sid-msg.map

snort入侵检测规则文件2.4 Snort是众所周知的网络入侵检测工具

720 || Virus - SnowWhite Trojan Incoming
721 || VIRUS OUTBOUND bad file attachment
722 || Virus - Possible NAVIDAD Worm
723 || Virus - Possible MyRomeo Worm
724 || Virus - Possible MyRomeo Worm
725 || Virus - Possible MyRomeo Worm
726 || Virus - Possible MyRomeo Worm
727 || Virus - Possible MyRomeo Worm
728 || Virus - Possible MyRomeo Worm
729 || VIRUS OUTBOUND .scr file attachment
730 || VIRUS OUTBOUND .shs file attachment
731 || Virus - Possible QAZ Worm || MCAFEE,98775
732 || Virus - Possible QAZ Worm Infection || MCAFEE,98775
733 || Virus - Possible QAZ Worm Calling Home || MCAFEE,98775
734 || Virus - Possible Matrix worm
735 || Virus - Possible MyRomeo Worm
736 || Virus - Successful eurocalculator execution
737 || Virus - Possible eurocalculator.exe file
738 || Virus - Possible Pikachu Pokemon Virus || MCAFEE,98696
739 || Virus - Possible Triplesix Worm || MCAFEE,10389
740 || Virus - Possible Tune.vbs || MCAFEE,10497
741 || Virus - Possible NAIL Worm || MCAFEE,10109
742 || Virus - Possible NAIL Worm || MCAFEE,10109
743 || Virus - Possible NAIL Worm || MCAFEE,10109
744 || Virus - Possible NAIL Worm || MCAFEE,10109
745 || Virus - Possible Papa Worm || MCAFEE,10145
746 || Virus - Possible Freelink Worm || MCAFEE,10225
747 || Virus - Possible Simbiosis Worm
748 || Virus - Possible BADASS Worm || MCAFEE,10388
749 || Virus - Possible ExploreZip.B Worm || MCAFEE,10471
751 || Virus - Possible wscript.KakWorm || MCAFEE,10509
752 || Virus Possible Suppl Worm || MCAFEE,10361
753 || Virus - Possible NewApt.Worm - theobbq.exe || MCAFEE,10540
754 || Virus - Possible Word Macro - VALE || MCAFEE,10502
755 || Virus - Possible IROK Worm || MCAFEE,98552
756 || Virus - Possible Fix2001 Worm || MCAFEE,10355
757 || Virus - Possible Y2K Zelu Trojan || MCAFEE,10505
758 || Virus - Possible The_Fly Trojan || MCAFEE,10478
759 || Virus - Possible Word Macro - VALE || MCAFEE,10502
760 || Virus - Possible Passion Worm || MCAFEE,10467
761 || Virus - Possible NewApt.Worm - cooler3.exe || MCAFEE,10540
762 || Virus - Possible NewApt.Worm - party.exe || MCAFEE,10540
763 || Virus - Possible NewApt.Worm - hog.exe || MCAFEE,10540
764 || Virus - Possible NewApt.Worm - goal1.exe || MCAFEE,10540
765 || Virus - Possible NewApt.Worm - pirate.exe || MCAFEE,10540
766 || Virus - Possible NewApt.Worm - video.exe || MCAFEE,10540
767 || Virus - Possible NewApt.Worm - baby.exe || MCAFEE,10540
768 || Virus - Possible NewApt.Worm - cooler1.exe || MCAFEE,10540
769 || Virus - Possible NewApt.Worm - boss.exe || MCAFEE,10540
770 || Virus - Possible NewApt.Worm - g-zilla.exe || MCAFEE,10540
771 || Virus - Possible ToadieE-mail Trojan || MCAFEE,10540
772 || Virus - Possible PrettyPark Trojan || MCAFEE,10175
773 || Virus - Possible Happy99 Virus || MCAFEE,10144
774 || Virus - Possible CheckThis Trojan
775 || Virus - Possible Bubbleboy Worm || MCAFEE,10418
776 || Virus - Possible NewApt.Worm - copier.exe || MCAFEE,10540
777 || Virus - Possible MyPics Worm || MCAFEE,10467
778 || Virus - Possible Babylonia - X-MAS.exe || MCAFEE,10461
779 || Virus - Possible NewApt.Worm - gadget.exe || MCAFEE,10540
780 || Virus - Possible NewApt.Worm - irnglant.exe || MCAFEE,10540
781 || Virus - Possible NewApt.Worm - casper.exe || MCAFEE,10540
782 || Virus - Possible NewApt.Worm - fborfw.exe || MCAFEE,10540
783 || Virus - Possible NewApt.Worm - saddam.exe || MCAFEE,10540
784 || Virus - Possible NewApt.Worm - bboy.exe || MCAFEE,10540
785 || Virus - Possible NewApt.Worm - monica.exe || MCAFEE,10540
786 || Virus - Possible NewApt.Worm - goal.exe || MCAFEE,10540
787 || Virus - Possible NewApt.Worm - panther.exe || MCAFEE,10540
788 || Virus - Possible NewApt.Worm - chestburst.exe || MCAFEE,10540
789 || Virus - Possible NewApt.Worm - farter.exe || MCAFEE,1054
790 || Virus - Possible Common Sense Worm
791 || Virus - Possible NewApt.Worm - cupid2.exe || MCAFEE,10540
792 || Virus - Possible Resume Worm || MCAFEE,98661
793 || VIRUS OUTBOUND .vbs file attachment
794 || Virus - Possible Resume Worm || MCAFEE,98661
795 || Virus - Possible Worm -  txt.vbs file
796 || Virus - Possible Worm - xls.vbs file
797 || Virus - Possible Worm - jpg.vbs file
798 || Virus - Possible Worm -  gif.vbs file
799 || Virus - Possible Timofonica Worm || MCAFEE,98674
800 || Virus - Possible Resume Worm || MCAFEE,98661
801 || Virus - Possible Worm - doc.vbs file
802 || Virus - Possbile Zipped Files Trojan || MCAFEE,10450
803 || WEB-CGI HyperSeek hsx.cgi directory traversal attempt || bugtraq,2314 || cve,2001-0253 || nessus,10602
804 || WEB-CGI SWSoft ASPSeek Overflow attempt || bugtraq,2492 || cve,2001-0476
805 || WEB-CGI webspeed access || arachnids,467 || bugtraq,969 || cve,2000-0127 || nessus,10304
806 || WEB-CGI yabb directory traversal attempt || arachnids,462 || bugtraq,1668 || cve,2000-0853
807 || WEB-CGI /wwwboard/passwd.txt access || arachnids,463 || bugtraq,649 || cve,1999-0953 || cve,1999-0954 || nessus,10321
808 || WEB-CGI webdriver access || arachnids,473 || bugtraq,2166 || nessus,10592
809 || WEB-CGI whois_raw.cgi arbitrary command execution attempt || arachnids,466 || bugtraq,304 || cve,1999-1063 || nessus,10306
810 || WEB-CGI whois_raw.cgi access || arachnids,466 || bugtraq,304 || cve,1999-1063 || nessus,10306
811 || WEB-CGI websitepro path access || arachnids,468 || bugtraq,932 || cve,2000-0066
812 || WEB-CGI webplus version access || arachnids,470 || bugtraq,1102 || cve,2000-0282
813 || WEB-CGI webplus directory traversal || arachnids,471 || bugtraq,1102 || cve,2000-0282
815 || WEB-CGI websendmail access || arachnids,469 || bugtraq,2077 || cve,1999-0196 || nessus,10301
817 || WEB-CGI dcboard.cgi invalid user addition attempt || bugtraq,2728 || cve,2001-0527 || nessus,10583
818 || WEB-CGI dcforum.cgi access || bugtraq,2728 || cve,2001-0527 || nessus,10583
819 || WEB-CGI mmstdod.cgi access || bugtraq,2063 || cve,2001-0021 || nessus,10566
820 || WEB-CGI anaconda directory transversal attempt || bugtraq,2338 || bugtraq,2388 || cve,2000-0975 || cve,2001-0308
821 || WEB-CGI imagemap.exe overflow attempt || arachnids,412 || bugtraq,739 || cve,1999-0951 || nessus,10122
823 || WEB-CGI cvsweb.cgi access || bugtraq,1469 || cve,2000-0670 || nessus,10465
824 || WEB-CGI php.cgi access || arachnids,232 || bugtraq,2250 || bugtraq,712 || cve,1999-0238 || cve,1999-058 || nessus,10178
825 || WEB-CGI glimpse access || bugtraq,2026 || cve,1999-0147 || nessus,10095
826 || WEB-CGI htmlscript access || bugtraq,2001 || cve,1999-0264 || nessus,10106
827 || WEB-CGI info2www access || bugtraq,1995 || cve,1999-0266 || nessus,10127
828 || WEB-CGI maillist.pl access
829 || WEB-CGI nph-test-cgi access || arachnids,224 || bugtraq,686 || cve,1999-0045 || nessus,10165
830 || WEB-CGI NPH-publish access || cve,1999-1177 || nessus,10164
832 || WEB-CGI perl.exe access || arachnids,219 || cve,1999-0509 || nessus,10173 || url,www.cert.org/advisories/CA-1996-11.html
833 || WEB-CGI rguest.exe access || bugtraq,2024 || cve,1999-0287 || cve,1999-0467
834 || WEB-CGI rwwwshell.pl access || url,www.itsecurity.com/papers/p37.htm
835 || WEB-CGI test-cgi access || arachnids,218 || bugtraq,2003 || cve,1999-0070 || nessus,10282
836 || WEB-CGI textcounter.pl access || bugtraq,2265 || cve,1999-1479 || nessus,11451
837 || WEB-CGI uploader.exe access || bugtraq,1611 || cve,1999-0177 || cve,2000-0769 || nessus,10291
838 || WEB-CGI webgais access || arachnids,472 || bugtraq,2058 || cve,1999-0176 || nessus,10300
839 || WEB-CGI finger access || arachnids,221 || cve,1999-0612 || nessus,10071
840 || WEB-CGI perlshop.cgi access || cve,1999-1374
841 || WEB-CGI pfdisplay.cgi access || bugtraq,64 || cve,1999-0270 || nessus,10174
842 || WEB-CGI aglimpse access || bugtraq,2026 || cve,1999-0147 || nessus,10095
843 || WEB-CGI anform2 access || arachnids,225 || bugtraq,719 || cve,1999-0066
844 || WEB-CGI args.bat access || cve,1999-1180 || nessus,11465
845 || WEB-CGI AT-admin.cgi access || cve,1999-1072
846 || WEB-CGI bnbform.cgi access || bugtraq,2147 || cve,1999-0937
847 || WEB-CGI campas access || bugtraq,1975 || cve,1999-0146 || nessus,10035
848 || WEB-CGI view-source directory traversal || bugtraq,2251 || bugtraq,8883 || cve,1999-0174
849 || WEB-CGI view-source access || bugtraq,2251 || bugtraq,8883 || cve,1999-0174
850 || WEB-CGI wais.pl access
851 || WEB-CGI files.pl access || cve,1999-1081
852 || WEB-CGI wguest.exe access || bugtraq,2024 || cve,1999-0287 || cve,1999-0467
853 || WEB-CGI wrap access || arachnids,234 || bugtraq,373 || cve,1999-0149 || nessus,10317
854 || WEB-CGI classifieds.cgi access || bugtraq,2020 || cve,1999-0934
855 || WEB-CGI edit.pl access || bugtraq,2713
856 || WEB-CGI environ.cgi access
857 || WEB-CGI faxsurvey access || bugtraq,2056 || cve,1999-0262 || nessus,10067
858 || WEB-CGI filemail access || cve,1999-1154
859 || WEB-CGI man.sh access || bugtraq,2276 || cve,1999-1179
860 || WEB-CGI snork.bat access || arachnids,220 || bugtraq,1053 || cve,2000-0169
861 || WEB-CGI w3-msql access || arachnids,210 || bugtraq,591 || bugtraq,898 || cve,1999-0276 || cve,1999-0753 || cve,2000-0012 || nessus,10296
862 || WEB-CGI csh access || cve,1999-0509 || url,www.cert.org/advisories/CA-1996-11.html
863 || WEB-CGI day5datacopier.cgi access || cve,1999-1232
864 || WEB-CGI day5datanotifier.cgi access || cve,1999-1232
865 || WEB-CGI ksh access || cve,1999-0509 || url,www.cert.org/advisories/CA-1996-11.html
866 || WEB-CGI post-query access || bugtraq,6752 || cve,2001-0291
867 || WEB-CGI visadmin.exe access || bugtraq,1808 || cve,1999-0970 || cve,1999-1970 || nessus,10295
868 || WEB-CGI rsh access || cve,1999-0509 || url,www.cert.org/advisories/CA-1996-11.html
869 || WEB-CGI dumpenv.pl access || cve,1999-1178 || nessus,10060
870 || WEB-CGI snorkerz.cmd access
871 || WEB-CGI survey.cgi access || bugtraq,1817 || cve,1999-0936
872 || WEB-CGI tcsh access || cve,1999-0509 || url,www.cert.org/advisories/CA-1996-11.html
873 || WEB-CGI scriptalias access || arachnids,227 || bugtraq,2300 || cve,1999-0236
874 || WEB-CGI w3-msql solaris x86  access || arachnids,211 || cve,1999-0276
875 || WEB-CGI win-c-sample.exe access || arachnids,231 || bugtraq,2078 || cve,1999-0178 || nessus,10008
877 || WEB-CGI rksh access || cve,1999-0509 || url,www.cert.org/advisories/CA-1996-11.html
878 || WEB-CGI w3tvars.pm access
879 || WEB-CGI admin.pl access || bugtraq,3839 || url,online.securityfocus.com/archive/1/249355
880 || WEB-CGI LWGate access || url,www.netspace.org/~dwb/lwgate/lwgate-history.html || url,www.wiretrip.net/rfp/p/doc.asp/i2/d6.htm
881 || WEB-CGI archie access
882 || WEB-CGI calendar access
883 || WEB-CGI flexform access || url,www.wiretrip.net/rfp/p/doc.asp/i2/d6.htm
884 || WEB-CGI formmail access || arachnids,226 || bugtraq,1187 || bugtraq,2079 || cve,1999-0172 || cve,2000-0411 || nessus,10076 || nessus,10782
885 || WEB-CGI bash access || cve,1999-0509 || url,www.cert.org/advisories/CA-1996-11.html
886 || WEB-CGI phf access || arachnids,128 || bugtraq,629 || cve,1999-0067
887 || WEB-CGI www-sql access || url,marc.theaimsgroup.com/?l=bugtraq&m=88704258804054&w=2
888 || WEB-CGI wwwadmin.pl access
889 || WEB-CGI ppdscgi.exe access || bugtraq,491 || nessus,10187 || url,online.securityfocus.com/archive/1/16878
890 || WEB-CGI sendform.cgi access || bugtraq,5286 || cve,2002-0710 || url,www.scn.org/help/sendform.txt
891 || WEB-CGI upload.pl access
892 || WEB-CGI AnyForm2 access || bugtraq,719 || cve,1999-0066 || nessus,10277
893 || WEB-CGI MachineInfo access || cve,1999-1067
894 || WEB-CGI bb-hist.sh access || bugtraq,142 || cve,1999-1462 || nessus,10025
895 || WEB-CGI redirect access || bugtraq,1179 || cve,2000-0382
896 || WEB-CGI way-board access || bugtraq,2370 || cve,2001-0214 || nessus,10610
897 || WEB-CGI pals-cgi access || bugtraq,2372 || cve,2001-0216 || cve,2001-0217 || nessus,10611
898 || WEB-CGI commerce.cgi access || bugtraq,2361 || cve,2001-0210 || nessus,10612
899 || WEB-CGI Amaya templates sendtemp.pl directory traversal attempt || bugtraq,2504 || cve,2001-0272
900 || WEB-CGI webspirs.cgi directory traversal attempt || bugtraq,2362 || cve,2001-0211 || nessus,10616
901 || WEB-CGI webspirs.cgi access || bugtraq,2362 || cve,2001-0211 || nessus,10616
902 || WEB-CGI tstisapi.dll access || bugtraq,2381 || cve,2001-0302
903 || WEB-COLDFUSION cfcache.map access || bugtraq,917 || cve,2000-0057
904 || WEB-COLDFUSION exampleapp application.cfm || bugtraq,1021 || cve,2000-0189
905 || WEB-COLDFUSION application.cfm access || bugtraq,1021 || cve,2000-0189
906 || WEB-COLDFUSION getfile.cfm access || bugtraq,229 || cve,1999-0800
907 || WEB-COLDFUSION addcontent.cfm access
908 || WEB-COLDFUSION administrator access || bugtraq,1314 || cve,2000-0538
909 || WEB-COLDFUSION datasource username attempt || bugtraq,550
910 || WEB-COLDFUSION fileexists.cfm access || bugtraq,550
911 || WEB-COLDFUSION exprcalc access || bugtraq,115 || bugtraq,550 || cve,1999-0455
912 || WEB-COLDFUSION parks access || bugtraq,550
913 || WEB-COLDFUSION cfappman access || bugtraq,550
914 || WEB-COLDFUSION beaninfo access || bugtraq,550
915 || WEB-COLDFUSION evaluate.cfm access || bugtraq,550
916 || WEB-COLDFUSION getodbcdsn access || bugtraq,550
917 || WEB-COLDFUSION db connections flush attempt || bugtraq,550
918 || WEB-COLDFUSION expeval access || bugtraq,550 || cve,1999-0477
919 || WEB-COLDFUSION datasource passwordattempt || bugtraq,550
920 || WEB-COLDFUSION datasource attempt || bugtraq,550
921 || WEB-COLDFUSION admin encrypt attempt || bugtraq,550
922 || WEB-COLDFUSION displayfile access || bugtraq,550
923 || WEB-COLDFUSION getodbcin attempt || bugtraq,550