sql.rules

This is the snapshot of Snot Latest Rules

# Autogenerated skeleton rules file.  Do NOT edit by hand
alert tcp $EXTERNAL_NET $HTTP_PORTS <> $HOME_NET any (msg:"SQL Microsoft SQL Server Backup Database File integer overflow attempt"; sid:13888; gid:3; rev:1; classtype:attempted-admin; reference:cve,2008-0107; reference:url,www.microsoft.com/technet/security/bulletin/MS08-040.mspx; metadata: engine shared, soid 3|13888, policy balanced-ips drop, policy security-ips drop;)
alert tcp $EXTERNAL_NET $HTTP_PORTS <> $HOME_NET any (msg:"SQL Microsoft SQL Server Backup Database File integer overflow attempt"; sid:13889; gid:3; rev:1; classtype:attempted-admin; reference:cve,2008-0107; reference:url,www.microsoft.com/technet/security/bulletin/MS08-040.mspx; metadata: engine shared, soid 3|13889, policy balanced-ips drop, policy security-ips drop;)
alert tcp $EXTERNAL_NET $HTTP_PORTS <> $HOME_NET any (msg:"SQL Microsoft SQL Server Backup Database File integer overflow attempt"; sid:13890; gid:3; rev:1; classtype:attempted-admin; reference:cve,2008-0107; reference:url,www.microsoft.com/technet/security/bulletin/MS08-040.mspx; metadata: engine shared, soid 3|13890, policy balanced-ips drop, policy security-ips drop;)
alert tcp $EXTERNAL_NET any <> $SQL_SERVERS 1433 (msg:"MS-SQL Memory page overwrite attempt"; sid:13891; gid:3; rev:1; classtype:attempted-admin; reference:cve,2008-0106; reference:url,www.microsoft.com/technet/security/bulletin/MS08-040.mspx; metadata: engine shared, soid 3|13891, policy balanced-ips drop, policy security-ips drop;)
alert tcp $EXTERNAL_NET any <> $SQL_SERVERS 1433 (msg:"SQL Convert function style overwrite"; sid:13892; gid:3; rev:1; classtype:attempted-admin; reference:cve,2008-0086; reference:url,www.microsoft.com/technet/security/bulletin/MS08-040.mspx; metadata: engine shared, soid 3|13892, policy balanced-ips drop, policy security-ips drop;)