sid-msg.map

snort入侵检测规则文件2.4 Snort是众所周知的网络入侵检测工具

924 || WEB-COLDFUSION admin decrypt attempt || bugtraq,550
925 || WEB-COLDFUSION mainframeset access || bugtraq,550
926 || WEB-COLDFUSION set odbc ini attempt || bugtraq,550
927 || WEB-COLDFUSION settings refresh attempt || bugtraq,550
928 || WEB-COLDFUSION exampleapp access
929 || WEB-COLDFUSION CFUSION_VERIFYMAIL access || bugtraq,550
930 || WEB-COLDFUSION snippets attempt || bugtraq,550
931 || WEB-COLDFUSION cfmlsyntaxcheck.cfm access || bugtraq,550
932 || WEB-COLDFUSION application.cfm access || arachnids,268 || bugtraq,550 || cve,2000-0189
933 || WEB-COLDFUSION onrequestend.cfm access || arachnids,269 || bugtraq,550 || cve,2000-0189
935 || WEB-COLDFUSION startstop DOS access || bugtraq,247
936 || WEB-COLDFUSION gettempdirectory.cfm access  || bugtraq,550
937 || WEB-FRONTPAGE _vti_rpc access || bugtraq,2144 || cve,2001-0096 || nessus,10585
939 || WEB-FRONTPAGE posting || bugtraq,2144 || cve,2001-0096 || nessus,10585 || url,www.microsoft.com/technet/security/bulletin/MS00-100.mspx
940 || WEB-FRONTPAGE shtml.dll access || arachnids,292 || bugtraq,1174 || bugtraq,1594 || bugtraq,1595 || cve,2000-0413 || cve,2000-0746 || nessus,11395 || url,www.microsoft.com/technet/security/bulletin/ms00-060.mspx
941 || WEB-FRONTPAGE contents.htm access
942 || WEB-FRONTPAGE orders.htm access
943 || WEB-FRONTPAGE fpsrvadm.exe access
944 || WEB-FRONTPAGE fpremadm.exe access
945 || WEB-FRONTPAGE fpadmin.htm access
946 || WEB-FRONTPAGE fpadmcgi.exe access
947 || WEB-FRONTPAGE orders.txt access
948 || WEB-FRONTPAGE form_results access || cve,1999-1052
949 || WEB-FRONTPAGE registrations.htm access
950 || WEB-FRONTPAGE cfgwiz.exe access
951 || WEB-FRONTPAGE authors.pwd access || bugtraq,989 || cve,1999-0386 || nessus,10078
952 || WEB-FRONTPAGE author.exe access
953 || WEB-FRONTPAGE administrators.pwd access || bugtraq,1205
954 || WEB-FRONTPAGE form_results.htm access || cve,1999-1052
955 || WEB-FRONTPAGE access.cnf access || bugtraq,4078 || nessus,10575
956 || WEB-FRONTPAGE register.txt access
957 || WEB-FRONTPAGE registrations.txt access
958 || WEB-FRONTPAGE service.cnf access || bugtraq,4078 || nessus,10575
959 || WEB-FRONTPAGE service.pwd || bugtraq,1205
960 || WEB-FRONTPAGE service.stp access
961 || WEB-FRONTPAGE services.cnf access || bugtraq,4078 || nessus,10575
962 || WEB-FRONTPAGE shtml.exe access || bugtraq,1174 || bugtraq,1608 || bugtraq,5804 || cve,2000-0413 || cve,2000-0709 || cve,2002-0692 || nessus,10405 || nessus,11311
963 || WEB-FRONTPAGE svcacl.cnf access || bugtraq,4078 || nessus,10575
964 || WEB-FRONTPAGE users.pwd access
965 || WEB-FRONTPAGE writeto.cnf access || bugtraq,4078 || nessus,10575
966 || WEB-FRONTPAGE .... request || arachnids,248 || bugtraq,989 || cve,1999-0386 || cve,2000-0153 || nessus,10142
967 || WEB-FRONTPAGE dvwssr.dll access || arachnids,271 || bugtraq,1108 || bugtraq,1109 || cve,2000-0260 || url,www.microsoft.com/technet/security/bulletin/ms00-025.mspx
968 || WEB-FRONTPAGE register.htm access
969 || WEB-IIS WebDAV file lock attempt || bugtraq,2736
970 || WEB-IIS multiple decode attempt || bugtraq,2708 || cve,2001-0333 || nessus,10671
971 || WEB-IIS ISAPI .printer access || arachnids,533 || bugtraq,2674 || cve,2001-0241 || nessus,10661 || url,www.microsoft.com/technet/security/bulletin/MS01-023.mspx
972 || WEB-IIS %2E-asp access || bugtraq,1814 || cve,1999-0253
973 || WEB-IIS *.idc attempt || bugtraq,1448 || cve,1999-0874 || cve,2000-0661
974 || WEB-IIS Directory transversal attempt || bugtraq,2218 || cve,1999-0229
975 || WEB-IIS Alternate Data streams ASP file access attempt || bugtraq,149 || cve,1999-0278 || nessus,10362 || url,support.microsoft.com/default.aspx?scid=kb\
976 || WEB-IIS .bat? access || bugtraq,2023 || cve,1999-0233 || url,support.microsoft.com/support/kb/articles/Q148/1/88.asp || url,support.microsoft.com/support/kb/articles/Q155/0/56.asp
977 || WEB-IIS .cnf access || bugtraq,4078 || nessus,10575
978 || WEB-IIS ASP contents view || bugtraq,1084 || cve,2000-0302 || nessus,10356 || url,www.microsoft.com/technet/security/bulletin/MS00-006.mspx
979 || WEB-IIS ASP contents view || bugtraq,1861 || cve,2000-0942 || url,www.microsoft.com/technet/security/bulletin/MS00-006.mspx
980 || WEB-IIS CGImail.exe access || bugtraq,1623 || cve,2000-0726
981 || WEB-IIS unicode directory traversal attempt || bugtraq,1806 || cve,2000-0884 || nessus,10537
982 || WEB-IIS unicode directory traversal attempt || bugtraq,1806 || cve,2000-0884 || nessus,10537
983 || WEB-IIS unicode directory traversal attempt || bugtraq,1806 || cve,2000-0884 || nessus,10537
984 || WEB-IIS JET VBA access || bugtraq,307 || cve,1999-0874 || nessus,10116
985 || WEB-IIS JET VBA access || bugtraq,286 || cve,1999-0874
986 || WEB-IIS MSProxy access || url,support.microsoft.com/?kbid=331066
987 || WEB-IIS .htr access || bugtraq,1488 || cve,2000-0630 || nessus,10680
988 || WEB-IIS SAM Attempt || url,www.ciac.org/ciac/bulletins/h-45.shtml
989 || BACKDOOR sensepost.exe command shell attempt || nessus,11003
990 || WEB-FRONTPAGE _vti_inf.html access || nessus,11455
991 || WEB-IIS achg.htr access || bugtraq,2110 || cve,1999-0407
992 || WEB-IIS adctest.asp access
993 || WEB-IIS iisadmin access || bugtraq,189 || cve,1999-1538 || nessus,11032
994 || WEB-IIS /scripts/iisadmin/default.htm access
995 || WEB-IIS ism.dll access || bugtraq,189 || cve,1999-1538 || cve,2000-0630
996 || WEB-IIS anot.htr access || bugtraq,2110 || cve,1999-0407
997 || WEB-IIS asp-dot attempt || bugtraq,1814 || nessus,10363
998 || WEB-IIS asp-srch attempt
999 || WEB-IIS bdir access || bugtraq,2280
1000 || WEB-IIS bdir.htr access || bugtraq,2280 || nessus,10577
1001 || WEB-MISC carbo.dll access || bugtraq,2126 || cve,1999-1069
1002 || WEB-IIS cmd.exe access
1003 || WEB-IIS cmd? access
1004 || WEB-IIS codebrowser Exair access || cve,1999-0499 || cve,1999-0815
1005 || WEB-IIS codebrowser SDK access || bugtraq,167 || cve,1999-0736
1007 || WEB-IIS cross-site scripting attempt || bugtraq,119 || bugtraq,1594 || bugtraq,1595 || cve,2000-0746 || cve,2000-1104 || nessus,10572 || url,www.microsoft.com/technet/security/bulletin/MS00-028.mspx
1008 || WEB-IIS del attempt
1009 || WEB-IIS directory listing || nessus,10573
1010 || WEB-IIS encoding access || arachnids,200 || bugtraq,886 || cve,2000-0024 || url,http//www.microsoft.com/technet/security/bulletin/MS99-061.mspx
1011 || WEB-IIS exec-src access
1012 || WEB-IIS fpcount attempt || bugtraq,2252 || cve,1999-1376
1013 || WEB-IIS fpcount access || bugtraq,2252 || cve,1999-1376
1015 || WEB-IIS getdrvs.exe access
1016 || WEB-IIS global.asa access || cve,2000-0778 || nessus,10491 || nessus,10991
1017 || WEB-IIS idc-srch attempt || cve,1999-0874
1018 || WEB-IIS iisadmpwd attempt || bugtraq,2110 || cve,1999-0407
1019 || IIS Malformed Hit-Highlighting Argument File Access Attempt || bugtraq,950 || cve,2000-0097 || url,www.microsoft.com/technet/security/bulletin/ms00-006.mspx || url,www.securityfocus.com/archive/1/43762
1020 || WEB-IIS isc$data attempt || bugtraq,307 || cve,1999-0874 || nessus,10116
1021 || WEB-IIS ism.dll attempt || bugtraq,1193 || cve,2000-0457 || nessus,10680 || url,www.microsoft.com/technet/security/bulletin/MS00-031.mspx
1022 || WEB-IIS jet vba access || bugtraq,286 || cve,1999-0874
1023 || WEB-IIS msadcs.dll access || bugtraq,529 || cve,1999-1011 || nessus,10357
1024 || WEB-IIS newdsn.exe access || bugtraq,1818 || cve,1999-0191 || nessus,10360
1025 || WEB-IIS perl access
1026 || WEB-IIS perl-browse newline attempt || bugtraq,6833
1027 || WEB-IIS perl-browse space attempt || bugtraq,6833
1028 || WEB-IIS query.asp access || bugtraq,193 || cve,1999-0449
1029 || WEB-IIS scripts-browse access || nessus,11032
1030 || WEB-IIS search97.vts access || bugtraq,162
1031 || WEB-IIS /SiteServer/Publishing/viewcode.asp access || nessus,10576
1032 || WEB-IIS showcode access || nessus,10576
1033 || WEB-IIS showcode access || nessus,10576
1034 || WEB-IIS showcode access || nessus,10576
1035 || WEB-IIS showcode access || nessus,10576
1036 || WEB-IIS showcode access || nessus,10576
1037 || WEB-IIS showcode.asp access || bugtraq,167 || cve,1999-0736 || nessus,10007 || url,www.microsoft.com/technet/security/bulletin/MS99-013.mspx
1038 || WEB-IIS site server config access || bugtraq,256 || cve,1999-1520
1039 || WEB-IIS srch.htm access
1040 || WEB-IIS srchadm access || nessus,11032
1041 || WEB-IIS uploadn.asp access || bugtraq,1811 || cve,1999-0360
1042 || WEB-IIS view source via translate header || arachnids,305 || bugtraq,1578 || cve,2000-0778
1043 || WEB-IIS viewcode.asp access || cve,1999-0737 || nessus,10576
1044 || WEB-IIS webhits access || arachnids,237 || bugtraq,950 || cve,2000-0097
1045 || WEB-IIS Unauthorized IP Access Attempt
1046 || WEB-IIS site/iisamples access || nessus,10370
1047 || WEB-MISC Netscape Enterprise DOS || bugtraq,2294 || cve,2001-0251
1048 || WEB-MISC Netscape Enterprise directory listing attempt || bugtraq,2285 || cve,2001-0250
1049 || WEB-MISC iPlanet ../../ DOS attempt || bugtraq,2282 || cve,2001-0252
1050 || WEB-MISC iPlanet GETPROPERTIES attempt || bugtraq,2732 || cve,2001-0746
1051 || WEB-CGI technote main.cgi file directory traversal attempt || bugtraq,2156 || cve,2001-0075 || nessus,10584
1052 || WEB-CGI technote print.cgi directory traversal attempt || bugtraq,2156 || cve,2001-0075 || nessus,10584
1053 || WEB-CGI ads.cgi command execution attempt || bugtraq,2103 || cve,2001-0025 || nessus,11464
1054 || WEB-MISC weblogic/tomcat .jsp view source attempt || bugtraq,2527
1055 || WEB-MISC Tomcat directory traversal attempt || bugtraq,2518
1056 || WEB-MISC Tomcat view source attempt || bugtraq,2527 || cve,2001-0590
1057 || WEB-MISC ftp attempt
1058 || WEB-MISC xp_enumdsn attempt
1059 || WEB-MISC xp_filelist attempt
1060 || WEB-MISC xp_availablemedia attempt
1061 || WEB-MISC xp_cmdshell attempt
1062 || WEB-MISC nc.exe attempt
1064 || WEB-MISC wsh attempt
1065 || WEB-MISC rcmd attempt
1066 || WEB-MISC telnet attempt
1067 || WEB-MISC net attempt
1068 || WEB-MISC tftp attempt
1069 || WEB-MISC xp_regread attempt
1070 || WEB-MISC WebDAV search access || arachnids,474 || bugtraq,1756 || cve,2000-0951
1071 || WEB-MISC .htpasswd access
1072 || WEB-MISC Lotus Domino directory traversal || bugtraq,2173 || cve,2001-0009 || nessus,12248
1073 || WEB-MISC webhits.exe access || bugtraq,950 || cve,2000-0097
1075 || WEB-IIS postinfo.asp access || bugtraq,1811 || cve,1999-0360
1076 || WEB-IIS repost.asp access || nessus,10372
1077 || WEB-MISC queryhit.htm access || nessus,10370
1078 || WEB-MISC counter.exe access || bugtraq,267 || cve,1999-1030
1079 || WEB-MISC WebDAV propfind access || bugtraq,1656 || cve,2000-0869
1080 || WEB-MISC unify eWave ServletExec upload || bugtraq,1868 || bugtraq,1876 || cve,2000-1024 || cve,2000-1025 || nessus,10570
1081 || WEB-MISC Netscape Servers suite DOS || bugtraq,1868 || cve,2000-1025
1082 || WEB-MISC amazon 1-click cookie theft || bugtraq,1194 || cve,2000-0439
1083 || WEB-MISC unify eWave ServletExec DOS || bugtraq,1868 || cve,2000-1025
1084 || WEB-MISC Allaire JRUN DOS attempt || bugtraq,2337 || cve,2000-1049
1085 || WEB-PHP strings overflow || arachnids,431 || bugtraq,802
1086 || WEB-PHP strings overflow || arachnids,430 || bugtraq,1786 || cve,2000-0967
1087 || WEB-MISC whisker tab splice attack || arachnids,415 || url,www.wiretrip.net/rfp/pages/whitepapers/whiskerids.html
1088 || WEB-CGI eXtropia webstore directory traversal || bugtraq,1774 || cve,2000-1005 || nessus,10532
1089 || WEB-CGI shopping cart directory traversal || bugtraq,1777 || cve,2000-0921
1090 || WEB-CGI Allaire Pro Web Shell attempt
1091 || WEB-MISC ICQ Webfront HTTP DOS || bugtraq,1463 || cve,2000-1078
1092 || WEB-CGI Armada Style Master Index directory traversal || bugtraq,1772 || cve,2000-0924 || nessus,10562 || url,www.synnergy.net/downloads/advisories/SLA-2000-16.masterindex.txt
1093 || WEB-CGI cached_feed.cgi moreover shopping cart directory traversal || bugtraq,1762 || cve,2000-0906
1094 || WEB-CGI webstore directory traversal || bugtraq,1774 || cve,2000-1005
1095 || WEB-MISC Talentsoft Web+ Source Code view access || bugtraq,1722 || url,archives.neohapsis.com/archives/ntbugtraq/2000-q3/0168.html
1096 || WEB-MISC Talentsoft Web+ internal IP Address access || bugtraq,1720 || url,archives.neohapsis.com/archives/ntbugtraq/2000-q3/0168.html
1097 || WEB-CGI Talentsoft Web+ exploit attempt || bugtraq,1725
1098 || WEB-MISC SmartWin CyberOffice Shopping Cart access || bugtraq,1734 || cve,2000-0925
1099 || WEB-MISC cybercop scan || arachnids,374
1100 || WEB-MISC L3retriever HTTP Probe || arachnids,310
1101 || WEB-MISC Webtrends HTTP probe || arachnids,309
1102 || WEB-MISC nessus 1.X 404 probe || arachnids,301
1103 || WEB-MISC Netscape admin passwd || bugtraq,1579 || nessus,10468
1104 || WEB-MISC whisker space splice attack || arachnids,296 || url,www.wiretrip.net/rfp/pages/whitepapers/whiskerids.html
1105 || WEB-MISC BigBrother access || bugtraq,1455 || cve,2000-0638 || nessus,10460
1106 || WEB-CGI Poll-it access || bugtraq,1431 || cve,2000-0590 || nessus,10459
1107 || WEB-MISC ftp.pl access || bugtraq,1471 || cve,2000-0674 || nessus,10467
1108 || WEB-MISC Tomcat server snoop access || bugtraq,1532 || cve,2000-0760
1109 || WEB-MISC ROXEN directory list attempt || bugtraq,1510 || cve,2000-0671
1110 || WEB-MISC apache source.asp file access || bugtraq,1457 || cve,2000-0628 || nessus,10480
1111 || WEB-MISC Tomcat server exploit access || bugtraq,1548 || cve,2000-0672 || nessus,10477
1112 || WEB-MISC http directory traversal || arachnids,298
1113 || WEB-MISC http directory traversal || arachnids,297
1114 || WEB-MISC prefix-get //
1115 || WEB-MISC ICQ webserver DOS || cve,1999-0474 || url,www.securiteam.com/exploits/2ZUQ1QAQOG.html
1116 || WEB-MISC Lotus DelDoc attempt
1117 || WEB-MISC Lotus EditDoc attempt || url,www.securiteam.com/exploits/5NP080A1RE.html
1118 || WEB-MISC ls%20-l
1119 || WEB-MISC mlog.phtml access || bugtraq,713 || cve,1999-0068 || cve,1999-0346
1120 || WEB-MISC mylog.phtml access || bugtraq,713 || cve,1999-0068 || cve,1999-0346
1121 || WEB-MISC O'Reilly args.bat access
1122 || WEB-MISC /etc/passwd
1123 || WEB-MISC ?PageServices access || bugtraq,1063 || bugtraq,7621 || cve,1999-0269
1124 || WEB-MISC Ecommerce check.txt a