules)
 * 1:24334 <-> DISABLED <-> MALWARE-CNC Win.Spy.Agent variant connect to cnc-server (malware-cnc.rules)
 * 1:24336 <-> ENABLED <-> OS-WINDOWS SMB Microsoft Windows RAP API NetServerEnum2 long comment buffer overflow attempt (os-windows.rules)
 * 1:24337 <-> DISABLED <-> SERVER-OTHER Novell Remote Manager off-by-one denial of service attempt (server-other.rules)
 * 1:24338 <-> ENABLED <-> FILE-OTHER Apple Quicktime TeXML Style attribute overflow attempt (file-other.rules)
 * 1:2435 <-> ENABLED <-> FILE-IDENTIFY Microsoft emf file download request (file-identify.rules)
 * 1:24355 <-> DISABLED <-> SERVER-MSSQL Microsoft SQL Server Reporting Services cross site scripting attempt (server-mssql.rules)
 * 1:24356 <-> DISABLED <-> SERVER-MSSQL Microsoft SQL Server Reporting Services cross site scripting attempt (server-mssql.rules)
 * 1:2436 <-> DISABLED <-> FILE-IDENTIFY Microsoft Windows Audio wmf file download request (file-identify.rules)
 * 1:24362 <-> ENABLED <-> FILE-FLASH Adobe Flash null reference JIT compilation attempt (file-flash.rules)
 * 1:24363 <-> ENABLED <-> FILE-FLASH Adobe Flash null reference JIT compilation attempt (file-flash.rules)
 * 1:24364 <-> ENABLED <-> FILE-FLASH Adobe Flash null reference JIT compilation attempt (file-flash.rules)
 * 1:24365 <-> ENABLED <-> FILE-FLASH Adobe Flash null reference JIT compilation attempt (file-flash.rules)
 * 1:24366 <-> ENABLED <-> FILE-FLASH Adobe Flash malformed record stack exhaustion attempt (file-flash.rules)
 * 1:24367 <-> ENABLED <-> FILE-FLASH Adobe Flash malformed record stack exhaustion attempt (file-flash.rules)
 * 1:24370 <-> DISABLED <-> OS-LINUX Linux kernel IA32 out-of-bounds system call attempt (os-linux.rules)
 * 1:24371 <-> DISABLED <-> OS-LINUX Linux kernel IA32 out-of-bounds system call attempt (os-linux.rules)
 * 1:24372 <-> DISABLED <-> SERVER-OTHER Kerberos KDC null pointer dereference denial of service attempt (server-other.rules)
 * 1:24379 <-> DISABLED <-> SERVER-IIS Microsoft Windows IIS FastCGI request header buffer overflow attempt (server-iis.rules)
 * 1:24380 <-> DISABLED <-> SERVER-IIS Microsoft Windows IIS FastCGI request header buffer overflow attempt (server-iis.rules)
 * 1:24386 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Multiple Products xdomain object information disclosure attempt (browser-firefox.rules)
 * 1:24387 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Multiple Products xdomain object information disclosure attempt (browser-firefox.rules)
 * 1:24388 <-> DISABLED <-> INDICATOR-COMPROMISE itsoknoproblembro file upload (indicator-compromise.rules)
 * 1:24389 <-> DISABLED <-> INDICATOR-COMPROMISE itsoknoproblembro status check (indicator-compromise.rules)
 * 1:24390 <-> DISABLED <-> INDICATOR-COMPROMISE itsoknoproblembro start perl (indicator-compromise.rules)
 * 1:24391 <-> DISABLED <-> INDICATOR-COMPROMISE itsoknoproblembro start php (indicator-compromise.rules)
 * 1:24392 <-> DISABLED <-> INDICATOR-COMPROMISE itsoknoproblembro write file (indicator-compromise.rules)
 * 1:24393 <-> DISABLED <-> INDICATOR-COMPROMISE itsoknoproblembro stop attack (indicator-compromise.rules)
 * 1:24394 <-> DISABLED <-> INDICATOR-COMPROMISE itsoknoproblembro start attack (indicator-compromise.rules)
 * 1:24412 <-> ENABLED <-> FILE-FLASH Adobe Flash Player DRM encrypted file detected (file-flash.rules)
 * 1:24413 <-> ENABLED <-> FILE-FLASH Adobe Flash Player DRM encrypted file detected (file-flash.rules)
 * 1:24414 <-> ENABLED <-> FILE-FLASH Adobe Flash Player stsz box heap overflow attempt (file-flash.rules)
 * 1:24415 <-> ENABLED <-> FILE-FLASH Adobe Flash Player stsz box heap overflow attempt (file-flash.rules)
 * 1:24428 <-> ENABLED <-> FILE-FLASH Adobe Flash Player ActionScript virtual machine opcode verifying code execution attempt (file-flash.rules)
 * 1:24429 <-> ENABLED <-> FILE-FLASH Adobe Flash Player ActionScript virtual machine opcode verifying code execution attempt (file-flash.rules)
 * 1:24430 <-> ENABLED <-> FILE-FLASH Adobe Flash Player ActionScript virtual machine opcode verifying code execution attempt (file-flash.rules)
 * 1:24431 <-> ENABLED <-> FILE-FLASH Adobe Flash Player ActionScript virtual machine opcode verifying code execution attempt (file-flash.rules)
 * 1:24432 <-> DISABLED <-> BROWSER-OTHER HTML5 canvas element heap spray attempt (browser-other.rules)
 * 1:24433 <-> DISABLED <-> BROWSER-OTHER HTML5 canvas element heap spray attempt (browser-other.rules)
 * 1:24434 <-> DISABLED <-> INDICATOR-COMPROMISE fx29shell.php connection attempt (indicator-compromise.rules)
 * 1:24435 <-> DISABLED <-> SERVER-WEBAPP Novell ZENworks Asset Management default admin credentials function call attempt (server-webapp.rules)
 * 1:24436 <-> DISABLED <-> SERVER-WEBAPP Novell ZENworks Asset Management default admin credentials function call attempt (server-webapp.rules)
 * 1:24447 <-> DISABLED <-> SERVER-WEBAPP HP SiteScope DownloadFilesHandler directory traversal attempt (server-webapp.rules)
 * 1:24448 <-> DISABLED <-> SERVER-WEBAPP HP SiteScope UploadFilesHandler directory traversal attempt (server-webapp.rules)
 * 1:24453 <-> ENABLED <-> FILE-IDENTIFY Webm file attachment detected (file-identify.rules)
 * 1:24454 <-> ENABLED <-> FILE-IDENTIFY Webm file attachment detected (file-identify.rules)
 * 1:24463 <-> ENABLED <-> FILE-IDENTIFY TIFF file attachment detected (file-identify.rules)
 * 1:24464 <-> ENABLED <-> FILE-IDENTIFY TIFF file attachment detected (file-identify.rules)
 * 1:24465 <-> DISABLED <-> FILE-IDENTIFY Microsoft Windows Audio wmf file magic detected (file-identify.rules)
 * 1:24476 <-> ENABLED <-> PROTOCOL-SCADA DATAC RealWin System buffer overflow attempt (protocol-scada.rules)
 * 1:24477 <-> ENABLED <-> PROTOCOL-SCADA DATAC RealWin System buffer overflow attempt (protocol-scada.rules)
 * 1:24478 <-> ENABLED <-> PROTOCOL-SCADA DATAC RealWin System buffer overflow attempt (protocol-scada.rules)
 * 1:24479 <-> ENABLED <-> PROTOCOL-SCADA DATAC RealWin System buffer overflow attempt (protocol-scada.rules)
 * 1:24480 <-> ENABLED <-> PROTOCOL-SCADA WellinTech Kingview HMI history server buffer overflow attempt (protocol-scada.rules)
 * 1:24481 <-> ENABLED <-> PROTOCOL-SCADA DATAC RealWin System buffer overflow attempt (protocol-scada.rules)
 * 1:24483 <-> DISABLED <-> FILE-IDENTIFY Embedded Open Type Font file magic detected (file-identify.rules)
 * 1:24484 <-> DISABLED <-> FILE-IDENTIFY Embedded Open Type Font file magic detected (file-identify.rules)
 * 1:24485 <-> DISABLED <-> FILE-PDF Microsoft Windows kernel-mode drivers core font parsing integer overflow attempt (file-pdf.rules)
 * 1:24486 <-> DISABLED <-> FILE-PDF Microsoft Windows kernel-mode drivers core font parsing integer overflow attempt (file-pdf.rules)
 * 1:24487 <-> DISABLED <-> FILE-PDF Microsoft Windows kernel-mode drivers core font parsing integer overflow attempt (file-pdf.rules)
 * 1:24488 <-> DISABLED <-> OS-WINDOWS Microsoft Windows CryptoAPI common name spoofing attempt (os-windows.rules)
 * 1:24489 <-> DISABLED <-> OS-WINDOWS Microsoft Windows CryptoAPI common name spoofing attempt (os-windows.rules)
 * 1:24490 <-> DISABLED <-> OS-WINDOWS Microsoft Windows CryptoAPI common name spoofing attempt (os-windows.rules)
 * 1:24498 <-> DISABLED <-> FILE-JAVA Oracle Java JNLP parameter argument injection attempt (file-java.rules)
 * 1:24499 <-> DISABLED <-> FILE-JAVA Oracle Java JNLP parameter argument injection attempt (file-java.rules)
 * 1:2450 <-> DISABLED <-> POLICY-SOCIAL Yahoo IM successful logon (policy-social.rules)
 * 1:24500 <-> DISABLED <-> FILE-OTHER Microsoft LNK shortcut arbitrary dll load attempt (file-other.rules)
 * 1:24502 <-> DISABLED <-> SERVER-WEBAPP TikiWiki tiki-graph_formula.php remote php code execution attempt (server-webapp.rules)
 * 1:24503 <-> ENABLED <-> PROTOCOL-RPC xdrDecodeString caller_name stack overflow attempt (protocol-rpc.rules)
 * 1:24506 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader null pointer dereference attempt (file-pdf.rules)
 * 1:24507 <-> DISABLED <-> FILE-PDF Microsoft Windows kernel-mode drivers core font parsing integer overflow attempt (file-pdf.rules)
 * 1:24508 <-> DISABLED <-> FILE-PDF Microsoft Windows kernel-mode drivers core font parsing integer overflow attempt (file-pdf.rules)
 * 1:2451 <-> DISABLED <-> POLICY-SOCIAL Yahoo IM voicechat (policy-social.rules)
 * 1:24510 <-> ENABLED <-> FILE-JAVA Oracle Java XGetSamplePtrFromSnd memory corruption attempt (file-java.rules)
 * 1:24511 <-> ENABLED <-> FILE-JAVA Oracle Java XGetSamplePtrFromSnd memory corruption attempt (file-java.rules)
 * 1:24517 <-> DISABLED <-> SERVER-WEBAPP F5 Networks FirePass my.activation.php3 state parameter sql injection attempt (server-webapp.rules)
 * 1:24518 <-> ENABLED <-> SERVER-WEBAPP Symantec Web Gateway PHP remote code injection attempt (server-webapp.rules)
 * 1:24519 <-> ENABLED <-> SERVER-WEBAPP Symantec Web Gateway PHP remote code execution attempt (server-webapp.rules)
 * 1:2452 <-> DISABLED <-> POLICY-SOCIAL Yahoo IM ping (policy-social.rules)
 * 1:24520 <-> ENABLED <-> SERVER-WEBAPP Avaya IP Office Customer Call Reporter invalid file upload attempt (server-webapp.rules)
 * 1:24521 <-> DISABLED <-> SERVER-WEBAPP OpenStack Compute directory traversal attempt (server-webapp.rules)
 * 1:24525 <-> DISABLED <-> BROWSER-PLUGINS Samsung Kies arbitrary file execution attempt (browser-plugins.rules)
 * 1:24526 <-> DISABLED <-> BROWSER-PLUGINS Samsung Kies arbitrary file execution attempt (browser-plugins.rules)
 * 1:24527 <-> DISABLED <-> BROWSER-PLUGINS Samsung Kies arbitrary file execution attempt (browser-plugins.rules)
 * 1:24528 <-> DISABLED <-> BROWSER-PLUGINS Samsung Kies arbitrary file execution attempt (browser-plugins.rules)
 * 1:2453 <-> DISABLED <-> POLICY-SOCIAL Yahoo IM conference invitation (policy-social.rules)
 * 1:2454 <-> DISABLED <-> POLICY-SOCIAL Yahoo IM conference logon success (policy-social.rules)
 * 1:2455 <-> DISABLED <-> POLICY-SOCIAL Yahoo IM conference message (policy-social.rules)
 * 1:24551 <-> ENABLED <-> FILE-IMAGE Apple QuickTime PICT Image PnSize Opcode Stack Buffer Overflow attempt (file-image.rules)
 * 1:24552 <-> ENABLED <-> FILE-IMAGE Apple QuickTime PICT Image PnSize Opcode Stack Buffer Overflow attempt (file-image.rules)
 * 1:24553 <-> ENABLED <-> FILE-IMAGE Apple QuickTime PICT Image PnSize Opcode Stack Buffer Overflow attempt (file-image.rules)
 * 1:24554 <-> ENABLED <-> FILE-IDENTIFY Apple QuickTime PICT v2.0 Image header (file-identify.rules)
 * 1:24555 <-> ENABLED <-> FILE-IDENTIFY Apple QuickTime PICT v2.0 Image header (file-identify.rules)
 * 1:24559 <-> DISABLED <-> BROWSER-PLUGINS CYME Power Engineering ShowPropertiesDialog ActiveX clsid access (browser-plugins.rules)
 * 1:2456 <-> DISABLED <-> POLICY-SOCIAL Yahoo Messenger File Transfer Receive Request (policy-social.rules)
 * 1:24560 <-> DISABLED <-> BROWSER-PLUGINS CYME Power Engineering ShowPropertiesDialog ActiveX function call access (browser-plugins.rules)
 * 1:24561 <-> DISABLED <-> SERVER-WEBAPP WordPress XSS fs-admin.php injection attempt (server-webapp.rules)
 * 1:2457 <-> DISABLED <-> POLICY-SOCIAL Yahoo IM message (policy-social.rules)
 * 1:24570 <-> ENABLED <-> BROWSER-FIREFOX Mozilla Firefox IDB use-after-free attempt (browser-firefox.rules)
 * 1:24571 <-> ENABLED <-> BROWSER-FIREFOX Mozilla Firefox IDB use-after-free attempt (browser-firefox.rules)
 * 1:24572 <-> ENABLED <-> BROWSER-FIREFOX Mozilla Firefox IDB use-after-free attempt (browser-firefox.rules)
 * 1:24573 <-> ENABLED <-> BROWSER-FIREFOX Mozilla Firefox IDB use-after-free attempt (browser-firefox.rules)
 * 1:24574 <-> ENABLED <-> BROWSER-FIREFOX Mozilla Firefox IDB use-after-free attempt (browser-firefox.rules)
 * 1:2458 <-> DISABLED <-> POLICY-SOCIAL Yahoo IM successful chat join (policy-social.rules)
 * 1:24580 <-> ENABLED <-> PROTOCOL-SCADA Broadwin WebAccess ActiveX function call access (protocol-scada.rules)
 * 1:24581 <-> ENABLED <-> PROTOCOL-SCADA Broadwin WebAccess ActiveX clsid access (protocol-scada.rules)
 * 1:24582 <-> ENABLED <-> PROTOCOL-SCADA Broadwin WebAccess ActiveX function call access (protocol-scada.rules)
 * 1:24583 <-> ENABLED <-> PROTOCOL-SCADA Broadwin WebAccess ActiveX function call access (protocol-scada.rules)
 * 1:24584 <-> ENABLED <-> PROTOCOL-SCADA Broadwin WebAccess ActiveX clsid access (protocol-scada.rules)
 * 1:24585 <-> ENABLED <-> PROTOCOL-SCADA Broadwin WebAccess ActiveX function call access (protocol-scada.rules)
 * 1:2459 <-> DISABLED <-> POLICY-SOCIAL Yahoo IM conference offer invitation (policy-social.rules)
 * 1:24599 <-> DISABLED <-> FILE-IDENTIFY Alt-N MDaemon IMAP Server (file-identify.rules)
 * 1:2460 <-> DISABLED <-> POLICY-SOCIAL Yahoo IM conference request (policy-social.rules)
 * 1:2461 <-> DISABLED <-> POLICY-SOCIAL Yahoo IM conference watch (policy-social.rules)
 * 1:24625 <-> DISABLED <-> FILE-PDF Sophos Antivirus PDF parsing stack overflow attempt (file-pdf.rules)
 * 1:24626 <-> DISABLED <-> FILE-PDF Sophos Antivirus PDF parsing stack overflow attempt (file-pdf.rules)
 * 1:24628 <-> DISABLED <-> SERVER-WEBAPP Webmin show.cgi arbitrary command injection attempt (server-webapp.rules)
 * 1:24629 <-> DISABLED <-> SERVER-WEBAPP Oracle Fusion Middleware WebCenter selectedLocale parameter sql injection attempt (server-webapp.rules)
 * 1:24639 <-> DISABLED <-> PROTOCOL-RPC portmap CA BrightStor ARCserve tcp procedure 122 invalid function call attempt (protocol-rpc.rules)
 * 1:24640 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime movie buffer overflow attempt (file-multimedia.rules)
 * 1:24641 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime movie buffer overflow attempt (file-multimedia.rules)
 * 1:24642 <-> DISABLED <-> SERVER-WEBAPP RedHat JBoss Enterprise Application Platform JMX code execution attempt (server-webapp.rules)
 * 1:24643 <-> ENABLED <-> BROWSER-PLUGINS Tom Sawyer GET Extension ActiveX function call access (browser-plugins.rules)
 * 1:24644 <-> ENABLED <-> BROWSER-PLUGINS Tom Sawyer GET Extension ActiveX clsid access (browser-plugins.rules)
 * 1:24645 <-> ENABLED <-> BROWSER-PLUGINS Tom Sawyer GET Extension ActiveX clsid access (browser-plugins.rules)
 * 1:24646 <-> ENABLED <-> BROWSER-PLUGINS Tom Sawyer GET exetension ActiveX clsid access (browser-plugins.rules)
 * 1:24647 <-> DISABLED <-> SERVER-WEBAPP D-Link Wireless Router CAPTCHA data processing buffer overflow attempt (server-webapp.rules)
 * 1:24649 <-> ENABLED <-> FILE-OTHER Microsoft Windows TTF parsing counter overflow attempt (file-other.rules)
 * 1:24650 <-> ENABLED <-> FILE-OTHER Microsoft Windows TTF parsing counter overflow attempt (file-other.rules)
 * 1:24651 <-> ENABLED <-> FILE-IDENTIFY Microsoft proxy autoconfig script file download request (file-identify.rules)
 * 1:24652 <-> ENABLED <-> FILE-OTHER Microsoft proxy autoconfig script system namespace import attempt (file-other.rules)
 * 1:24653 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer 9 table th element use after free attempt (browser-ie.rules)
 * 1:24654 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer 9 table th element use after free attempt (browser-ie.rules)
 * 1:24657 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel Publisher record heap buffer overflow attempt (file-office.rules)
 * 1:24658 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel SERIES record code execution attempt (file-office.rules)
 * 1:24659 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel SERIES record code execution attempt (file-office.rules)
 * 1:24660 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer 9 style properties use after free attempt (browser-ie.rules)
 * 1:24661 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer 9 style properties use after free attempt (browser-ie.rules)
 * 1:24662 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer button object use after free memory corruption attempt (browser-ie.rules)
 * 1:24663 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer button object use after free memory corruption attempt (browser-ie.rules)
 * 1:24664 <-> ENABLED <-> FILE-EXECUTABLE Microsoft .NET blacklisted method reflection sandbox bypass attempt (file-executable.rules)
 * 1:24665 <-> ENABLED <-> FILE-EXECUTABLE Microsoft .NET blacklisted method reflection sandbox bypass attempt (file-executable.rules)
 * 1:24672 <-> ENABLED <-> FILE-MULTIMEDIA Adobe Flash Player MP4 sequence parameter set parsing overflow attempt (file-multimedia.rules)
 * 1:24673 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel SST record invalid length memory corruption attempt (file-office.rules)
 * 1:24674 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel SST record invalid length memory corruption attempt (file-office.rules)
 * 1:24675 <-> ENABLED <-> BROWSER-PLUGINS Novell iPrint ActiveX realm parameter overflow attempt (browser-plugins.rules)
 * 1:24676 <-> ENABLED <-> BROWSER-PLUGINS Novell iPrint ActiveX real parameter overflow attempt (browser-plugins.rules)
 * 1:24678 <-> ENABLED <-> FILE-OTHER Cisco WebEx recording format buffer overflow attempt (file-other.rules)
 * 1:24679 <-> ENABLED <-> FILE-OTHER Cisco WebEx recording format buffer overflow attempt (file-other.rules)
 * 1:24680 <-> ENABLED <-> FILE-OTHER Cisco WebEx recording format buffer overflow attempt (file-other.rules)
 * 1:24681 <-> ENABLED <-> FILE-OTHER Cisco WebEx recording format buffer overflow attempt (file-other.rules)
 * 1:24682 <-> ENABLED <-> FILE-OTHER Cisco WebEx recording format buffer overflow attempt (file-other.rules)
 * 1:24683 <-> ENABLED <-> FILE-OTHER Cisco WebEx recording format buffer overflow attempt (file-other.rules)
 * 1:24684 <-> ENABLED <-> FILE-OTHER Cisco WebEx recording format buffer overflow attempt (file-other.rules)
 * 1:24685 <-> ENABLED <-> FILE-OTHER Cisco WebEx recording format buffer overflow attempt (file-other.rules)
 * 1:24686 <-> DISABLED <-> SERVER-OTHER HP StorageWorks file migration agent buffer overflow attempt (server-other.rules)
 * 1:24687 <-> ENABLED <-> FILE-FLASH Adobe Flash Player memory corruption attempt (file-flash.rules)
 * 1:24688 <-> ENABLED <-> FILE-FLASH Adobe Flash Player memory corruption attempt (file-flash.rules)
 * 1:24689 <-> ENABLED <-> BROWSER-PLUGINS Tom Sawyer GET Extension ActiveX function call access (browser-plugins.rules)
 * 1:24690 <-> ENABLED <-> BROWSER-PLUGINS Tom Sawyer GET Extension ActiveX clsid access (browser-plugins.rules)
 * 1:24691 <-> ENABLED <-> BROWSER-PLUGINS Tom Sawyer GET Extension ActiveX clsid access (browser-plugins.rules)
 * 1:24692 <-> ENABLED <-> BROWSER-PLUGINS Tom Sawyer GET exetension ActiveX clsid access (browser-plugins.rules)
 * 1:24693 <-> ENABLED <-> SERVER-WEBAPP HP OpenView CGI parameter buffer overflow attempt (server-webapp.rules)
 * 1:24694 <-> ENABLED <-> FILE-IMAGE Apple QuickTime PICT file opcode corruption attempt (file-image.rules)
 * 1:24695 <-> ENABLED <-> FILE-IMAGE Apple QuickTime PICT file opcode corruption attempt (file-image.rules)
 * 1:24696 <-> ENABLED <-> PROTOCOL-RPC EMC Networker nsrindexd.exe procedure 0x01 buffer overflow attempt (protocol-rpc.rules)
 * 1:24697 <-> DISABLED <-> SERVER-APACHE Apache mod_log_config cookie handling denial of service attempt (server-apache.rules)
 * 1:24699 <-> ENABLED <-> FILE-MULTIMEDIA Apple QuickTime text track descriptors heap buffer overflow attempt (file-multimedia.rules)
 * 1:24700 <-> ENABLED <-> FILE-MULTIMEDIA Apple QuickTime text track descriptors heap buffer overflow attempt (file-multimedia.rules)
 * 1:24701 <-> ENABLED <-> FILE-JAVA Oracle Java Runtime true type font idef opcode heap buffer overflow attempt (file-java.rules)
 * 1:24702 <-> ENABLED <-> FILE-OTHER Adobe Director rcsL chunk parsing denial of service attempt (file-other.rules)
 * 1:24703 <-> ENABLED <-> FILE-OTHER Adobe Director rcsL chunk parsing denial of service attempt (file-other.rules)
 * 1:24704 <-> ENABLED <-> SERVER-WEBAPP CA Total Defense management.asmx sql injection attempt (server-webapp.rules)
 * 1:24705 <-> ENABLED <-> SERVER-WEBAPP CA Total Defense management.asmx sql injection attempt (server-webapp.rules)
 * 1:24711 <-> DISABLED <-> FILE-IMAGE Oracle Outside In JPEG COD parameter buffer overflow attempt (file-image.rules)
 * 1:24712 <-> DISABLED <-> FILE-IMAGE Oracle Outside In JPEG COC parameter buffer overflow attempt (file-image.rules)
 * 1:24713 <-> DISABLED <-> FILE-IMAGE Oracle Outside In JPEG COD parameter buffer overflow attempt (file-image.rules)
 * 1:24714 <-> DISABLED <-> FILE-IMAGE Oracle Outside In JPEG COC parameter buffer overflow attempt (file-image.rules)
 * 1:24715 <-> DISABLED <-> FILE-IMAGE Oracle Outside In JPEG COD parameter buffer overflow attempt (file-image.rules)
 * 1:24716 <-> DISABLED <-> FILE-IMAGE Oracle Outside In JPEG COC parameter buffer overflow attempt (file-image.rules)
 * 1:24717 <-> DISABLED <-> FILE-IMAGE Oracle Outside In JPEG COD parameter buffer overflow attempt (file-image.rules)
 * 1:24718 <-> DISABLED <-> FILE-IMAGE Oracle Outside In JPEG COC parameter buffer overflow attempt (file-image.rules)
 * 1:24720 <-> DISABLED <-> PROTOCOL-VOIP Digium Asterisk SCCP keypad button message denial of service attempt (protocol-voip.rules)
 * 1:24721 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader empty object page tree node reference attempt (file-pdf.rules)
 * 1:24722 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader empty object page tree node reference attempt (file-pdf.rules)
 * 1:24723 <-> ENABLED <-> BROWSER-PLUGINS IBM Rational Rhapsody BBFlashback ActiveX clsid access (browser-plugins.rules)
 * 1:24724 <-> ENABLED <-> BROWSER-PLUGINS IBM Rational Rhapsody BBFlashback ActiveX function call access (browser-plugins.rules)
 * 1:24725 <-> ENABLED <-> BROWSER-PLUGINS IBM Rational Rhapsody BBFlashback ActiveX clsid access (browser-plugins.rules)
 * 1:24726 <-> ENABLED <-> BROWSER-PLUGINS IBM Rational Rhapsody BBFlashback ActiveX function call access (browser-plugins.rules)
 * 1:24728 <-> DISABLED <-> SERVER-WEBAPP Oracle GlassFish cross site scripting attempt (server-webapp.rules)
 * 1:24729 <-> DISABLED <-> SERVER-WEBAPP Oracle GlassFish cross site scripting attempt (server-webapp.rules)
 * 1:24730 <-> DISABLED <-> SERVER-WEBAPP Oracle GlassFish cross site scripting attempt (server-webapp.rules)
 * 1:24731 <-> DISABLED <-> SERVER-WEBAPP Oracle GlassFish cross site scripting attempt (server-webapp.rules)
 * 1:24732 <-> DISABLED <-> SERVER-WEBAPP Oracle GlassFish cross site scripting attempt (server-webapp.rules)
 * 1:24733 <-> DISABLED <-> SERVER-WEBAPP Oracle GlassFish cross site scripting attempt (server-webapp.rules)
 * 1:24734 <-> DISABLED <-> SERVER-WEBAPP Oracle GlassFish cross site scripting attempt (server-webapp.rules)
 * 1:24735 <-> DISABLED <-> SERVER-WEBAPP Oracle GlassFish cross site scripting attempt (server-webapp.rules)
 * 1:24736 <-> DISABLED <-> SERVER-WEBAPP Oracle GlassFish cross site scripting attempt (server-webapp.rules)
 * 1:24737 <-> DISABLED <-> SERVER-WEBAPP Oracle GlassFish cross site scripting attempt (server-webapp.rules)
 * 1:24738 <-> DISABLED <-> SERVER-OTHER EMC AutoStart ftAgent.exe integer overflow attempt (server-other.rules)
 * 1:24740 <-> DISABLED <-> SERVER-WEBAPP Oracle Business Transaction Management flashtunnelservice arbitrary file deletion attempt (server-webapp.rules)
 * 1:24741 <-> DISABLED <-> SERVER-OTHER Citrix Provisioning Services multiple opcode integer overflow attempt (server-other.rules)
 * 1:24742 <-> DISABLED <-> SERVER-OTHER Citrix Provisioning Services multiple opcode integer overflow attempt (server-other.rules)
 * 1:24743 <-> DISABLED <-> SERVER-OTHER Citrix Provisioning Services multiple opcode integer overflow attempt (server-other.rules)
 * 1:24744 <-> DISABLED <-> SERVER-OTHER Citrix Provisioning Services multiple opcode integer overflow attempt (server-other.rules)
 * 1:24745 <-> DISABLED <-> SERVER-OTHER Citrix Provisioning Services multiple opcode integer overflow attempt (server-other.rules)
 * 1:24746 <-> DISABLED <-> SERVER-OTHER Citrix Provisioning Services multiple opcode integer overflow attempt (server-other.rules)
 * 1:24747 <-> DISABLED <-> SERVER-OTHER Citrix Provisioning Services multiple opcode integer overflow attempt (server-other.rules)
 * 1:24748 <-> DISABLED <-> SERVER-OTHER Citrix Provisioning Services multiple opcode integer overflow attempt (server-other.rules)
 * 1:24749 <-> DISABLED <-> SERVER-OTHER Citrix Provisioning Services multiple opcode integer overflow attempt (server-other.rules)
 * 1:24750 <-> DISABLED <-> SERVER-OTHER Citrix Provisioning Services multiple opcode integer overflow attempt (server-other.rules)
 * 1:24751 <-> DISABLED <-> SERVER-OTHER Citrix Provisioning Services multiple opcode integer overflow attempt (server-other.rules)
 * 1:24752 <-> DISABLED <-> SERVER-OTHER Citrix Provisioning Services multiple opcode integer overflow attempt (server-other.rules)
 * 1:24753 <-> DISABLED <-> SERVER-OTHER Citrix Provisioning Services multiple opcode integer overflow attempt (server-other.rules)
 * 1:24754 <-> DISABLED <-> SERVER-OTHER Citrix Provisioning Services multiple opcode integer overflow attempt (server-other.rules)
 * 1:24755 <-> DISABLED <-> SERVER-OTHER Citrix Provisioning Services multiple opcode integer overflow attempt (server-other.rules)
 * 1:24756 <-> DISABLED <-> SERVER-OTHER Citrix Provisioning Services multiple opcode integer overflow attempt (server-other.rules)
 * 1:24757 <-> DISABLED <-> SERVER-OTHER Citrix Provisioning Services multiple opcode integer overflow attempt (server-other.rules)
 * 1:24758 <-> DISABLED <-> SERVER-OTHER Citrix Provisioning Services multiple opcode integer overflow attempt (server-other.rules)
 * 1:24759 <-> DISABLED <-> SERVER-OTHER Citrix Provisioning Services multiple opcode integer overflow attempt (server-other.rules)
 * 1:24760 <-> DISABLED <-> SERVER-OTHER Citrix Provisioning Services multiple opcode integer overflow attempt (server-other.rules)
 * 1:24761 <-> ENABLED <-> FILE-OTHER Adobe Director rcsL chunk parsing denial of service attempt (file-other.rules)
 * 1:24762 <-> ENABLED <-> FILE-OTHER Adobe Director rcsL chunk parsing denial of service attempt (file-other.rules)
 * 1:24763 <-> DISABLED <-> FILE-PDF Sophos Antivirus PDF parsing stack overflow attempt (file-pdf.rules)
 * 1:24764 <-> DISABLED <-> FILE-PDF Sophos Antivirus PDF parsing stack overflow attempt (file-pdf.rules)
 * 1:24766 <-> DISABLED <-> SERVER-WEBAPP Novell File Reporter SRS request arbitrary file download attempt (server-webapp.rules)
 * 1:24768 <-> DISABLED <-> SERVER-OTHER RealPlayer Helix rn5auth credential overflow attempt (server-other.rules)
 * 1:24769 <-> ENABLED <-> FILE-JAVA Oracle Java privileged protection domain exploitation attempt (file-java.rules)
 * 1:24770 <-> ENABLED <-> FILE-JAVA Oracle Java privileged protection domain exploitation attempt (file-java.rules)
 * 1:24771 <-> ENABLED <-> BROWSER-PLUGINS IBM Lotus iNotes buffer overflow ActiveX clsid access (browser-plugins.rules)
 * 1:24772 <-> ENABLED <-> BROWSER-PLUGINS IBM Lotus iNotes buffer overflow ActiveX function call access (browser-plugins.rules)
 * 1:24773 <-> ENABLED <-> BROWSER-PLUGINS IBM Lotus iNotes buffer overflow ActiveX clsid access (browser-plugins.rules)
 * 1:24774 <-> DISABLED <-> BROWSER-PLUGINS ASUS Net4Switch ipswcom.dll ActiveX clsid access (browser-plugins.rules)
 * 1:24775 <-> DISABLED <-> BROWSER-PLUGINS ASUS Net4Switch ipswcom.dll ActiveX function call access (browser-plugins.rules)
 * 1:24776 <-> DISABLED <-> BROWSER-PLUGINS ASUS Net4Switch ipswcom.dll ActiveX clsid access (browser-plugins.rules)
 * 1:24777 <-> DISABLED <-> BROWSER-PLUGINS ASUS Net4Switch ipswcom.dll ActiveX function call access (browser-plugins.rules)
 * 1:24801 <-> DISABLED <-> SERVER-WEBAPP IBM Tivoli Provisioning Manager Express asset.getmimetype sql injection attempt (server-webapp.rules)
 * 1:24802 <-> ENABLED <-> SERVER-OTHER HP Database Archiving Software GIOP parsing buffer overflow attempt (server-other.rules)
 * 1:24804 <-> ENABLED <-> SERVER-WEBAPP Invision IP Board PHP unserialize code execution attempt (server-webapp.rules)
 * 1:24805 <-> DISABLED <-> SERVER-OTHER lighthttpd connection header denial of service attempt (server-other.rules)
 * 1:24806 <-> DISABLED <-> SERVER-WEBAPP Novell GroupWise WebAccess directory traversal attempt - POST request (server-webapp.rules)
 * 1:24807 <-> DISABLED <-> SERVER-WEBAPP Novell GroupWise WebAccess directory traversal attempt - GET request (server-webapp.rules)
 * 1:24808 <-> ENABLED <-> FILE-FLASH Microsoft Internet Explorer premature unload of Flash plugin use after free attempt (file-flash.rules)
 * 1:24809 <-> ENABLED <-> FILE-FLASH Microsoft Internet Explorer premature unload of Flash plugin use after free attempt (file-flash.rules)
 * 1:24810 <-> ENABLED <-> FILE-FLASH Adobe Flash Player AS2 privilege escalation attempt (file-flash.rules)
 * 1:24811 <-> ENABLED <-> FILE-FLASH Adobe Flash Player AS2 privilege escalation attempt (file-flash.rules)
 * 1:24812 <-> ENABLED <-> FILE-FLASH Adobe Flash Player AS2 privilege escalation attempt (file-flash.rules)
 * 1:24813 <-> ENABLED <-> FILE-FLASH Adobe Flash Player AS2 privilege escalation attempt (file-flash.rules)
 * 1:24814 <-> DISABLED <-> PROTOCOL-SNMP Samsung printer default community string (protocol-snmp.rules)
 * 1:24815 <-> DISABLED <-> FILE-OFFICE Microsoft Office Visio VSD file icon memory corruption attempt (file-office.rules)
 * 1:24818 <-> DISABLED <-> FILE-IDENTIFY M4V file magic detected (file-identify.rules)
 * 1:24819 <-> DISABLED <-> FILE-IDENTIFY M4V file magic detected (file-identify.rules)
 * 1:24827 <-> ENABLED <-> SERVER-WEBAPP HP OpenView Operations Agent buffer overflow attempt (server-webapp.rules)
 * 1:24828 <-> ENABLED <-> SERVER-WEBAPP HP OpenView Operations Agent buffer overflow attempt (server-webapp.rules)
 * 1:24829 <-> ENABLED <-> SERVER-WEBAPP HP OpenView Operations Agent buffer overflow attempt (server-webapp.rules)
 * 1:24830 <-> ENABLED <-> SERVER-WEBAPP HP OpenView Operations Agent buffer overflow attempt (server-webapp.rules)
 * 1:24831 <-> ENABLED <-> SERVER-WEBAPP HP OpenView Operations Agent buffer overflow attempt (server-webapp.rules)
 * 1:24832 <-> ENABLED <-> SERVER-WEBAPP HP OpenView Operations Agent buffer overflow attempt (server-webapp.rules)
 * 1:24833 <-> ENABLED <-> SERVER-WEBAPP HP OpenView Operations Agent buffer overflow attempt (server-webapp.rules)
 * 1:24834 <-> ENABLED <-> SERVER-WEBAPP HP OpenView Operations Agent buffer overflow attempt (server-webapp.rules)
 * 1:24835 <-> ENABLED <-> SERVER-WEBAPP HP OpenView Operations Agent buffer overflow attempt (server-webapp.rules)
 * 1:24836 <-> ENABLED <-> SERVER-WEBAPP HP OpenView Operations Agent buffer overflow attempt (server-webapp.rules)
 * 1:24874 <-> ENABLED <-> FILE-FLASH Adobe Flash Player ActionScript virtual machine opcode verifying code execution attempt (file-flash.rules)
 * 1:24875 <-> ENABLED <-> FILE-FLASH Adobe Flash Player ActionScript virtual machine opcode verifying code execution attempt (file-flash.rules)
 * 1:24876 <-> ENABLED <-> FILE-FLASH Adobe Flash Player ActionScript virtual machine opcode verifying code execution attempt (file-flash.rules)
 * 1:24877 <-> ENABLED <-> FILE-FLASH Adobe Flash Player ActionScript virtual machine opcode verifying code execution attempt (file-flash.rules)
 * 1:24879 <-> ENABLED <-> FILE-FLASH Adobe Flash Player invalid JPEG index attempt (file-flash.rules)
 * 1:24882 <-> ENABLED <-> FILE-FLASH Adobe Flash Player invalid JPEG index attempt (file-flash.rules)
 * 1:24889 <-> ENABLED <-> FILE-FLASH Adobe Flash Player Action InitArray stack overflow attempt (file-flash.rules)
 * 1:24890 <-> ENABLED <-> FILE-FLASH Adobe Flash Player Action InitArray stack overflow attempt (file-flash.rules)
 * 1:24892 <-> ENABLED <-> FILE-FLASH Action InitArray stack overflow attempt (file-flash.rules)
 * 1:24893 <-> ENABLED <-> FILE-FLASH Action InitArray stack overflow attempt (file-flash.rules)
 * 1:24894 <-> ENABLED <-> FILE-FLASH Adobe Flash Player Action InitArray stack overflow attempt (file-flash.rules)
 * 1:24895 <-> ENABLED <-> FILE-FLASH Adobe Flash Player ActionScript bytecode symbolclass tag type confusion attempt (file-flash.rules)
 * 1:24896 <-> ENABLED <-> FILE-FLASH Adobe Flash Player ActionScript bytecode symbolclass tag type confusion attempt (file-flash.rules)
 * 1:24897 <-> DISABLED <-> SERVER-MYSQL Oracle MySQL grant file long database name stack overflow attempt (server-mysql.rules)
 * 1:24898 <-> ENABLED <-> SERVER-OTHER ABB Multiple Product RobNetScanHost.exe buffer overflow attempt (server-other.rules)
 * 1:24901 <-> DISABLED <-> FILE-IDENTIFY JNLP file download request (file-identify.rules)
 * 1:24902 <-> DISABLED <-> FILE-IDENTIFY JNLP file attachment detected (file-identify.rules)
 * 1:24903 <-> DISABLED <-> FILE-IDENTIFY JNLP file attachment detected (file-identify.rules)
 * 1:24904 <-> DISABLED <-> FILE-JAVA Oracle Java Web Start JNLP j2se key value buffer overflow attempt (file-java.rules)
 * 1:24905 <-> DISABLED <-> FILE-JAVA Oracle Java Web Start JNLP j2se key value buffer overflow attempt (file-java.rules)
 * 1:24906 <-> DISABLED <-> FILE-JAVA Oracle Java Web Start JNLP j2se key value buffer overflow attempt (file-java.rules)
 * 1:24907 <-> DISABLED <-> SERVER-ORACLE Oracle Secure Backup exec_qr command injection attempt (server-oracle.rules)
 * 1:24908 <-> DISABLED <-> SERVER-MYSQL Oracle MySQL user enumeration attempt (server-mysql.rules)
 * 1:24909 <-> DISABLED <-> SERVER-MYSQL Oracle MySQL select UpdateXML nested xml elements denial of service attempt (server-mysql.rules)
 * 1:24910 <-> DISABLED <-> SERVER-MYSQL Oracle MySQL MDL free corrupted pointer heap overflow attempt (server-mysql.rules)
 * 1:24913 <-> DISABLED <-> SERVER-WEBAPP HP OpenView NNM ovutil.dll getProxiedStorageAddress buffer overflow attempt (server-webapp.rules)
 * 1:24914 <-> DISABLED <-> SERVER-WEBAPP HP OpenView NNM ovutil.dll getProxiedStorageAddress buffer overflow attempt (server-webapp.rules)
 * 1:24915 <-> ENABLED <-> FILE-JAVA Oracle Java Runtime true type font idef opcode heap buffer overflow attempt (file-java.rules)
 * 1:24957 <-> ENABLED <-> BROWSER-PLUGINS Microsoft dpnet.dll DirectPlay ActiveX clsid access (browser-plugins.rules)
 * 1:24958 <-> ENABLED <-> BROWSER-PLUGINS Microsoft dpnet.dll DirectPlay ActiveX clsid access (browser-plugins.rules)
 * 1:24959 <-> ENABLED <-> BROWSER-PLUGINS Microsoft dpnet.dll DirectPlay ActiveX clsid access (browser-plugins.rules)
 * 1:24960 <-> ENABLED <-> BROWSER-PLUGINS Microsoft dpnet.dll DirectPlay ActiveX clsid access (browser-plugins.rules)
 * 1:24961 <-> ENABLED <-> BROWSER-PLUGINS Microsoft dpnet.dll DirectPlay ActiveX clsid access (browser-plugins.rules)
 * 1:24962 <-> ENABLED <-> BROWSER-PLUGINS Microsoft dpnet.dll DirectPlay ActiveX clsid access (browser-plugins.rules)
 * 1:24963 <-> ENABLED <-> BROWSER-PLUGINS Microsoft DirectPlay ActiveX clsid access (browser-plugins.rules)
 * 1:24964 <-> ENABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules)
 * 1:24965 <-> ENABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules)
 * 1:24966 <-> ENABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules)
 * 1:24967 <-> ENABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules)
 * 1:24968 <-> ENABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules)
 * 1:24969 <-> ENABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules)
 * 1:24970 <-> ENABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules)
 * 1:24980 <-> ENABLED <-> FILE-FLASH Adobe Flash Player actionscript bytecode trait type null pointer dereference attempt (file-flash.rules)
 * 1:24981 <-> ENABLED <-> FILE-FLASH Adobe Flash Player actionscript bytecode trait type null pointer dereference attempt (file-flash.rules)
 * 1:24982 <-> ENABLED <-> FILE-FLASH Adobe Flash Player actionscript bytecode trait type null pointer dereference attempt (file-flash.rules)
 * 1:24983 <-> ENABLED <-> FILE-FLASH Adobe Flash Player actionscript bytecode trait type null pointer dereference attempt (file-flash.rules)
 * 1:24984 <-> ENABLED <-> FILE-FLASH Adobe Flash Player loadPCMFromByteArray bad sample count attempt (file-flash.rules)
 * 1:24985 <-> ENABLED <-> FILE-FLASH Adobe Flash Player index overflow attempt (file-flash.rules)
 * 1:24986 <-> ENABLED <-> FILE-FLASH Adobe Flash Player index overflow attempt (file-flash.rules)
 * 1:24989 <-> ENABLED <-> FILE-FLASH Adobe Flash Player specially invalid traits structure attempt (file-flash.rules)
 * 1:24990 <-> ENABLED <-> FILE-FLASH Adobe Flash Player specially invalid traits structure attempt (file-flash.rules)
 * 1:24991 <-> ENABLED <-> FILE-FLASH Adobe Flash Player DoInitAction invalid action overflow attempt (file-flash.rules)
 * 1:24992 <-> ENABLED <-> FILE-FLASH Adobe Flash Player DoInitAction invalid action overflow attempt (file-flash.rules)
 * 1:24993 <-> ENABLED <-> FILE-JAVA Oracle Java Applet remote code execution attempt (file-java.rules)
 * 1:24994 <-> ENABLED <-> BROWSER-FIREFOX Mozilla Firefox onChannelRedirect method attempt (browser-firefox.rules)
 * 1:24995 <-> DISABLED <-> SERVER-OTHER Free Software Foundation GnuTLS record application integer overflow attempt (server-other.rules)
 * 1:24996 <-> DISABLED <-> SERVER-OTHER Free Software Foundation GnuTLS record application integer overflow attempt (server-other.rules)
 * 1:24997 <-> ENABLED <-> FILE-OTHER Cisco WebEx recording format buffer overflow attempt (file-other.rules)
 * 1:24998 <-> ENABLED <-> FILE-OTHER Cisco WebEx recording format buffer overflow attempt (file-other.rules)
 * 1:24999 <-> ENABLED <-> FILE-OTHER Cisco WebEx recording format buffer overflow attempt (file-other.rules)
 * 1:25000 <-> ENABLED <-> FILE-OTHER Cisco WebEx recording format buffer overflow attempt (file-other.rules)
 * 1:25003 <-> ENABLED <-> SERVER-OTHER HP Archive Query Server stack overflow attempt (server-other.rules)
 * 1:25004 <-> ENABLED <-> BROWSER-PLUGINS ClearQuest session stack corruption attempt (browser-plugins.rules)
 * 1:25005 <-> ENABLED <-> BROWSER-PLUGINS ClearQuest session stack corruption attempt (browser-plugins.rules)
 * 1:25008 <-> DISABLED <-> SERVER-WEBAPP PmWiki pagelist injection attempt (server-webapp.rules)
 * 1:25014 <-> ENABLED <-> FILE-IDENTIFY Microsoft proxy autoconfig script file magic detected (file-identify.rules)
 * 1:25017 <-> DISABLED <-> SERVER-WEBAPP httpdx tolog function format string code execution attempt (server-webapp.rules)
 * 1:25027 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Opachki variant connect to cnc-server (malware-cnc.rules)
 * 1:25032 <-> ENABLED <-> FILE-IDENTIFY Microsoft Silverlight application file download request (file-identify.rules)
 * 1:25033 <-> ENABLED <-> FILE-IDENTIFY Microsoft Silverlight application file attachment detected (file-identify.rules)
 * 1:25034 <-> ENABLED <-> FILE-IDENTIFY Microsoft Silverlight application file attachment detected (file-identify.rules)
 * 1:25035 <-> ENABLED <-> BROWSER-PLUGINS Microsoft Silverlight inheritance restriction bypass (browser-plugins.rules)
 * 1:25057 <-> DISABLED <-> PROTOCOL-SCADA Tridium Niagara directory traversal config.bog access attempt (protocol-scada.rules)
 * 1:25059 <-> DISABLED <-> SERVER-OTHER SAP Business One License Manager buffer overflow attempt (server-other.rules)
 * 1:25060 <-> DISABLED <-> INDICATOR-OBFUSCATION ActiveX multiple adjacent object tags (indicator-obfuscation.rules)
 * 1:25065 <-> DISABLED <-> FILE-IMAGE libpng chunk decompression integer overflow attempt (file-image.rules)
 * 1:25066 <-> DISABLED <-> FILE-IMAGE libpng chunk decompression integer overflow attempt (file-image.rules)
 * 1:25075 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Spy variant outbound connection (malware-cnc.rules)
 * 1:25078 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer sign extension vulnerability exploitation attempt (browser-ie.rules)
 * 1:25079 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer sign extension vulnerability exploitation attempt (browser-ie.rules)
 * 1:2508 <-> DISABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP lsass DsRolerUpgradeDownlevelServer overflow attempt (os-windows.rules)
 * 1:25104 <-> DISABLED <-> SERVER-WEBAPP Symantec Messaging Gateway directory traversal attempt (server-webapp.rules)
 * 1:25105 <-> DISABLED <-> SERVER-WEBAPP Symantec Messaging Gateway directory traversal attempt (server-webapp.rules)
 * 1:2511 <-> DISABLED <-> OS-WINDOWS DCERPC NCADG-IP-UDP lsass DsRolerUpgradeDownlevelServer overflow attempt (os-windows.rules)
 * 1:25120 <-> DISABLED <-> SERVER-WEBAPP W3 Total Cache for Wordpress access - likely information disclosure (server-webapp.rules)
 * 1:25121 <-> ENABLED <-> FILE-JAVA Oracle Java field bytecode verifier cache code execution attempt (file-java.rules)
 * 1:25122 <-> ENABLED <-> FILE-JAVA Oracle Java field bytecode verifier cache code execution attempt (file-java.rules)
 * 1:25123 <-> ENABLED <-> FILE-JAVA Oracle Java field bytecode verifier cache code execution attempt (file-java.rules)
 * 1:25225 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer Marquee stylesheet object removal (browser-ie.rules)
 * 1:25226 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer Marquee stylesheet object removal (browser-ie.rules)
 * 1:25227 <-> ENABLED <-> BROWSER-FIREFOX Mozilla Firefox iframe and xul element reload crash attempt (browser-firefox.rules)
 * 1:25228 <-> ENABLED <-> BROWSER-FIREFOX Mozilla Firefox iframe and xul element reload crash attempt (browser-firefox.rules)
 * 1:25232 <-> ENABLED <-> BROWSER-FIREFOX appendChild multiple parent nodes stack corruption attempt (browser-firefox.rules)
 * 1:25233 <-> ENABLED <-> BROWSER-FIREFOX appendChild multiple parent nodes stack corruption attempt (browser-firefox.rules)
 * 1:25236 <-> DISABLED <-> SERVER-WEBAPP WikkaWikki php code injection attempt (server-webapp.rules)
 * 1:25238 <-> DISABLED <-> SERVER-WEBAPP OpenX server file upload PHP code execution attempt (server-webapp.rules)
 * 1:25246 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer html table column span width increase memory corruption attempt (browser-ie.rules)
 * 1:25252 <-> ENABLED <-> FILE-EXECUTABLE Microsoft Windows .NET Framework System.Uri.ReCreateParts System.Uri.PathAndQuery overflow attempt (file-executable.rules)
 * 1:25253 <-> ENABLED <-> FILE-EXECUTABLE Microsoft Windows .NET Framework System.Uri.ReCreateParts System.Uri.PathAndQuery overflow attempt (file-executable.rules)
 * 1:25254 <-> ENABLED <-> BROWSER-PLUGINS Cisco Linksys PlayerPT ActiveX clsid access attempt (browser-plugins.rules)
 * 1:25263 <-> DISABLED <-> SERVER-WEBAPP fraudulent digital certificate for google.com detected (server-webapp.rules)
 * 1:25264 <-> DISABLED <-> SERVER-WEBAPP revoked subsidiary CA certificate for e-islem.kktcmerkezbankasi.org detected (server-webapp.rules)
 * 1:25265 <-> DISABLED <-> SERVER-WEBAPP revoked subsidiary CA certificate for ego.gov.tr detected (server-webapp.rules)
 * 1:25266 <-> DISABLED <-> SERVER-OTHER Adobe ColdFusion Admin API arbitrary command execution attempt (server-other.rules)
 * 1:25267 <-> DISABLED <-> SERVER-OTHER Adobe ColdFusion Admin API arbitrary command execution attempt (server-other.rules)
 * 1:25272 <-> DISABLED <-> SERVER-WEBAPP Microsoft System Center Operations Manger cross site scripting attempt (server-webapp.rules)
 * 1:25273 <-> DISABLED <-> SERVER-WEBAPP Microsoft SCOM Web Console cross-site scripting attempt (server-webapp.rules)
 * 1:25274 <-> DISABLED <-> SERVER-IIS Microsoft Windows Server 2012 IIS OData protocol nested replace filter dos attempt (server-iis.rules)
 * 1:25286 <-> DISABLED <-> SERVER-WEBAPP MoinMoin arbitrary file upload attempt (server-webapp.rules)
 * 1:25287 <-> DISABLED <-> SERVER-OTHER Rails XML parameter parsing vulnerability exploitation attempt (server-other.rules)
 * 1:25288 <-> DISABLED <-> SERVER-OTHER Rails XML parameter parsing vulnerability exploitation attempt (server-other.rules)
 * 1:25297 <-> ENABLED <-> FILE-MULTIMEDIA Mozilla products Ogg Vorbis decoding memory corruption attempt (file-multimedia.rules)
 * 1:25298 <-> ENABLED <-> FILE-MULTIMEDIA Mozilla products Ogg Vorbis decoding memory corruption attempt (file-multimedia.rules)
 * 1:25299 <-> ENABLED <-> BROWSER-PLUGINS IBM VsVIEW ActiveX control directory traversal attempt (browser-plugins.rules)
 * 1:253 <-> DISABLED <-> PROTOCOL-DNS SPOOF query response PTR with TTL of 1 min. and no authority (protocol-dns.rules)
 * 1:25300 <-> ENABLED <-> BROWSER-PLUGINS IBM VsVIEW ActiveX control directory traversal attempt (browser-plugins.rules)
 * 1:25303 <-> ENABLED <-> FILE-OTHER Cisco WebEx WRF memory corruption attempt (file-other.rules)
 * 1:25304 <-> ENABLED <-> FILE-OTHER Cisco WebEx WRF memory corruption attempt (file-other.rules)
 * 1:25305 <-> ENABLED <-> FILE-IDENTIFY Adobe Audition Session file magic detected (file-identify.rules)
 * 1:25306 <-> ENABLED <-> FILE-IDENTIFY Adobe Audition Session file download request (file-identify.rules)
 * 1:25307 <-> ENABLED <-> FILE-IDENTIFY Adobe Audition Session file attachment detected (file-identify.rules)
 * 1:25308 <-> ENABLED <-> FILE-IDENTIFY Adobe Audition Session file attachment detected (file-identify.rules)
 * 1:25309 <-> ENABLED <-> FILE-OTHER Adobe Audition Session file stack buffer overflow attempt (file-other.rules)
 * 1:25310 <-> ENABLED <-> FILE-OTHER Adobe Audition Session file stack buffer overflow attempt (file-other.rules)
 * 1:25311 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint integer underflow heap corruption attempt (file-office.rules)
 * 1:25312 <-> ENABLED <-> SERVER-OTHER Microsoft Forefront Threat Management Gateway remote code execution attempt (server-other.rules)
 * 1:25315 <-> DISABLED <-> SERVER-ORACLE Oracle TNS listener service registration (server-oracle.rules)
 * 1:25316 <-> ENABLED <-> BROWSER-PLUGINS InduSoft ISSymbol InternationalSeparator heap overflow attempt (browser-plugins.rules)
 * 1:25318 <-> ENABLED <-> SERVER-WEBAPP InduSoft Web Studio arbitrary file upload attempt (server-webapp.rules)
 * 1:25319 <-> ENABLED <-> SERVER-WEBAPP InduSoft Web Studio arbitrary file upload attempt (server-webapp.rules)
 * 1:25320 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer nonexistent attribute removal memory corruption attempt (browser-ie.rules)
 * 1:25329 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CSS style memory corruption attempt (browser-ie.rules)
 * 1:25330 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel conditional code execution attempt (file-office.rules)
 * 1:25331 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel conditional code execution attempt (file-office.rules)
 * 1:25332 <-> ENABLED <-> FILE-OTHER Adobe Audition Session file tkrm stack buffer overflow attempt (file-other.rules)
 * 1:25334 <-> ENABLED <-> SERVER-OTHER Novell File Reporter record tag parsing buffer overflow attempt (server-other.rules)
 * 1:25335 <-> ENABLED <-> SERVER-OTHER Novell File Reporter record tag parsing buffer overflow attempt (server-other.rules)
 * 1:25336 <-> ENABLED <-> SERVER-OTHER Novell File Reporter record tag parsing buffer overflow attempt (server-other.rules)
 * 1:25337 <-> ENABLED <-> SERVER-OTHER Novell File Reporter record tag parsing buffer overflow attempt (server-other.rules)
 * 1:25338 <-> ENABLED <-> SERVER-OTHER Novell File Reporter record tag parsing buffer overflow attempt (server-other.rules)
 * 1:25339 <-> ENABLED <-> SERVER-OTHER Novell File Reporter record tag parsing buffer overflow attempt (server-other.rules)
 * 1:25340 <-> ENABLED <-> SERVER-OTHER Novell File Reporter record tag parsing buffer overflow attempt (server-other.rules)
 * 1:25343 <-> ENABLED <-> BROWSER-PLUGINS Citrix Access Gateway plug-in ActiveX code execution attempt (browser-plugins.rules)
 * 1:25344 <-> ENABLED <-> BROWSER-PLUGINS Citrix Access Gateway plug-in ActiveX code execution attempt (browser-plugins.rules)
 * 1:25346 <-> ENABLED <-> FILE-IMAGE ImageMagick EXIF resolutionunit handling memory corruption attempt (file-image.rules)
 * 1:25347 <-> ENABLED <-> FILE-IMAGE ImageMagick EXIF resolutionunit handling memory corruption attempt (file-image.rules)
 * 1:25348 <-> ENABLED <-> FILE-IMAGE ImageMagick EXIF resolutionunit handling memory corruption attempt (file-image.rules)
 * 1:25352 <-> ENABLED <-> SERVER-OTHER HP HP Intelligent Management Center syslog remote code execution attempt (server-other.rules)
 * 1:25353 <-> ENABLED <-> FILE-OFFICE Microsoft Office PowerPoint invalid OfficeArtSpContainer subrecord exploit attempt (file-office.rules)
 * 1:25354 <-> ENABLED <-> FILE-OFFICE Microsoft Office PowerPoint invalid OfficeArtSpContainer subrecord exploit attempt (file-office.rules)
 * 1:25355 <-> ENABLED <-> FILE-OFFICE Microsoft Office PowerPoint invalid OfficeArtBlipDIB record exploit attempt (file-office.rules)
 * 1:25366 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel invalid Window2 BIFF record value attempt (file-office.rules)
 * 1:25367 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel invalid Window2 BIFF record value attempt (file-office.rules)
 * 1:25369 <-> DISABLED <-> OS-WINDOWS NVIDIA graphics driver nvsr named pipe buffer overflow attempt (os-windows.rules)
 * 1:25370 <-> DISABLED <-> SERVER-OTHER CakePHP unserialize method vulnerability exploitation attempt (server-other.rules)
 * 1:25380 <-> DISABLED <-> SERVER-OTHER EMC AutoStart domain name logging stack buffer overflow attempt (server-other.rules)
 * 1:25381 <-> ENABLED <-> SERVER-OTHER Microsoft Forefront Threat Management Gateway remote code execution attempt (server-other.rules)
 * 1:25392 <-> ENABLED <-> FILE-JAVA Oracle Java Rhino script engine remote code execution attempt (file-java.rules)
 * 1:25393 <-> DISABLED <-> FILE-OFFICE Microsoft Office RTF malformed pfragments field (file-office.rules)
 * 1:25449 <-> ENABLED <-> FILE-PDF Javascript openDoc UNC network request attempt (file-pdf.rules)
 * 1:25450 <-> ENABLED <-> FILE-PDF Javascript openDoc UNC network request attempt (file-pdf.rules)
 * 1:25451 <-> ENABLED <-> INDICATOR-OBFUSCATION GIF header followed by PDF header (indicator-obfuscation.rules)
 * 1:25452 <-> ENABLED <-> INDICATOR-OBFUSCATION PNG header followed by PDF header (indicator-obfuscation.rules)
 * 1:25453 <-> ENABLED <-> INDICATOR-OBFUSCATION JPEG header followed by PDF header (indicator-obfuscation.rules)
 * 1:25454 <-> ENABLED <-> INDICATOR-OBFUSCATION DOC header followed by PDF header (indicator-obfuscation.rules)
 * 1:25455 <-> ENABLED <-> INDICATOR-OBFUSCATION GIF header followed by PDF header (indicator-obfuscation.rules)
 * 1:25456 <-> ENABLED <-> INDICATOR-OBFUSCATION PNG header followed by PDF header (indicator-obfuscation.rules)
 * 1:25457 <-> ENABLED <-> INDICATOR-OBFUSCATION JPEG header followed by PDF header (indicator-obfuscation.rules)
 * 1:25458 <-> ENABLED <-> INDICATOR-OBFUSCATION DOC header followed by PDF header (indicator-obfuscation.rules)
 * 1:25459 <-> ENABLED <-> FILE-PDF Adobe Reader incomplete JP2K image geometry - potentially malicious (file-pdf.rules)
 * 1:25460 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader incomplete JP2K image geometry - potentially malicious (file-pdf.rules)
 * 1:25461 <-> ENABLED <-> FILE-PDF OpenType parsing buffer overflow attempt (file-pdf.rules)
 * 1:25462 <-> ENABLED <-> FILE-PDF OpenType parsing buffer overflow attempt (file-pdf.rules)
 * 1:25463 <-> ENABLED <-> FILE-PDF OpenType parsing buffer overflow attempt (file-pdf.rules)
 * 1:25464 <-> ENABLED <-> FILE-PDF OpenType parsing buffer overflow attempt (file-pdf.rules)
 * 1:25466 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader structtreeroot children recursive call denial of service attempt (file-pdf.rules)
 * 1:25467 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader structtreeroot children recursive call denial of service attempt (file-pdf.rules)
 * 1:25468 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader structtreeroot children recursive call denial of service attempt (file-pdf.rules)
 * 1:25469 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader structtreeroot children recursive call denial of service attempt (file-pdf.rules)
 * 1:25472 <-> ENABLED <-> FILE-JAVA Oracle Java JMX class arbitrary code execution attempt (file-java.rules)
 * 1:25473 <-> ENABLED <-> FILE-JAVA Oracle Java JMX class arbitrary code execution attempt (file-java.rules)
 * 1:25474 <-> ENABLED <-> SERVER-OTHER Citrix Access Gateway legacy authentication attempt (server-other.rules)
 * 1:25475 <-> ENABLED <-> FILE-PDF JavaScript contained in an xml template embedded in a pdf attempt (file-pdf.rules)
 * 1:255 <-> DISABLED <-> PROTOCOL-DNS dns zone transfer via TCP detected (protocol-dns.rules)
 * 1:2550 <-> DISABLED <-> FILE-OTHER Nullsoft Winamp XM file buffer overflow attempt (file-other.rules)
 * 1:25502 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft GDI EMF malformed file buffer overflow attempt (file-multimedia.rules)
 * 1:25512 <-> DISABLED <-> OS-MOBILE Android ANDR.Trojan.SMSsend variant outbound connection (os-mobile.rules)
 * 1:25527 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint unbound memcpy and remote code execution attempt (file-office.rules)
 * 1:25528 <-> DISABLED <-> SERVER-WEBAPP Moveable Type unauthenticated remote command execution attempt (server-webapp.rules)
 * 1:25534 <-> DISABLED <-> SERVER-WEBAPP Sonicwall Global Management System authentication bypass attempt (server-webapp.rules)
 * 1:25535 <-> ENABLED <-> PROTOCOL-SERVICES Cisco Prime Lan Management rsh command execution attempt (protocol-services.rules)
 * 1:25536 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader TTF parsing bad cmap format attempt (file-pdf.rules)
 * 1:25537 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader TTF parsing bad cmap format attempt (file-pdf.rules)
 * 1:25542 <-> ENABLED <-> PROTOCOL-RPC EMC NetWorker nsrindexd service buffer overflow attempt (protocol-rpc.rules)
 * 1:25549 <-> ENABLED <-> SERVER-OTHER Novell eDirectory NCP stack buffer overflow attempt (server-other.rules)
 * 1:25550 <-> ENABLED <-> SERVER-OTHER Novell eDirectory NCP stack buffer overflow attempt (server-other.rules)
 * 1:25552 <-> DISABLED <-> SERVER-OTHER Rails JSON to YAML parsing deserialization attempt (server-other.rules)
 * 1:25557 <-> DISABLED <-> SERVER-OTHER RaySharp CCTV derivative command injection attempt (server-other.rules)
 * 1:25562 <-> DISABLED <-> FILE-JAVA Oracle Java obfuscated jar file download attempt (file-java.rules)
 * 1:25563 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader heap-based buffer overflow attempt (file-pdf.rules)
 * 1:25564 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader heap-based buffer overflow attempt (file-pdf.rules)
 * 1:25565 <-> DISABLED <-> BROWSER-PLUGINS Oracle AutoVue ActiveX control directory traversal attempt (browser-plugins.rules)
 * 1:25566 <-> DISABLED <-> BROWSER-PLUGINS Oracle AutoVue ActiveX control directory traversal attempt (browser-plugins.rules)
 * 1:25567 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Remote Desktop web access cross site scripting attempt - POST request (os-windows.rules)
 * 1:25581 <-> ENABLED <-> SERVER-OTHER EMC AlphaStor Device Manager command injection attempt (server-other.rules)
 * 1:25582 <-> ENABLED <-> SERVER-OTHER EMC AlphaStor Device Manager command injection attempt (server-other.rules)
 * 1:25583 <-> ENABLED <-> SERVER-OTHER EMC AlphaStor Device Manager command injection attempt (server-other.rules)
 * 1:25584 <-> ENABLED <-> SERVER-OTHER EMC AlphaStor Device Manager command injection attempt (server-other.rules)
 * 1:25585 <-> ENABLED <-> SERVER-OTHER EMC AlphaStor Device Manager command injection attempt (server-other.rules)
 * 1:25586 <-> DISABLED <-> SERVER-WEBAPP Nagios Core get_history buffer overflow attempt (server-webapp.rules)
 * 1:25587 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint malformed shapeid arbitrary code execution attempt (file-office.rules)
 * 1:25588 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader FlateDecode integer overflow attempt (file-pdf.rules)
 * 1:25589 <-> ENABLED <-> SERVER-OTHER libupnp command buffer overflow attempt (server-other.rules)
 * 1:25592 <-> DISABLED <-> INDICATOR-OBFUSCATION obfuscated document command - used in IFRAMEr tool injection (indicator-obfuscation.rules)
 * 1:25601 <-> ENABLED <-> SERVER-OTHER libupnp command buffer overflow attempt (server-other.rules)
 * 1:25603 <-> DISABLED <-> SERVER-OTHER Sybase Open Server TDS login packet stack memory corruption attempt (server-other.rules)
 * 1:25604 <-> DISABLED <-> FILE-IDENTIFY Csound audio file file download request (file-identify.rules)
 * 1:25605 <-> DISABLED <-> FILE-IDENTIFY Csound audio file file attachment detected (file-identify.rules)
 * 1:25606 <-> DISABLED <-> FILE-IDENTIFY Csound audio file file attachment detected (file-identify.rules)
 * 1:25607 <-> DISABLED <-> FILE-OTHER Csound hetro audio file buffer overflow attempt (file-other.rules)
 * 1:25608 <-> DISABLED <-> FILE-OTHER Csound hetro audio file buffer overflow attempt (file-other.rules)
 * 1:25612 <-> ENABLED <-> SERVER-OTHER libupnp command buffer overflow attempt (server-other.rules)
 * 1:25615 <-> DISABLED <-> OS-MOBILE Apple iOS 6.x jailbreak download attempt (os-mobile.rules)
 * 1:25616 <-> DISABLED <-> OS-MOBILE Apple iOS 6.x jailbreak download attempt (os-mobile.rules)
 * 1:25617 <-> ENABLED <-> SERVER-OTHER libupnp command buffer overflow attempt (server-other.rules)
 * 1:25618 <-> ENABLED <-> SERVER-OTHER libupnp command buffer overflow attempt (server-other.rules)
 * 1:25619 <-> ENABLED <-> SERVER-OTHER libupnp command buffer overflow attempt (server-other.rules)
 * 1:25620 <-> ENABLED <-> SERVER-OTHER libupnp command buffer overflow attempt (server-other.rules)
 * 1:25621 <-> DISABLED <-> BROWSER-OTHER Opera use after free attempt (browser-other.rules)
 * 1:25622 <-> DISABLED <-> BROWSER-OTHER Opera use after free attempt (browser-other.rules)
 * 1:25628 <-> DISABLED <-> MALWARE-CNC Win.Spy.Banker variant connect to cnc-server (malware-cnc.rules)
 * 1:25630 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word Document remote code execution attempt (file-office.rules)
 * 1:25631 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word Document remote code execution attempt (file-office.rules)
 * 1:25633 <-> DISABLED <-> FILE-OTHER ELF file parsing in different antivirus evasion attempt (file-other.rules)
 * 1:25644 <-> ENABLED <-> FILE-OTHER Apple QuickTime TeXML style sub-element buffer overflow attempt (file-other.rules)
 * 1:25645 <-> ENABLED <-> FILE-OTHER Apple QuickTime TeXML style sub-element buffer overflow attempt (file-other.rules)
 * 1:25646 <-> ENABLED <-> FILE-OTHER Apple QuickTime TeXML style sub-element buffer overflow attempt (file-other.rules)
 * 1:25647 <-> ENABLED <-> FILE-OTHER Apple QuickTime TeXML style sub-element buffer overflow attempt (file-other.rules)
 * 1:25648 <-> ENABLED <-> FILE-OTHER Apple QuickTime TeXML style sub-element buffer overflow attempt (file-other.rules)
 * 1:25649 <-> ENABLED <-> FILE-OTHER Apple QuickTime TeXML style sub-element buffer overflow attempt (file-other.rules)
 * 1:25650 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer malformed iframe buffer overflow attempt (browser-ie.rules)
 * 1:25654 <-> ENABLED <-> SERVER-OTHER HP OpenView Storage Data Protector exec_cmd buffer overflow attempt (server-other.rules)
 * 1:25655 <-> ENABLED <-> SERVER-OTHER HP OpenView Storage Data Protector exec_cmd buffer overflow attempt (server-other.rules)
 * 1:25656 <-> ENABLED <-> SERVER-OTHER HP OpenView Storage Data Protector exec_cmd buffer overflow attempt (server-other.rules)
 * 1:25657 <-> DISABLED <-> SERVER-OTHER HP Data Protector Media Operations directory traversal attempt (server-other.rules)
 * 1:25658 <-> DISABLED <-> SERVER-OTHER HP Data Protector Media Operations directory traversal attempt (server-other.rules)
 * 1:25664 <-> DISABLED <-> SERVER-OTHER MiniUPnPd SSDP request buffer overflow attempt (server-other.rules)
 * 1:25768 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word unchecked index value remote code execution attempt (file-office.rules)
 * 1:25771 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer custom cursor file use after free attempt (browser-ie.rules)
 * 1:25772 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer onbeforeeditfocus element attribute use after free attempt (browser-ie.rules)
 * 1:25775 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer pre-line use after free attempt (browser-ie.rules)
 * 1:25776 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer CTreePos use after free memory corruption attempt (browser-ie.rules)
 * 1:25777 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer CTreePos use after free memory corruption attempt (browser-ie.rules)
 * 1:25778 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer SVG use after free attempt (browser-ie.rules)
 * 1:25780 <-> ENABLED <-> SERVER-OTHER MiniUPnPd ExecuteSoapAction buffer overflow attempt (server-other.rules)
 * 1:25783 <-> DISABLED <-> INDICATOR-OBFUSCATION large number of calls to char function - possible sql injection obfuscation (indicator-obfuscation.rules)
 * 1:25788 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer iframe use after free attempt (browser-ie.rules)
 * 1:25790 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer compatibility mode invalid memory access attempt (browser-ie.rules)
 * 1:25791 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer compatibility mode invalid memory access attempt (browser-ie.rules)
 * 1:25797 <-> DISABLED <-> FILE-MULTIMEDIA VideoLAN VLC Media Player XSPF memory corruption attempt (file-multimedia.rules)
 * 1:25798 <-> ENABLED <-> EXPLOIT-KIT Multiple exploit kit 32-alpha jar request (exploit-kit.rules)
 * 1:25810 <-> ENABLED <-> FILE-OTHER VMWare OVF Tool format string exploit attempt (file-other.rules)
 * 1:25811 <-> ENABLED <-> FILE-OTHER VMWare OVF Tool format string exploit attempt (file-other.rules)
 * 1:25812 <-> ENABLED <-> FILE-OTHER VMWare OVF Tool format string exploit attempt (file-other.rules)
 * 1:25813 <-> ENABLED <-> FILE-OTHER VMWare OVF Tool format string exploit attempt (file-other.rules)
 * 1:25814 <-> DISABLED <-> FILE-FLASH Adobe Flash Player nested SWF cross domain clickjacking attempt (file-flash.rules)
 * 1:25815 <-> ENABLED <-> FILE-FLASH Adobe Flash Player FLV crafted ADPCM stream heap overflow attempt (file-flash.rules)
 * 1:25816 <-> ENABLED <-> FILE-FLASH Adobe Flash Player FLV crafted ADPCM stream heap overflow attempt (file-flash.rules)
 * 1:25830 <-> ENABLED <-> FILE-JAVA Oracle Java malicious class download attempt (file-java.rules)
 * 1:25831 <-> ENABLED <-> FILE-JAVA Oracle Java JMX class arbitrary code execution attempt (file-java.rules)
 * 1:25832 <-> ENABLED <-> FILE-JAVA Oracle Java JMX class arbitrary code execution attempt (file-java.rules)
 * 1:25833 <-> ENABLED <-> FILE-JAVA Oracle Java malicious class download attempt (file-java.rules)
 * 1:25834 <-> ENABLED <-> FILE-JAVA Oracle Java JMX class arbitrary code execution attempt (file-java.rules)
 * 1:25835 <-> ENABLED <-> FILE-FLASH Adobe Flash Player ActionScript 3 integer overflow attempt (file-flash.rules)
 * 1:25836 <-> DISABLED <-> INDICATOR-COMPROMISE known malicious SSL certificate - APT1 Virtuallythere (indicator-compromise.rules)
 * 1:25837 <-> DISABLED <-> INDICATOR-COMPROMISE known malicious SSL certificate - APT1 IBM (indicator-compromise.rules)
 * 1:25838 <-> DISABLED <-> INDICATOR-COMPROMISE known malicious SSL certificate - APT1 Webmail (indicator-compromise.rules)
 * 1:25839 <-> DISABLED <-> INDICATOR-COMPROMISE known malicious SSL certificate - APT1 Alpha (indicator-compromise.rules)
 * 1:25840 <-> DISABLED <-> INDICATOR-COMPROMISE known malicious SSL certificate - APT1 Email (indicator-compromise.rules)
 * 1:25841 <-> DISABLED <-> INDICATOR-COMPROMISE known malicious SSL certificate - APT1 Lame (indicator-compromise.rules)
 * 1:25842 <-> DISABLED <-> INDICATOR-COMPROMISE known malicious SSL certificate - APT1 NS (indicator-compromise.rules)
 * 1:25843 <-> DISABLED <-> INDICATOR-COMPROMISE known malicious SSL certificate - APT1 Server (indicator-compromise.rules)
 * 1:25844 <-> DISABLED <-> INDICATOR-COMPROMISE known malicious SSL certificate - APT1 Sur (indicator-compromise.rules)
 * 1:25845 <-> DISABLED <-> INDICATOR-COMPROMISE known malicious SSL certificate - APT1 AOL (indicator-compromise.rules)
 * 1:25846 <-> DISABLED <-> INDICATOR-COMPROMISE known malicious SSL certificate - APT1 Yahoo (indicator-compromise.rules)
 * 1:25847 <-> DISABLED <-> INDICATOR-COMPROMISE known malicious SSL certificate - APT1 Moon-Night (indicator-compromise.rules)
 * 1:25848 <-> DISABLED <-> INDICATOR-COMPROMISE known malicious SSL certificate - APT1 No-Name (indicator-compromise.rules)
 * 1:25849 <-> ENABLED <-> PROTOCOL-SCADA Schneider Electric IGSS integer underflow attempt (protocol-scada.rules)
 * 1:2585 <-> DISABLED <-> SERVER-WEBAPP nessus 2.x 404 probe (server-webapp.rules)
 * 1:25850 <-> ENABLED <-> PROTOCOL-SCADA Schneider Electric IGSS integer underflow attempt (protocol-scada.rules)
 * 1:25851 <-> ENABLED <-> PROTOCOL-SCADA Schneider Electric IGSS integer underflow attempt (protocol-scada.rules)
 * 1:25852 <-> ENABLED <-> PROTOCOL-SCADA Schneider Electric IGSS integer underflow attempt (protocol-scada.rules)
 * 1:25855 <-> DISABLED <-> SERVER-WEBAPP Nagios XI alert cloud cross site scripting attempt (server-webapp.rules)
 * 1:25864 <-> DISABLED <-> OS-MOBILE Android AngryBirdsRioUnlocker initial device info send (os-mobile.rules)
 * 1:25868 <-> DISABLED <-> OS-MOBILE Android.Trojan.Rus.SMS outbound communication attempt (os-mobile.rules)
 * 1:2587 <-> DISABLED <-> PUA-P2P eDonkey server response (pua-p2p.rules)
 * 1:25907 <-> DISABLED <-> SERVER-WEBAPP PHPmyadmin brute force login attempt - User-Agent User-Agent (server-webapp.rules)
 * 1:25969 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel MsoDrawingGroup record remote code execution attempt (file-office.rules)
 * 1:25975 <-> ENABLED <-> POLICY-OTHER Adobe ColdFusion admin interface access attempt (policy-other.rules)
 * 1:25976 <-> ENABLED <-> POLICY-OTHER Adobe ColdFusion admin API access attempt (policy-other.rules)
 * 1:25977 <-> ENABLED <-> POLICY-OTHER Adobe ColdFusion component browser access attempt (policy-other.rules)
 * 1:25983 <-> DISABLED <-> INDICATOR-OBFUSCATION DNS tunneling attempt (indicator-obfuscation.rules)
 * 1:25984 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer userdata behavior memory corruption attempt (browser-ie.rules)
 * 1:25985 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer userdata behavior memory corruption attempt (browser-ie.rules)
 * 1:25986 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer userdata behavior memory corruption attempt (browser-ie.rules)
 * 1:25990 <-> DISABLED <-> MALWARE-CNC Win.Spy.Agent variant connect to cnc-server (malware-cnc.rules)
 * 1:25991 <-> DISABLED <-> MALWARE-CNC Win.Spy.Agent variant connect to cnc-server (malware-cnc.rules)
 * 1:25997 <-> DISABLED <-> OS-MOBILE Android jSMSHider initial encrypted device info send (os-mobile.rules)
 * 1:25998 <-> DISABLED <-> OS-MOBILE Android ADRD encrypted information leak (os-mobile.rules)
 * 1:25999 <-> DISABLED <-> OS-MOBILE Android ADRD encrypted information leak (os-mobile.rules)
 * 1:26015 <-> DISABLED <-> OS-MOBILE Android Lovetrap initial connection (os-mobile.rules)
 * 1:26016 <-> DISABLED <-> OS-MOBILE Android GGTracker server communication (os-mobile.rules)
 * 1:26017 <-> DISABLED <-> OS-MOBILE Android GGTracker leak of device phone number (os-mobile.rules)
 * 1:26018 <-> DISABLED <-> OS-MOBILE Android GGTracker installation call out (os-mobile.rules)
 * 1:26025 <-> ENABLED <-> INDICATOR-COMPROMISE Java user-agent request to svchost.jpg (indicator-compromise.rules)
 * 1:26026 <-> DISABLED <-> OS-MOBILE Android Gmaster device information send (os-mobile.rules)
 * 1:26028 <-> DISABLED <-> FILE-OTHER Adobe Shockwave Director rcsL chunk memory corruption attempt (file-other.rules)
 * 1:26029 <-> DISABLED <-> FILE-OTHER Adobe Director remote code execution attempt (file-other.rules)
 * 1:26030 <-> ENABLED <-> FILE-OTHER Known malicious jar archive download attempt (file-other.rules)
 * 1:26059 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office PowerPoint file magic detected (file-identify.rules)
 * 1:26060 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office PowerPoint file download request (file-identify.rules)
 * 1:26061 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office PowerPoint file attachment detected (file-identify.rules)
 * 1:26062 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office PowerPoint file attachment detected (file-identify.rules)
 * 1:26063 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Word docm file download request (file-identify.rules)
 * 1:26064 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Word docm file attachment detected (file-identify.rules)
 * 1:26065 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Word docm file attachment detected (file-identify.rules)
 * 1:26066 <-> ENABLED <-> OS-WINDOWS Microsoft Windows Object Packager ClickOnce object remote code execution attempt (os-windows.rules)
 * 1:26067 <-> ENABLED <-> OS-WINDOWS Microsoft Windows Object Packager ClickOnce object remote code execution attempt (os-windows.rules)
 * 1:26068 <-> ENABLED <-> OS-WINDOWS Microsoft Windows Object Packager ClickOnce object remote code execution attempt (os-windows.rules)
 * 1:26069 <-> ENABLED <-> OS-WINDOWS Microsoft Windows Object Packager ClickOnce object remote code execution attempt (os-windows.rules)
 * 1:26072 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Locati variant outbound connection (malware-cnc.rules)
 * 1:26073 <-> DISABLED <-> SERVER-OTHER SAP NetWeaver Message Server buffer overflow attempt (server-other.rules)
 * 1:26074 <-> DISABLED <-> SERVER-OTHER SAP NetWeaver Message Server buffer overflow attempt (server-other.rules)
 * 1:26077 <-> ENABLED <-> FILE-PDF transfer of a PDF with embedded JavaScript - JavaScript string attempt (file-pdf.rules)
 * 1:26079 <-> DISABLED <-> FILE-PDF PDF file with embedded PDF object (file-pdf.rules)
 * 1:26082 <-> DISABLED <-> FILE-PDF Nuance PDF reader launch overflow attempt (file-pdf.rules)
 * 1:26083 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Excel file download request (file-identify.rules)
 * 1:26084 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Excel file attachment detected (file-identify.rules)
 * 1:26085 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Excel file attachment detected (file-identify.rules)
 * 1:26087 <-> DISABLED <-> OS-MOBILE Android GoneIn60Seconds data upload (os-mobile.rules)
 * 1:26089 <-> DISABLED <-> FILE-OFFICE Microsoft Office Visio version number anomaly (file-office.rules)
 * 1:26092 <-> DISABLED <-> INDICATOR-OBFUSCATION fromCharCode seen in exploit kit landing pages (indicator-obfuscation.rules)
 * 1:26101 <-> DISABLED <-> INDICATOR-OBFUSCATION String.fromCharCode concatenation (indicator-obfuscation.rules)
 * 1:26102 <-> DISABLED <-> OS-MOBILE Android GoldDream device registration (os-mobile.rules)
 * 1:26103 <-> ENABLED <-> SERVER-OTHER HP LeftHand Virtual SAN hydra ping request buffer overflow attempt (server-other.rules)
 * 1:26104 <-> DISABLED <-> OS-MOBILE Android KMin imei imsi leakage (os-mobile.rules)
 * 1:26105 <-> ENABLED <-> SERVER-OTHER BigAnt IM Server buffer overflow attempt (server-other.rules)
 * 1:26109 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime Obji Atom parsing stack buffer overflow attempt (file-multimedia.rules)
 * 1:26114 <-> DISABLED <-> OS-MOBILE Android Zitmo trojan intercepted sms upload (os-mobile.rules)
 * 1:26122 <-> DISABLED <-> FILE-OTHER Lattice Semiconductor ispXCF version attribute overflow attempt (file-other.rules)
 * 1:26123 <-> DISABLED <-> FILE-OTHER Lattice Semiconductor ispXCF version attribute overflow attempt (file-other.rules)
 * 1:26124 <-> DISABLED <-> SERVER-WEBAPP Microsoft Office SharePoint cross site scripting attempt (server-webapp.rules)
 * 1:26131 <-> DISABLED <-> SERVER-WEBAPP Microsoft Office SharePoint cross site scripting attempt (server-webapp.rules)
 * 1:26157 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer 9 onbeforeprint use after free attempt (browser-ie.rules)
 * 1:26158 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer 9 onbeforeprint use after free attempt (browser-ie.rules)
 * 1:26159 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer 9 onbeforeprint use after free attempt (browser-ie.rules)
 * 1:26160 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer 9 onbeforeprint use after free attempt (browser-ie.rules)
 * 1:26161 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer 9 onbeforeprint use after free attempt (browser-ie.rules)
 * 1:26162 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer 9 onbeforeprint use after free attempt (browser-ie.rules)
 * 1:26163 <-> ENABLED <-> FILE-OFFICE Microsoft Office Visio TAG_xxxSheet code execution attempt (file-office.rules)
 * 1:26164 <-> ENABLED <-> FILE-OFFICE Microsoft Office Visio TAG_xxxSheet code execution attempt (file-office.rules)
 * 1:26165 <-> DISABLED <-> SERVER-WEBAPP Microsoft SharePoint Server directory traversal attempt (server-webapp.rules)
 * 1:26166 <-> DISABLED <-> SERVER-WEBAPP Microsoft SharePoint Server directory traversal attempt (server-webapp.rules)
 * 1:26167 <-> DISABLED <-> SERVER-WEBAPP Microsoft SharePoint Server directory traversal attempt (server-webapp.rules)
 * 1:26168 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer CHTMLEditor use after free attempt (browser-ie.rules)
 * 1:26169 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer CHTMLEditor use after free attempt (browser-ie.rules)
 * 1:26170 <-> DISABLED <-> FILE-OFFICE Microsoft Office OneNote 2010 buffer overread info disclosure attempt (file-office.rules)
 * 1:26171 <-> DISABLED <-> FILE-OFFICE Microsoft Office OneNote 2010 buffer overread info disclosure attempt (file-office.rules)
 * 1:26172 <-> ENABLED <-> FILE-FLASH Adobe Flashplayer sortOn heap overflow attempt (file-flash.rules)
 * 1:26173 <-> ENABLED <-> FILE-FLASH Adobe Flashplayer sortOn heap overflow attempt (file-flash.rules)
 * 1:26174 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel FRTWrapper record buffer overflow attempt (file-office.rules)
 * 1:26175 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel invalid FRTWrapper record buffer overflow attempt (file-office.rules)
 * 1:26176 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel SXDB memory corruption attempt (file-office.rules)
 * 1:26177 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel SXDB memory corruption attempt (file-office.rules)
 * 1:26180 <-> DISABLED <-> SERVER-OTHER Novell ZENworks Configuration Management Preboot service code overflow attempt (server-other.rules)
 * 1:26181 <-> ENABLED <-> BROWSER-PLUGINS Samsung NET-i viewer BackupToAvi ActiveX clsid access attempt (browser-plugins.rules)
 * 1:26182 <-> ENABLED <-> BROWSER-PLUGINS Samsung NET-i viewer BackupToAvi ActiveX function call access attempt (browser-plugins.rules)
 * 1:26183 <-> ENABLED <-> BROWSER-PLUGINS TRENDNet SecurView internet camera UltraMJCam ActiveX clsid access attempt (browser-plugins.rules)
 * 1:26184 <-> ENABLED <-> BROWSER-PLUGINS TRENDNet SecurView internet camera UltraMJCam ActiveX function call access attempt (browser-plugins.rules)
 * 1:26185 <-> ENABLED <-> FILE-JAVA Oracle Java Gmbal package sandbox breach attempt (file-java.rules)
 * 1:26186 <-> ENABLED <-> FILE-JAVA Oracle Java Gmbal package sandbox breach attempt (file-java.rules)
 * 1:26187 <-> ENABLED <-> BROWSER-PLUGINS McAfee Virtual Technician Security Bypass ActiveX clsid attempt (browser-plugins.rules)
 * 1:26188 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox 3.5 unicode stack overflow attempt (browser-firefox.rules)
 * 1:26189 <-> DISABLED <-> OS-MOBILE Android YZHC device registration (os-mobile.rules)
 * 1:26190 <-> DISABLED <-> OS-MOBILE Android YZHC device registration (os-mobile.rules)
 * 1:26191 <-> DISABLED <-> SERVER-WEBAPP MobileCartly arbitrary PHP file upload attempt (server-webapp.rules)
 * 1:26192 <-> DISABLED <-> OS-MOBILE Android CruseWind imei leakage (os-mobile.rules)
 * 1:26193 <-> DISABLED <-> BROWSER-PLUGINS Honeywell HscRemoteDeploy ActiveX control arbitrary HTA execution attempt (browser-plugins.rules)
 * 1:26194 <-> DISABLED <-> BROWSER-PLUGINS Honeywell HscRemoteDeploy ActiveX control arbitrary HTA execution attempt (browser-plugins.rules)
 * 1:26195 <-> ENABLED <-> FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp integer overflow attempt (file-java.rules)
 * 1:26196 <-> ENABLED <-> FILE-JAVA Oracle Java 2D ImagingLib LookupOp integer overflow attempt (file-java.rules)
 * 1:26197 <-> ENABLED <-> FILE-JAVA Oracle Java 2D ImagingLib ConvolveOp integer overflow attempt (file-java.rules)
 * 1:26198 <-> ENABLED <-> FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp integer overflow attempt (file-java.rules)
 * 1:26199 <-> ENABLED <-> FILE-JAVA Oracle Java 2D ImagingLib LookupOp integer overflow attempt (file-java.rules)
 * 1:26200 <-> ENABLED <-> FILE-JAVA Oracle Java 2D ImagingLib ConvolveOp integer overflow attempt (file-java.rules)
 * 1:26205 <-> DISABLED <-> OS-MOBILE Android Fakenetflix email password upload (os-mobile.rules)
 * 1:26206 <-> ENABLED <-> FILE-IDENTIFY CyberLink Power2Go file download request (file-identify.rules)
 * 1:26207 <-> ENABLED <-> FILE-IDENTIFY CyberLink Power2Go file attachment detected (file-identify.rules)
 * 1:26208 <-> ENABLED <-> FILE-IDENTIFY CyberLink Power2Go file attachment detected (file-identify.rules)
 * 1:26209 <-> ENABLED <-> FILE-OTHER CyberLink Power2Go name parameter overflow attempt (file-other.rules)
 * 1:26210 <-> ENABLED <-> FILE-OTHER CyberLink Power2Go name parameter overflow attempt (file-other.rules)
 * 1:26231 <-> DISABLED <-> FILE-PDF PDF version 1.1 with FlateDecode embedded - seen in exploit kits (file-pdf.rules)
 * 1:26241 <-> DISABLED <-> BROWSER-PLUGINS ActivePDF WebGrabber APWebGrb.ocx ActiveX function call access attempt (browser-plugins.rules)
 * 1:26242 <-> ENABLED <-> FILE-MULTIMEDIA CCMPlayer m3u buffer overflow attempt (file-multimedia.rules)
 * 1:26243 <-> ENABLED <-> FILE-MULTIMEDIA CCMPlayer m3u buffer overflow attempt (file-multimedia.rules)
 * 1:26246 <-> DISABLED <-> OS-MOBILE Android ANDR.Trojan.PremiumSMS APK file download attempt (os-mobile.rules)
 * 1:26247 <-> DISABLED <-> OS-MOBILE Android ANDR.Trojan.PremiumSMS APK file download attempt (os-mobile.rules)
 * 1:26250 <-> DISABLED <-> BROWSER-PLUGINS Google Apps mailto URI argument injection attempt (browser-plugins.rules)
 * 1:26258 <-> ENABLED <-> BROWSER-WEBKIT Apple Safari SVG Markers Memory Use-After-Free attempt (browser-webkit.rules)
 * 1:26259 <-> ENABLED <-> BROWSER-WEBKIT Apple Safari SVG Markers Memory Use-After-Free attempt (browser-webkit.rules)
 * 1:26262 <-> DISABLED <-> SERVER-OTHER MongoDB nativeHelper.apply method command injection attempt (server-other.rules)
 * 1:26263 <-> DISABLED <-> SERVER-WEBAPP Wordpress wp-banners-lite plugin cross site scripting attempt (server-webapp.rules)
 * 1:26272 <-> DISABLED <-> OS-MOBILE Android ANDR.Trojan.Chuli APK file download attempt (os-mobile.rules)
 * 1:26273 <-> DISABLED <-> OS-MOBILE Android ANDR.Trojan.Chuli APK file download attempt (os-mobile.rules)
 * 1:26274 <-> DISABLED <-> SERVER-WEBAPP Nagios3 statuswml.cgi remote command execution attempt (server-webapp.rules)
 * 1:26275 <-> DISABLED <-> SERVER-WEBAPP DD-WRT httpd cgi-bin remote command execution attempt (server-webapp.rules)
 * 1:26276 <-> DISABLED <-> SERVER-WEBAPP Linksys E1500/E2500 apply.cgi multiple vulnerabilities attempt (server-webapp.rules)
 * 1:26277 <-> DISABLED <-> SERVER-WEBAPP Linksys E1500/E2500 apply.cgi multiple vulnerabilities attempt (server-webapp.rules)
 * 1:26278 <-> DISABLED <-> SERVER-WEBAPP Linksys E1500/E2500 apply.cgi unauthenticated password reset attempt (server-webapp.rules)
 * 1:26279 <-> DISABLED <-> SERVER-WEBAPP Linksys E1500/E2500 unauthenticated password reset attempt (server-webapp.rules)
 * 1:26280 <-> DISABLED <-> FILE-PDF Foxit Reader remote query string buffer overflow attempt (file-pdf.rules)
 * 1:26281 <-> DISABLED <-> FILE-PDF Foxit Reader remote query string buffer overflow attempt (file-pdf.rules)
 * 1:26282 <-> DISABLED <-> FILE-PDF Foxit Reader remote query string buffer overflow attempt (file-pdf.rules)
 * 1:26283 <-> DISABLED <-> FILE-PDF Foxit Reader remote query string buffer overflow attempt (file-pdf.rules)
 * 1:26290 <-> DISABLED <-> OS-MOBILE Android ANDR.Trojan.RootSmart outbound communication attempt (os-mobile.rules)
 * 1:26291 <-> DISABLED <-> OS-MOBILE Android Ksapp device registration (os-mobile.rules)
 * 1:26294 <-> ENABLED <-> FILE-OTHER Watering Hole Campaign applet download (file-other.rules)
 * 1:26295 <-> ENABLED <-> FILE-OTHER Watering Hole Campaign applet download (file-other.rules)
 * 1:26299 <-> DISABLED <-> SERVER-MYSQL MySQL/MariaDB Server geometry query polygon object integer overflow attempt (server-mysql.rules)
 * 1:26300 <-> DISABLED <-> SERVER-MYSQL MySQL/MariaDB Server geometry query multistring object integer overflow attempt (server-mysql.rules)
 * 1:26301 <-> DISABLED <-> SERVER-MYSQL MySQL/MariaDB Server geometry query multipolygon object integer overflow attempt (server-mysql.rules)
 * 1:26302 <-> DISABLED <-> SERVER-MYSQL MySQL/MariaDB Server geometry query linestring object integer overflow attempt (server-mysql.rules)
 * 1:26303 <-> DISABLED <-> SERVER-MYSQL MySQL/MariaDB Server geometry query polygon object integer overflow attempt (server-mysql.rules)
 * 1:26304 <-> DISABLED <-> SERVER-MYSQL MySQL/MariaDB Server geometry query multistring object integer overflow attempt (server-mysql.rules)
 * 1:26305 <-> DISABLED <-> SERVER-MYSQL MySQL/MariaDB Server geometry query multipolygon object integer overflow attempt (server-mysql.rules)
 * 1:26306 <-> DISABLED <-> SERVER-MYSQL MySQL/MariaDB Server geometry query linestring object integer overflow attempt (server-mysql.rules)
 * 1:26307 <-> DISABLED <-> SERVER-MYSQL MySQL/MariaDB Server geometry query polygon object integer overflow attempt (server-mysql.rules)
 * 1:26308 <-> DISABLED <-> SERVER-MYSQL MySQL/MariaDB Server geometry query multistring object integer overflow attempt (server-mysql.rules)
 * 1:26309 <-> DISABLED <-> SERVER-MYSQL MySQL/MariaDB Server geometry query multipolygon object integer overflow attempt (server-mysql.rules)
 * 1:26310 <-> DISABLED <-> SERVER-MYSQL MySQL/MariaDB Server geometry query linestring object integer overflow attempt (server-mysql.rules)
 * 1:26311 <-> DISABLED <-> SERVER-MYSQL MySQL/MariaDB Server geometry query polygon object integer overflow attempt (server-mysql.rules)
 * 1:26312 <-> DISABLED <-> SERVER-MYSQL MySQL/MariaDB Server geometry query multistring object integer overflow attempt (server-mysql.rules)
 * 1:26313 <-> DISABLED <-> SERVER-MYSQL MySQL/MariaDB Server geometry query multipolygon object integer overflow attempt (server-mysql.rules)
 * 1:26314 <-> DISABLED <-> SERVER-OTHER Coppermine Photo Gallery picEditor.php command execution attempt (server-other.rules)
 * 1:26315 <-> DISABLED <-> SERVER-OTHER Coppermine Photo Gallery picEditor.php command execution attempt (server-other.rules)
 * 1:26316 <-> DISABLED <-> SERVER-OTHER Coppermine Photo Gallery picEditor.php command execution attempt (server-other.rules)
 * 1:26317 <-> DISABLED <-> FILE-MULTIMEDIA Cool Player Plus M3U buffer overflow attempt (file-multimedia.rules)
 * 1:26318 <-> DISABLED <-> FILE-MULTIMEDIA Cool Player Plus M3U buffer overflow attempt (file-multimedia.rules)
 * 1:26320 <-> DISABLED <-> SERVER-WEBAPP Redmine SCM rev parameter command injection attempt (server-webapp.rules)
 * 1:26324 <-> DISABLED <-> PROTOCOL-DNS ISC BIND NAPTR record regular expression handling denial of service attempt (protocol-dns.rules)
 * 1:26329 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel format record code execution attempt (file-office.rules)
 * 1:26330 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint TxMasterStyle10Atom atom numLevels buffer overflow attempt (file-office.rules)
 * 1:26333 <-> ENABLED <-> SERVER-OTHER HP LeftHand Virtual SAN hydra diag request buffer overflow attempt (server-other.rules)
 * 1:26334 <-> ENABLED <-> SERVER-OTHER HP LeftHand Virtual SAN hydra diag request buffer overflow attempt (server-other.rules)
 * 1:26336 <-> ENABLED <-> SERVER-OTHER HP LeftHand Virtual SAN hydra snmp request buffer overflow attempt (server-other.rules)
 * 1:26340 <-> DISABLED <-> FILE-OTHER Corel WordPerfect document parsing buffer overflow attempt (file-other.rules)
 * 1:26352 <-> DISABLED <-> INDICATOR-OBFUSCATION obfuscated portable executable - seen in exploit kits (indicator-obfuscation.rules)
 * 1:26354 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer expression clause in style tag cross site scripting attempt (browser-ie.rules)
 * 1:26355 <-> ENABLED <-> BROWSER-PLUGINS Microsoft Windows RDP ActiveX component mstscax use after free attempt (browser-plugins.rules)
 * 1:26356 <-> ENABLED <-> BROWSER-PLUGINS Microsoft Windows RDP ActiveX component mstscax use after free attempt (browser-plugins.rules)
 * 1:26357 <-> ENABLED <-> BROWSER-PLUGINS Microsoft Windows RDP ActiveX component mstscax use after free attempt (browser-plugins.rules)
 * 1:26358 <-> ENABLED <-> BROWSER-PLUGINS Microsoft Windows RDP ActiveX component mstscax use after free attempt (browser-plugins.rules)
 * 1:26359 <-> ENABLED <-> BROWSER-PLUGINS Microsoft Windows RDP ActiveX component mstscax use after free attempt (browser-plugins.rules)
 * 1:26360 <-> ENABLED <-> BROWSER-PLUGINS Microsoft Windows RDP ActiveX component mstscax use after free attempt (browser-plugins.rules)
 * 1:26361 <-> ENABLED <-> BROWSER-PLUGINS Microsoft Windows RDP ActiveX component mstscax use after free attempt (browser-plugins.rules)
 * 1:26362 <-> ENABLED <-> BROWSER-PLUGINS Microsoft Windows RDP ActiveX component mstscax use after free attempt (browser-plugins.rules)
 * 1:26363 <-> ENABLED <-> BROWSER-PLUGINS Microsoft Windows RDP ActiveX component mstscax use after free attempt (browser-plugins.rules)
 * 1:26364 <-> ENABLED <-> BROWSER-PLUGINS Microsoft Windows RDP ActiveX component mstscax use after free attempt (browser-plugins.rules)
 * 1:26365 <-> ENABLED <-> BROWSER-PLUGINS Microsoft Windows RDP ActiveX component mstscax use after free attempt (browser-plugins.rules)
 * 1:26372 <-> DISABLED <-> FILE-IMAGE ClamAV Antivirus Function Denial of Service attempt (file-image.rules)
 * 1:26373 <-> DISABLED <-> FILE-IMAGE ClamAV Antivirus Function Denial of Service attempt (file-image.rules)
 * 1:26374 <-> DISABLED <-> FILE-IMAGE ClamAV Antivirus Function Denial of Service attempt (file-image.rules)
 * 1:26378 <-> ENABLED <-> BROWSER-PLUGINS Viscom Software Image Viewer ActiveX function call access (browser-plugins.rules)