Sourcefire VRT Rules Update

Date: 2012-10-30

This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 2.9.3.0.

The format of the file is:

gid:sid <-> Default rule state <-> Message (rule group)

New Rules:


 * 1:24520 <-> DISABLED <-> PROTOCOL-VOIP Avaya IP Office invalid file upload attempt (protocol-voip.rules)
 * 1:24514 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Lucuis variant outbound connection (malware-cnc.rules)
 * 1:24540 <-> DISABLED <-> MALWARE-BACKDOOR Win.Trojan.Spy.Heur outbound connection attempt (malware-backdoor.rules)
 * 1:24530 <-> ENABLED <-> MALWARE-BACKDOOR Win.Trojan.Ransomlock runtime detection (malware-backdoor.rules)
 * 1:24539 <-> DISABLED <-> MALWARE-CNC WIN.Trojan.Ransom variant outbound connection attempt (malware-cnc.rules)
 * 1:24498 <-> DISABLED <-> FILE-OTHER Java JNLP parameter argument injection attempt (file-other.rules)
 * 1:24536 <-> DISABLED <-> EXPLOIT HP Intelligent Management Center uam.exe stack buffer overflow attempt (exploit.rules)
 * 1:24543 <-> ENABLED <-> EXPLOIT-KIT Blackhole admin page inbound access attempt (exploit-kit.rules)
 * 1:24521 <-> DISABLED <-> SERVER-WEBAPP OpenStack Compute directory traversal attempt (server-webapp.rules)
 * 1:24512 <-> DISABLED <-> EXPLOIT Citrix Provisioning Services opcode buffer overflow attempt (exploit.rules)
 * 1:24531 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Scondatie.A outbound connection (malware-cnc.rules)
 * 1:24529 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Begman variant connection to cnc-server (malware-cnc.rules)
 * 1:24510 <-> ENABLED <-> FILE-OTHER Oracle Java XGetSamplePtrFromSnd memory corruption attempt (file-other.rules)
 * 1:24494 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Vundo variant outbound connection (malware-cnc.rules)
 * 1:24504 <-> ENABLED <-> MALWARE-CNC Win.Trojan.VB variant outbound connection (malware-cnc.rules)
 * 1:24493 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Vundo variant outbound connection (malware-cnc.rules)
 * 1:24491 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Vundo redirection landing page pre-infection (malware-cnc.rules)
 * 1:24534 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Banbra variant outbound connection attempt (malware-cnc.rules)
 * 1:24526 <-> ENABLED <-> BROWSER-PLUGINS Samsung Kies arbitrary file execution attempt (browser-plugins.rules)
 * 1:24518 <-> ENABLED <-> SERVER-WEBAPP Symantec Web Gateway PHP remote code injection attempt (server-webapp.rules)
 * 1:24505 <-> DISABLED <-> MALWARE-CNC Win.Trojan.BanSpy variant outbound connection (malware-cnc.rules)
 * 1:24537 <-> DISABLED <-> EXPLOIT HP Intelligent Management Center uam.exe stack buffer overflow attempt (exploit.rules)
 * 1:24515 <-> ENABLED <-> MALWARE-OTHER Win.Trojan.Lucuis malware file download (malware-other.rules)
 * 1:24528 <-> ENABLED <-> BROWSER-PLUGINS Samsung Kies arbitrary file execution attempt (browser-plugins.rules)
 * 1:24500 <-> ENABLED <-> FILE-OTHER Microsoft LNK shortcut arbitrary dll load attempt (file-other.rules)
 * 1:24517 <-> DISABLED <-> SERVER-WEBAPP F5 Networks FirePass my.activation.php3 state parameter sql injection attempt (server-webapp.rules)
 * 1:24524 <-> DISABLED <-> SERVER-MAIL Novell GroupWise internet agent iCalendar parsing denial of service attempt (server-mail.rules)
 * 1:24499 <-> DISABLED <-> FILE-OTHER Java JNLP parameter argument injection attempt (file-other.rules)
 * 1:24522 <-> DISABLED <-> DOS VxWorks RPC request to MGCP service attempt (dos.rules)
 * 1:24535 <-> ENABLED <-> FILE-OTHER Microsoft Windows Embedded Open Type Font malformed name table integer overflow attempt (file-other.rules)
 * 1:24523 <-> ENABLED <-> MALWARE-CNC Win.Backdoor.MautoitRAT variant outbound connection (malware-cnc.rules)
 * 1:24533 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Banker variant outbound connection attempt (malware-cnc.rules)
 * 1:24513 <-> DISABLED <-> EXPLOIT Citrix Provisioning Services opcode buffer overflow attempt (exploit.rules)
 * 1:24511 <-> ENABLED <-> FILE-OTHER Oracle Java XGetSamplePtrFromSnd memory corruption attempt (file-other.rules)
 * 1:24525 <-> ENABLED <-> BROWSER-PLUGINS Samsung Kies arbitrary file execution attempt (browser-plugins.rules)
 * 1:24501 <-> ENABLED <-> EXPLOIT-KIT Blackhole v2 fallback executable download (exploit-kit.rules)
 * 1:24507 <-> DISABLED <-> FILE-PDF Microsoft Windows kernel-mode drivers core font parsing integer overflow attempt (file-pdf.rules)
 * 1:24542 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Beystreet variant outbound connection attempt (malware-cnc.rules)
 * 1:24508 <-> DISABLED <-> FILE-PDF Microsoft Windows kernel-mode drivers core font parsing integer overflow attempt (file-pdf.rules)
 * 1:24503 <-> DISABLED <-> RPC xdrDecodeString caller_name stack overflow attempt (rpc.rules)
 * 1:24532 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Scondatie.A inbound connection (malware-cnc.rules)
 * 1:24506 <-> DISABLED <-> FILE-PDF Adobe Reader null pointer dereference attempt (file-pdf.rules)
 * 1:24492 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Vundo variant outbound connection (malware-cnc.rules)
 * 1:24538 <-> DISABLED <-> EXPLOIT HP Intelligent Management Center uam.exe stack buffer overflow attempt (exploit.rules)
 * 1:24516 <-> ENABLED <-> MALWARE-OTHER Win.Trojan.Lucuis malware file download (malware-other.rules)
 * 1:24495 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Vundo variant outbound connection (malware-cnc.rules)
 * 1:24541 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Unebot outbound connection attempt (malware-cnc.rules)
 * 1:24527 <-> ENABLED <-> BROWSER-PLUGINS Samsung Kies arbitrary file execution attempt (browser-plugins.rules)
 * 1:24544 <-> ENABLED <-> EXPLOIT-KIT Blackhole admin page outbound access attempt (exploit-kit.rules)
 * 1:24519 <-> ENABLED <-> SERVER-WEBAPP Symantec Web Gateway PHP remote code execution attempt (server-webapp.rules)
 * 1:24509 <-> ENABLED <-> FILE-IDENTIFY rmf file download request (file-identify.rules)
 * 1:24502 <-> DISABLED <-> SERVER-WEBAPP TikiWiki tiki-graph_formula.php remote php code execution attempt (server-webapp.rules)
 * 1:24496 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Vundo variant outbound connection (malware-cnc.rules)
 * 1:24497 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Vundo variant outbound connection (malware-cnc.rules)

Modified Rules:


 * 1:8537 <-> DISABLED <-> SERVER-MSSQL xp_sqlinventory unicode vulnerable function attempt (server-mssql.rules)
 * 1:8538 <-> DISABLED <-> SERVER-MSSQL xp_updatecolvbm unicode vulnerable function attempt (server-mssql.rules)
 * 1:8539 <-> DISABLED <-> SERVER-MSSQL xp_updatecolvbm unicode vulnerable function attempt (server-mssql.rules)
 * 1:8540 <-> DISABLED <-> SERVER-MSSQL xp_updatecolvbm vulnerable function attempt (server-mssql.rules)
 * 1:8544 <-> DISABLED <-> MALWARE-OTHER Keylogger nicespy runtime detection - smtp (malware-other.rules)
 * 1:8701 <-> DISABLED <-> SERVER-WEBAPP IceCast header buffer overflow attempt (server-webapp.rules)
 * 1:8708 <-> DISABLED <-> SERVER-WEBAPP Wordpress cache_lastpostdate code injection attempt (server-webapp.rules)
 * 1:8709 <-> DISABLED <-> OS-WINDOWS Microsoft Windows NAT helper components tcp denial of service attempt (os-windows.rules)
 * 1:8710 <-> DISABLED <-> OS-WINDOWS Microsoft Windows NAT helper components udp denial of service attempt (os-windows.rules)
 * 1:8711 <-> DISABLED <-> SERVER-WEBAPP Novell eDirectory HTTP redirection buffer overflow attempt (server-webapp.rules)
 * 1:8712 <-> DISABLED <-> SERVER-WEBAPP cacti graph_image arbitrary command execution attempt (server-webapp.rules)
 * 1:8713 <-> DISABLED <-> SERVER-WEBAPP cacti graph_image SQL injection attempt (server-webapp.rules)
 * 1:8714 <-> DISABLED <-> SERVER-WEBAPP cacti graph_image SQL injection attempt (server-webapp.rules)
 * 1:8715 <-> DISABLED <-> SERVER-WEBAPP cacti graph_image SQL injection attempt (server-webapp.rules)
 * 1:8716 <-> DISABLED <-> SERVER-WEBAPP cacti graph_image SQL injection attempt (server-webapp.rules)
 * 1:8717 <-> DISABLED <-> BROWSER-PLUGINS VsaIDE.DTE ActiveX clsid access (browser-plugins.rules)
 * 1:8719 <-> DISABLED <-> BROWSER-PLUGINS VisualStudio.DTE.8.0 ActiveX clsid access (browser-plugins.rules)
 * 1:8721 <-> DISABLED <-> BROWSER-PLUGINS Outlook Data Object ActiveX clsid access (browser-plugins.rules)
 * 1:8723 <-> ENABLED <-> BROWSER-PLUGINS Microsoft Office Data Source Control 11.0 ActiveX clsid access (browser-plugins.rules)
 * 1:8725 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows System Monitor ActiveX clsid access (browser-plugins.rules)
 * 1:8727 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer XMLHTTP 4.0 ActiveX clsid access (browser-plugins.rules)
 * 1:8734 <-> DISABLED <-> SERVER-WEBAPP Pajax arbitrary command execution attempt (server-webapp.rules)
 * 1:8735 <-> DISABLED <-> BROWSER-PLUGINS BOWebAgent.Webagent.1 ActiveX clsid access (browser-plugins.rules)
 * 1:8737 <-> DISABLED <-> BROWSER-PLUGINS BOWebAgent.Webagent.1 ActiveX function call access (browser-plugins.rules)
 * 1:8738 <-> DISABLED <-> BROWSER-PLUGINS Macrovision InstallShield Update Service ActiveX clsid access (browser-plugins.rules)
 * 1:8740 <-> DISABLED <-> BROWSER-PLUGINS Macrovision InstallShield Update Service ActiveX function call access (browser-plugins.rules)
 * 1:8741 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DAFontStyle.1 ActiveX clsid access (browser-plugins.rules)
 * 1:8743 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DAFontStyle.1 ActiveX function call access (browser-plugins.rules)
 * 1:8744 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DAEvent.1 ActiveX clsid access (browser-plugins.rules)
 * 1:8746 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DAEvent.1 ActiveX function call access (browser-plugins.rules)
 * 1:8747 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DAEndStyle.1 ActiveX clsid access (browser-plugins.rules)
 * 1:8749 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DAEndStyle.1 ActiveX function call access (browser-plugins.rules)
 * 1:8750 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer LM.LMBehaviorFactory.1 ActiveX clsid access (browser-plugins.rules)
 * 1:8752 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer LM.LMBehaviorFactory.1 ActiveX function call access (browser-plugins.rules)
 * 1:8753 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer LM.AutoEffectBvr.1 ActiveX clsid access (browser-plugins.rules)
 * 1:8755 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer LM.AutoEffectBvr.1 ActiveX function call access (browser-plugins.rules)
 * 1:8756 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.SpriteControl ActiveX clsid access (browser-plugins.rules)
 * 1:8758 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.SpriteControl ActiveX function call access (browser-plugins.rules)
 * 1:8759 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.SequencerControl ActiveX clsid access (browser-plugins.rules)
 * 1:8761 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.SequencerControl ActiveX function call access (browser-plugins.rules)
 * 1:8762 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.Sequence ActiveX clsid access (browser-plugins.rules)
 * 1:8764 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.Sequence ActiveX function call access (browser-plugins.rules)
 * 1:8355 <-> ENABLED <-> MALWARE-OTHER Keylogger spybuddy 3.72 runtime detection (malware-other.rules)
 * 1:8253 <-> ENABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP webdav DavrCreateConnection username overflow attempt (os-windows.rules)
 * 1:8157 <-> DISABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP webdav DavrCreateConnection hostname overflow attempt (os-windows.rules)
 * 1:8090 <-> DISABLED <-> SERVER-WEBAPP HP Openview NNM freeIPaddrs.ovpl Unix command execution attempt (server-webapp.rules)
 * 1:8089 <-> DISABLED <-> SERVER-WEBAPP HP Openview NNM cdpView.ovpl Unix command execution attempt (server-webapp.rules)
 * 1:8088 <-> DISABLED <-> SERVER-WEBAPP HP Openview NNM connectedNodes.ovpl Unix command execution attempt (server-webapp.rules)
 * 1:8087 <-> DISABLED <-> SERVER-WEBAPP HP Openview NNM freeIPaddrs.ovpl port 3443 Unix command execution attempt (server-webapp.rules)
 * 1:8086 <-> DISABLED <-> SERVER-WEBAPP HP Openview NNM cdpView.ovpl port 3443 Unix command execution attempt (server-webapp.rules)
 * 1:8085 <-> DISABLED <-> SERVER-WEBAPP HP Openview NNM connectedNodes.ovpl port 3443 Unix command execution attempt (server-webapp.rules)
 * 1:8083 <-> DISABLED <-> OS-WINDOWS Microsoft Windows UPnP Location overflow (os-windows.rules)
 * 1:8082 <-> DISABLED <-> OS-WINDOWS Microsoft Windows UPnP malformed advertisement (os-windows.rules)
 * 1:8526 <-> DISABLED <-> SERVER-MSSQL xp_SetSQLSecurity unicode vulnerable function attempt (server-mssql.rules)
 * 1:8525 <-> DISABLED <-> SERVER-MSSQL xp_proxiedmetadata vulnerable function attempt (server-mssql.rules)
 * 1:8524 <-> DISABLED <-> SERVER-MSSQL xp_proxiedmetadata unicode vulnerable function attempt (server-mssql.rules)
 * 1:8523 <-> DISABLED <-> SERVER-MSSQL xp_proxiedmetadata unicode vulnerable function attempt (server-mssql.rules)
 * 1:8522 <-> DISABLED <-> SERVER-MSSQL xp_printstatements vulnerable function attempt (server-mssql.rules)
 * 1:8521 <-> DISABLED <-> SERVER-MSSQL xp_printstatements unicode vulnerable function attempt (server-mssql.rules)
 * 1:8520 <-> DISABLED <-> SERVER-MSSQL xp_printstatements unicode vulnerable function attempt (server-mssql.rules)
 * 1:8519 <-> DISABLED <-> SERVER-MSSQL xp_peekqueue vulnerable function attempt (server-mssql.rules)
 * 1:8518 <-> DISABLED <-> SERVER-MSSQL xp_peekqueue unicode vulnerable function attempt (server-mssql.rules)
 * 1:8517 <-> DISABLED <-> SERVER-MSSQL xp_peekqueue unicode vulnerable function attempt (server-mssql.rules)
 * 1:8516 <-> DISABLED <-> SERVER-MSSQL xp_oasetproperty vulnerable function attempt (server-mssql.rules)
 * 1:8515 <-> DISABLED <-> SERVER-MSSQL xp_oasetproperty unicode vulnerable function attempt (server-mssql.rules)
 * 1:8514 <-> DISABLED <-> SERVER-MSSQL xp_oasetproperty unicode vulnerable function attempt (server-mssql.rules)
 * 1:8513 <-> DISABLED <-> SERVER-MSSQL xp_oamethod unicode vulnerable function attempt (server-mssql.rules)
 * 1:8512 <-> DISABLED <-> SERVER-MSSQL xp_oamethod vulnerable function attempt (server-mssql.rules)
 * 1:8511 <-> DISABLED <-> SERVER-MSSQL xp_oamethod unicode vulnerable function attempt (server-mssql.rules)
 * 1:8510 <-> DISABLED <-> SERVER-MSSQL xp_oagetproperty vulnerable function attempt (server-mssql.rules)
 * 1:8509 <-> DISABLED <-> SERVER-MSSQL xp_oagetproperty unicode vulnerable function attempt (server-mssql.rules)
 * 1:8508 <-> DISABLED <-> SERVER-MSSQL xp_oagetproperty unicode vulnerable function attempt (server-mssql.rules)
 * 1:8507 <-> DISABLED <-> SERVER-MSSQL xp_oadestroy vulnerable function attempt (server-mssql.rules)
 * 1:8506 <-> DISABLED <-> SERVER-MSSQL xp_oadestroy unicode vulnerable function attempt (server-mssql.rules)
 * 1:8505 <-> DISABLED <-> SERVER-MSSQL xp_oadestroy unicode vulnerable function attempt (server-mssql.rules)
 * 1:8504 <-> DISABLED <-> SERVER-MSSQL xp_enumresultset vulnerable function attempt (server-mssql.rules)
 * 1:8503 <-> DISABLED <-> SERVER-MSSQL xp_enumresultset unicode vulnerable function attempt (server-mssql.rules)
 * 1:8502 <-> DISABLED <-> SERVER-MSSQL xp_enumresultset unicode vulnerable function attempt (server-mssql.rules)
 * 1:8501 <-> DISABLED <-> SERVER-MSSQL xp_displayparamstmt vulnerable function attempt (server-mssql.rules)
 * 1:8500 <-> DISABLED <-> SERVER-MSSQL xp_displayparamstmt unicode vulnerable function attempt (server-mssql.rules)
 * 1:8499 <-> DISABLED <-> SERVER-MSSQL xp_displayparamstmt unicode vulnerable function attempt (server-mssql.rules)
 * 1:8498 <-> DISABLED <-> SERVER-MSSQL sp_oacreate unicode vulnerable function attempt (server-mssql.rules)
 * 1:8497 <-> DISABLED <-> SERVER-MSSQL sp_oacreate vulnerable function attempt (server-mssql.rules)
 * 1:8496 <-> DISABLED <-> SERVER-MSSQL sp_oacreate unicode vulnerable function attempt (server-mssql.rules)
 * 1:8467 <-> DISABLED <-> MALWARE-OTHER Keylogger netobserve runtime detection - remote login response (malware-other.rules)
 * 1:8466 <-> DISABLED <-> MALWARE-OTHER Keylogger netobserve runtime detection - email notification (malware-other.rules)
 * 1:8465 <-> DISABLED <-> MALWARE-OTHER Keylogger netobserve runtime detection - email notification (malware-other.rules)
 * 1:8460 <-> DISABLED <-> OS-WINDOWS SMB Rename invalid buffer type unicode attempt (os-windows.rules)
 * 1:8459 <-> DISABLED <-> OS-WINDOWS SMB Rename invalid buffer type unicode andx attempt (os-windows.rules)
 * 1:8458 <-> DISABLED <-> OS-WINDOWS SMB Rename invalid buffer type attempt (os-windows.rules)
 * 1:8457 <-> DISABLED <-> OS-WINDOWS SMB Rename invalid buffer type andx attempt (os-windows.rules)
 * 1:8456 <-> DISABLED <-> OS-WINDOWS SMB-DS Rename invalid buffer type unicode attempt (os-windows.rules)
 * 1:8455 <-> DISABLED <-> OS-WINDOWS SMB-DS Rename invalid buffer type unicode andx attempt (os-windows.rules)
 * 1:8454 <-> DISABLED <-> OS-WINDOWS SMB-DS Rename invalid buffer type attempt (os-windows.rules)
 * 1:8453 <-> DISABLED <-> OS-WINDOWS SMB-DS Rename invalid buffer type andx attempt (os-windows.rules)
 * 1:8452 <-> DISABLED <-> OS-WINDOWS SMB Rename invalid buffer type unicode attempt (os-windows.rules)
 * 1:8451 <-> DISABLED <-> OS-WINDOWS SMB Rename invalid buffer type unicode andx attempt (os-windows.rules)
 * 1:8450 <-> DISABLED <-> OS-WINDOWS SMB Rename invalid buffer type attempt (os-windows.rules)
 * 1:8449 <-> DISABLED <-> OS-WINDOWS SMB Rename invalid buffer type andx attempt (os-windows.rules)
 * 1:8444 <-> DISABLED <-> SERVER-WEBAPP Trend Micro atxconsole format string server response attempt (server-webapp.rules)
 * 1:8441 <-> DISABLED <-> SERVER-WEBAPP McAfee header buffer overflow attempt (server-webapp.rules)
 * 1:8428 <-> DISABLED <-> SERVER-OTHER SSLv2 openssl get shared ciphers overflow attempt (server-other.rules)
 * 1:8426 <-> DISABLED <-> SERVER-OTHER SSLv3 openssl get shared ciphers overflow attempt (server-other.rules)
 * 1:8425 <-> DISABLED <-> BROWSER-PLUGINS DXImageTransform.Microsoft.NDFXArtEffects ActiveX function call access (browser-plugins.rules)
 * 1:8424 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Forms 2.0 ListBox ActiveX function call access (browser-plugins.rules)
 * 1:8423 <-> DISABLED <-> BROWSER-PLUGINS CEnroll.CEnroll.2 ActiveX function call access (browser-plugins.rules)
 * 1:8422 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Office Outlook View OVCtl ActiveX clsid access (browser-plugins.rules)
 * 1:8421 <-> DISABLED <-> BROWSER-PLUGINS OWC11.DataSourceControl.11 ActiveX function call access (browser-plugins.rules)
 * 1:8420 <-> DISABLED <-> BROWSER-PLUGINS DXImageTransform.Microsoft.Gradient ActiveX function call access (browser-plugins.rules)
 * 1:8419 <-> ENABLED <-> BROWSER-PLUGINS Microsoft Windows Explorer WebViewFolderIcon.WebViewFolderIcon.1 ActiveX function call (browser-plugins.rules)
 * 1:8418 <-> DISABLED <-> BROWSER-PLUGINS DXImageTransform.Microsoft.RevealTrans ActiveX function call access (browser-plugins.rules)
 * 1:8417 <-> DISABLED <-> BROWSER-PLUGINS TriEditDocument.TriEditDocument ActiveX function call access (browser-plugins.rules)
 * 1:8411 <-> DISABLED <-> BROWSER-PLUGINS DocFind Command ActiveX clsid access (browser-plugins.rules)
 * 1:8409 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer Stream Handler ActiveX clsid access (browser-plugins.rules)
 * 1:8407 <-> DISABLED <-> BROWSER-PLUGINS VisualExec Control ActiveX clsid access (browser-plugins.rules)
 * 1:8405 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer ActiveX clsid access (browser-plugins.rules)
 * 1:8403 <-> DISABLED <-> BROWSER-PLUGINS XML Schema Cache 6.0 ActiveX clsid access (browser-plugins.rules)
 * 1:8401 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Media Services DRM Storage ActiveX clsid access (browser-plugins.rules)
 * 1:8399 <-> DISABLED <-> BROWSER-PLUGINS Microsoft.WebCapture ActiveX clsid access (browser-plugins.rules)
 * 1:8397 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Office List 11.0 ActiveX clsid access (browser-plugins.rules)
 * 1:8395 <-> DISABLED <-> BROWSER-PLUGINS DX3DTransform.Microsoft.CrShatter ActiveX clsid access (browser-plugins.rules)
 * 1:8393 <-> DISABLED <-> BROWSER-PLUGINS WebDetectFrm ActiveX clsid access (browser-plugins.rules)
 * 1:8391 <-> DISABLED <-> BROWSER-PLUGINS RFXInstMgr Class ActiveX clsid access (browser-plugins.rules)
 * 1:8389 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer RMP Download Handler ActiveX clsid access (browser-plugins.rules)
 * 1:8387 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer RNX Download Handler ActiveX clsid access (browser-plugins.rules)
 * 1:8385 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer Playback Handler ActiveX clsid access (browser-plugins.rules)
 * 1:8383 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer RAM Download Handler ActiveX clsid access (browser-plugins.rules)
 * 1:8381 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer SMIL Download Handler ActiveX clsid access (browser-plugins.rules)
 * 1:8379 <-> DISABLED <-> BROWSER-PLUGINS Xml2Dex ActiveX clsid access (browser-plugins.rules)
 * 1:8377 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer Download Handler ActiveX clsid access (browser-plugins.rules)
 * 1:8375 <-> DISABLED <-> BROWSER-PLUGINS QuickTime Object ActiveX clsid access (browser-plugins.rules)
 * 1:8373 <-> DISABLED <-> BROWSER-PLUGINS VsmIDE.DTE ActiveX clsid access (browser-plugins.rules)
 * 1:8371 <-> DISABLED <-> BROWSER-PLUGINS Outlook.Application ActiveX clsid access (browser-plugins.rules)
 * 1:8369 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WMIScriptUtils.WMIObjectBroker2.1 ActiveX clsid access (browser-plugins.rules)
 * 1:8367 <-> DISABLED <-> BROWSER-PLUGINS Microsoft.DbgClr.DTE.8.0 ActiveX clsid access (browser-plugins.rules)
 * 1:8365 <-> DISABLED <-> BROWSER-PLUGINS DExplore.AppObj.8.0 ActiveX clsid access (browser-plugins.rules)
 * 1:8363 <-> DISABLED <-> BROWSER-PLUGINS Business Object Factory ActiveX clsid access (browser-plugins.rules)
 * 1:8357 <-> ENABLED <-> MALWARE-OTHER Keylogger spybuddy 3.72 runtime detection - send alert out through email (malware-other.rules)
 * 1:8356 <-> ENABLED <-> MALWARE-OTHER Keylogger spybuddy 3.72 runtime detection - send log out through email (malware-other.rules)
 * 1:2704 <-> DISABLED <-> SERVER-WEBAPP Oracle 10g iSQLPlus login.unix connectID overflow attempt (server-webapp.rules)
 * 1:292 <-> DISABLED <-> OS-LINUX x86 Linux samba overflow (os-linux.rules)
 * 1:2702 <-> DISABLED <-> SERVER-WEBAPP Oracle iSQLPlus username overflow attempt (server-webapp.rules)
 * 1:2703 <-> DISABLED <-> SERVER-WEBAPP Oracle iSQLPlus login.uix username overflow attempt (server-webapp.rules)
 * 1:2672 <-> DISABLED <-> SERVER-WEBAPP sresult.exe access (server-webapp.rules)
 * 1:2701 <-> DISABLED <-> SERVER-WEBAPP Oracle iSQLPlus sid overflow attempt (server-webapp.rules)
 * 1:266 <-> DISABLED <-> OS-OTHER EXPLOIT x86 FreeBSD overflow attempt (os-other.rules)
 * 1:267 <-> DISABLED <-> OS-SOLARIS EXPLOIT sparc overflow attempt (os-solaris.rules)
 * 1:2656 <-> DISABLED <-> SERVER-WEBAPP SSLv2 Client_Hello Challenge Length overflow attempt (server-webapp.rules)
 * 1:2657 <-> DISABLED <-> SERVER-WEBAPP SSLv2 Client_Hello with pad Challenge Length overflow attempt (server-webapp.rules)
 * 1:2654 <-> DISABLED <-> SERVER-WEBAPP PHPNuke Forum viewtopic SQL insertion attempt (server-webapp.rules)
 * 1:2655 <-> DISABLED <-> SERVER-OTHER HP Web JetAdmin ExecuteFile admin access (server-other.rules)
 * 1:264 <-> DISABLED <-> OS-LINUX OS-LINUX x86 Linux overflow attempt (os-linux.rules)
 * 1:265 <-> DISABLED <-> OS-LINUX OS-LINUX x86 Linux overflow attempt ADMv2 (os-linux.rules)
 * 1:261 <-> DISABLED <-> SERVER-OTHER Bind named overflow attempt (server-other.rules)
 * 1:262 <-> DISABLED <-> OS-LINUX OS-LINUX x86 Linux overflow attempt (os-linux.rules)
 * 1:2598 <-> DISABLED <-> SERVER-WEBAPP Samba SWAT Authorization port 901 overflow attempt (server-webapp.rules)
 * 1:260 <-> DISABLED <-> SERVER-OTHER Bind Buffer Overflow via NXT records named overflow ADMROCKS (server-other.rules)
 * 1:2597 <-> DISABLED <-> SERVER-WEBAPP Samba SWAT Authorization overflow attempt (server-webapp.rules)
 * 1:2588 <-> DISABLED <-> SERVER-WEBAPP TUTOS path disclosure attempt (server-webapp.rules)
 * 1:259 <-> DISABLED <-> SERVER-OTHER Bind Buffer Overflow via NXT records named overflow ADM (server-other.rules)
 * 1:2583 <-> DISABLED <-> SERVER-OTHER CVS Max-dotdot integer overflow attempt (server-other.rules)
 * 1:2585 <-> ENABLED <-> SERVER-WEBAPP nessus 2.x 404 probe (server-webapp.rules)
 * 1:2581 <-> DISABLED <-> SERVER-WEBAPP SAP Crystal Reports crystalimagehandler.aspx access (server-webapp.rules)
 * 1:2582 <-> DISABLED <-> OS-WINDOWS SAP Crystal Reports crystalImageHandler.asp directory traversal attempt (os-windows.rules)
 * 1:258 <-> DISABLED <-> SERVER-OTHER Bind Buffer Overflow via NXT records (server-other.rules)
 * 1:2580 <-> DISABLED <-> SERVER-WEBAPP server negative Content-Length attempt (server-webapp.rules)
 * 1:2570 <-> DISABLED <-> SERVER-WEBAPP Invalid HTTP Version String (server-webapp.rules)
 * 1:2575 <-> DISABLED <-> SERVER-WEBAPP Opt-X header.php remote file include attempt (server-webapp.rules)
 * 1:2566 <-> DISABLED <-> SERVER-WEBAPP PHPBB viewforum.php access (server-webapp.rules)
 * 1:2569 <-> DISABLED <-> SERVER-WEBAPP cPanel resetpass access (server-webapp.rules)
 * 1:2562 <-> DISABLED <-> SERVER-WEBAPP McAfee ePO file upload attempt (server-webapp.rules)
 * 1:2565 <-> DISABLED <-> SERVER-WEBAPP modules.php access (server-webapp.rules)
 * 1:2549 <-> DISABLED <-> SERVER-OTHER HP Web JetAdmin file write attempt (server-other.rules)
 * 1:2561 <-> DISABLED <-> SERVER-OTHER rsync backup-dir directory traversal attempt (server-other.rules)
 * 1:2547 <-> DISABLED <-> SERVER-OTHER HP Web JetAdmin remote file upload attempt (server-other.rules)
 * 1:2548 <-> DISABLED <-> SERVER-OTHER HP Web JetAdmin setinfo access (server-other.rules)
 * 1:2511 <-> ENABLED <-> OS-WINDOWS DCERPC NCADG-IP-UDP lsass DsRolerUpgradeDownlevelServer overflow attempt (os-windows.rules)
 * 1:2515 <-> DISABLED <-> OS-WINDOWS PCT Client_Hello overflow attempt (os-windows.rules)
 * 1:2508 <-> ENABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP lsass DsRolerUpgradeDownlevelServer overflow attempt (os-windows.rules)
 * 1:2488 <-> DISABLED <-> SERVER-MAIL WinZip MIME content-disposition buffer overflow (server-mail.rules)
 * 1:250 <-> DISABLED <-> MALWARE-OTHER mstream handler to client (malware-other.rules)
 * 1:2485 <-> DISABLED <-> BROWSER-PLUGINS Symantec Norton Internet Security 2004 ActiveX clsid access (browser-plugins.rules)
 * 1:2487 <-> DISABLED <-> SERVER-MAIL WinZip MIME content-type buffer overflow (server-mail.rules)
 * 1:245 <-> DISABLED <-> MALWARE-OTHER mstream handler ping to agent (malware-other.rules)
 * 1:24482 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Chif variant outbound connection (malware-cnc.rules)
 * 1:4209 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer LexRefStFrObject Class ActiveX object access (browser-plugins.rules)
 * 1:4208 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer LexRefStEsObject Class ActiveX object access (browser-plugins.rules)
 * 1:4207 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Audio Decompressor Control Property Page ActiveX object access (browser-plugins.rules)
 * 1:4206 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MPEG-4 Video Decompressor Property Page ActiveX object access (browser-plugins.rules)
 * 1:4205 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Visual Database Tools Database Designer v7.0 ActiveX object access (browser-plugins.rules)
 * 1:4204 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DT PolyLine Control 2 ActiveX object access (browser-plugins.rules)
 * 1:4203 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Marquee Control ActiveX object access (browser-plugins.rules)
 * 1:4202 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows DirectAnimation ActiveX object access (browser-plugins.rules)
 * 1:8069 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Virtual Machine ActiveX clsid access (browser-plugins.rules)
 * 1:8068 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Scripting Host Shell ActiveX function call access (browser-plugins.rules)
 * 1:8066 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Scripting Host Shell ActiveX clsid access (browser-plugins.rules)
 * 1:8064 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Scriptlet.Typelib ActiveX clsid access (browser-plugins.rules)
 * 1:8063 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer ADODB.Stream ActiveX function call access (browser-plugins.rules)
 * 1:8055 <-> DISABLED <-> BROWSER-PLUGINS DirectAnimation.PathControl ActiveX function call access (browser-plugins.rules)
 * 1:8053 <-> DISABLED <-> BROWSER-PLUGINS DirectAnimation.PathControl ActiveX clsid access (browser-plugins.rules)
 * 1:8051 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WDM Instance Provider ActiveX clsid access (browser-plugins.rules)
 * 1:8049 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WaveOut and DSound Class Manager ActiveX clsid access (browser-plugins.rules)
 * 1:8047 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WaveIn Class Manager ActiveX clsid access (browser-plugins.rules)
 * 1:8045 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Video Effect Class Manager 2 Input ActiveX clsid access (browser-plugins.rules)
 * 1:8043 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Video Effect Class Manager 1 Input ActiveX clsid access (browser-plugins.rules)
 * 1:8041 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer VFW Capture Class Manager ActiveX clsid access (browser-plugins.rules)
 * 1:8039 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer syncui.dll ActiveX clsid access (browser-plugins.rules)
 * 1:8037 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Swedish_Default Stemmer ActiveX clsid access (browser-plugins.rules)
 * 1:8035 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Spanish_Modern Stemmer ActiveX clsid access (browser-plugins.rules)
 * 1:8033 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer QC.MessageMover.1 ActiveX clsid access (browser-plugins.rules)
 * 1:8031 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Mslablti.MarshalableTI.1 ActiveX clsid access (browser-plugins.rules)
 * 1:8029 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MidiOut Class Manager ActiveX clsid access (browser-plugins.rules)
 * 1:8027 <-> DISABLED <-> BROWSER-PLUGINS Microsoft WBEM Event Subsystem ActiveX clsid access (browser-plugins.rules)
 * 1:8025 <-> DISABLED <-> BROWSER-PLUGINS Microsoft HTML Window Security Proxy ActiveX clsid access (browser-plugins.rules)
 * 1:8023 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Italian_Italian Stemmer ActiveX clsid access (browser-plugins.rules)
 * 1:8021 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer ISSimpleCommandCreator.1 ActiveX clsid access (browser-plugins.rules)
 * 1:8019 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Address Bar ActiveX clsid access (browser-plugins.rules)
 * 1:8017 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer ICM Class Manager ActiveX clsid access (browser-plugins.rules)
 * 1:8015 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer German_German Stemmer ActiveX clsid access (browser-plugins.rules)
 * 1:8013 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer French_French Stemmer ActiveX clsid access (browser-plugins.rules)
 * 1:8011 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer English_US Stemmer ActiveX clsid access (browser-plugins.rules)
 * 1:8009 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer English_UK Stemmer ActiveX clsid access (browser-plugins.rules)
 * 1:8007 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Dutch_Dutch Stemmer ActiveX clsid access (browser-plugins.rules)
 * 1:8005 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DiskManagement.Connection ActiveX clsid access (browser-plugins.rules)
 * 1:8003 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Content.mbcontent.1 ActiveX clsid access (browser-plugins.rules)
 * 1:8001 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer CommunicationManager ActiveX clsid access (browser-plugins.rules)
 * 1:7999 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer CLSID_CDIDeviceActionConfigPage ActiveX clsid access (browser-plugins.rules)
 * 1:7997 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer CLSID_ApprenticeICW ActiveX clsid access (browser-plugins.rules)
 * 1:7995 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer clbcatq.dll ActiveX clsid access (browser-plugins.rules)
 * 1:7993 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer clbcatex.dll ActiveX clsid access (browser-plugins.rules)
 * 1:7991 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer ACM Class Manager ActiveX clsid access (browser-plugins.rules)
 * 1:7989 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WIA FileSystem USD ActiveX clsid access (browser-plugins.rules)
 * 1:7987 <-> DISABLED <-> BROWSER-PLUGINS WebViewFolderIcon.WebViewFolderIcon.2 ActiveX clsid access (browser-plugins.rules)
 * 1:7985 <-> ENABLED <-> BROWSER-PLUGINS Microsoft Windows Explorer WebViewFolderIcon.WebViewFolderIcon.1 ActiveX clsid access (browser-plugins.rules)
 * 1:7983 <-> DISABLED <-> BROWSER-PLUGINS SuperBuddy Class ActiveX clsid access (browser-plugins.rules)
 * 1:7981 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Office Access Snapshot Viewer General Property Page Object ActiveX clsid access (browser-plugins.rules)
 * 1:7980 <-> DISABLED <-> BROWSER-PLUGINS ShockwaveFlash.ShockwaveFlash.9 ActiveX function call access (browser-plugins.rules)
 * 1:7978 <-> DISABLED <-> BROWSER-PLUGINS ShockwaveFlash.ShockwaveFlash ActiveX clsid access (browser-plugins.rules)
 * 1:7976 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer ShellFolder for CD Burning ActiveX clsid access (browser-plugins.rules)
 * 1:7974 <-> DISABLED <-> BROWSER-PLUGINS Rendezvous Class ActiveX clsid access (browser-plugins.rules)
 * 1:7970 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer PostBootReminder object ActiveX clsid access (browser-plugins.rules)
 * 1:7958 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer mk Asychronous Pluggable Protocol Handler ActiveX clsid access (browser-plugins.rules)
 * 1:7956 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Forms 2.0 ListBox ActiveX clsid access (browser-plugins.rules)
 * 1:7954 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Forms 2.0 ComboBox ActiveX clsid access (browser-plugins.rules)
 * 1:7952 <-> DISABLED <-> BROWSER-PLUGINS Microsoft DirectAnimation Windowed Control ActiveX clsid access (browser-plugins.rules)
 * 1:7950 <-> DISABLED <-> BROWSER-PLUGINS Microsoft DirectAnimation Control ActiveX clsid access (browser-plugins.rules)
 * 1:7948 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Common Browser Architecture ActiveX clsid access (browser-plugins.rules)
 * 1:7946 <-> DISABLED <-> BROWSER-PLUGINS DXImageTransform.Microsoft.MaskFilter ActiveX clsid access (browser-plugins.rules)
 * 1:7944 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer https Asychronous Pluggable Protocol Handler ActiveX clsid access (browser-plugins.rules)
 * 1:7942 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer http Asychronous Pluggable Protocol Handler ActiveX clsid access (browser-plugins.rules)
 * 1:7940 <-> DISABLED <-> BROWSER-PLUGINS DXImageTransform.Microsoft.Gradient ActiveX clsid access (browser-plugins.rules)
 * 1:7938 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer gopher Asychronous Pluggable Protocol Handler ActiveX clsid access (browser-plugins.rules)
 * 1:7936 <-> DISABLED <-> BROWSER-PLUGINS DXImageTransform.Microsoft.Glow ActiveX clsid access (browser-plugins.rules)
 * 1:7934 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer ftp Asychronous Pluggable Protocol Handler ActiveX clsid access (browser-plugins.rules)
 * 1:7932 <-> DISABLED <-> BROWSER-PLUGINS FolderItems3 ActiveX clsid access (browser-plugins.rules)
 * 1:7930 <-> DISABLED <-> BROWSER-PLUGINS FolderItem2 ActiveX clsid access (browser-plugins.rules)
 * 1:7928 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer file or local Asychronous Pluggable Protocol Handler ActiveX clsid access (browser-plugins.rules)
 * 1:7926 <-> DISABLED <-> BROWSER-PLUGINS DXTFilter ActiveX clsid access (browser-plugins.rules)
 * 1:7924 <-> DISABLED <-> BROWSER-PLUGINS DXImageTransform.Microsoft.Shadow ActiveX clsid access (browser-plugins.rules)
 * 1:7922 <-> DISABLED <-> BROWSER-PLUGINS DXImageTransform.Microsoft.RevealTrans ActiveX clsid access (browser-plugins.rules)
 * 1:7920 <-> DISABLED <-> BROWSER-PLUGINS DsPropertyPages.OU ActiveX clsid access (browser-plugins.rules)
 * 1:7918 <-> DISABLED <-> BROWSER-PLUGINS CoAxTrackVideo Class ActiveX clsid access (browser-plugins.rules)
 * 1:7916 <-> DISABLED <-> BROWSER-PLUGINS CLSID_IMimeInternational ActiveX clsid access (browser-plugins.rules)
 * 1:7914 <-> DISABLED <-> BROWSER-PLUGINS DXImageTransform.Microsoft.NDFXArtEffects ActiveX clsid access (browser-plugins.rules)
 * 1:7912 <-> DISABLED <-> BROWSER-PLUGINS DX3DTransform.Microsoft.Shapes ActiveX clsid access (browser-plugins.rules)
 * 1:7910 <-> DISABLED <-> BROWSER-PLUGINS DXImageTransform.Microsoft.DropShadow ActiveX clsid access (browser-plugins.rules)
 * 1:7908 <-> DISABLED <-> BROWSER-PLUGINS DXImageTransform.Microsoft.Chroma ActiveX clsid access (browser-plugins.rules)
 * 1:7906 <-> DISABLED <-> BROWSER-PLUGINS CDO.KnowledgeSearchFolder ActiveX clsid access (browser-plugins.rules)
 * 1:7904 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer CDL Asychronous Pluggable Protocol Handler ActiveX clsid access (browser-plugins.rules)
 * 1:7902 <-> DISABLED <-> BROWSER-PLUGINS CDDBControlAOL.CDDBAOLControl ActiveX clsid access (browser-plugins.rules)
 * 1:7900 <-> DISABLED <-> BROWSER-PLUGINS AOL.UPFCtrl ActiveX clsid access (browser-plugins.rules)
 * 1:7898 <-> DISABLED <-> BROWSER-PLUGINS AOL.PicSsvrCtrl ActiveX clsid access (browser-plugins.rules)
 * 1:7896 <-> DISABLED <-> BROWSER-PLUGINS AOL.PicEditCtrl ActiveX clsid access (browser-plugins.rules)
 * 1:7894 <-> DISABLED <-> BROWSER-PLUGINS AOL.PicDownloadCtrl ActiveX clsid access (browser-plugins.rules)
 * 1:7892 <-> DISABLED <-> BROWSER-PLUGINS AOL Phobos Class ActiveX clsid access (browser-plugins.rules)
 * 1:7890 <-> DISABLED <-> BROWSER-PLUGINS AOL.MemExpWz ActiveX clsid access (browser-plugins.rules)
 * 1:7888 <-> DISABLED <-> BROWSER-PLUGINS AOLFlash.AOLFlash ActiveX clsid access (browser-plugins.rules)
 * 1:7886 <-> DISABLED <-> BROWSER-PLUGINS AolCalSvr.ACDictionary ActiveX clsid access (browser-plugins.rules)
 * 1:7884 <-> DISABLED <-> BROWSER-PLUGINS AolCalSvr.ACCalendarListCtrl ActiveX clsid access (browser-plugins.rules)
 * 1:7882 <-> DISABLED <-> BROWSER-PLUGINS AccSync.AccSubNotHandler ActiveX clsid access (browser-plugins.rules)
 * 1:7880 <-> DISABLED <-> BROWSER-PLUGINS AxMetaStream.MetaStreamCtlSecondary ActiveX clsid access (browser-plugins.rules)
 * 1:7878 <-> DISABLED <-> BROWSER-PLUGINS AxMetaStream.MetaStreamCtl ActiveX clsid access (browser-plugins.rules)
 * 1:7876 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Office Data Source Control 10.0 ActiveX clsid access (browser-plugins.rules)
 * 1:7874 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Office PivotTable 10.0 ActiveX clsid access (browser-plugins.rules)
 * 1:7872 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Office Spreadsheet 10.0 ActiveX clsid access (browser-plugins.rules)
 * 1:7870 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Office Data Source Control 9.0 ActiveX clsid access (browser-plugins.rules)
 * 1:7868 <-> DISABLED <-> BROWSER-PLUGINS ADODB.Recordset ActiveX clsid access (browser-plugins.rules)
 * 1:7866 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows ADODB.Connection ActiveX clsid access (browser-plugins.rules)
 * 1:7864 <-> DISABLED <-> BROWSER-PLUGINS McSubMgr ActiveX CLSID access (browser-plugins.rules)
 * 1:7863 <-> DISABLED <-> BROWSER-PLUGINS Mcafee Security Center McSubMgr.IsOldAppInstalled ActiveX function call access (browser-plugins.rules)
 * 1:7862 <-> DISABLED <-> BROWSER-PLUGINS Mcafee Security Center McSubMgr.IsAppExpired ActiveX function call access (browser-plugins.rules)
 * 1:7857 <-> DISABLED <-> MALWARE-OTHER Keylogger EliteKeylogger runtime detection (malware-other.rules)
 * 1:7847 <-> DISABLED <-> MALWARE-OTHER Keylogger clogger 1.0 runtime detection - send log through email (malware-other.rules)
 * 1:7846 <-> DISABLED <-> MALWARE-OTHER Keylogger clogger 1.0 runtime detection (malware-other.rules)
 * 1:7845 <-> DISABLED <-> MALWARE-OTHER Keylogger clogger 1.0 runtime detection (malware-other.rules)
 * 1:7837 <-> DISABLED <-> MALWARE-OTHER Keylogger spyoutside runtime detection - email delivery (malware-other.rules)
 * 1:7597 <-> DISABLED <-> MALWARE-OTHER Keylogger spy lantern keylogger runtime detection (malware-other.rules)
 * 1:7596 <-> DISABLED <-> MALWARE-OTHER Keylogger spy lantern keylogger runtime detection - flowbit set (malware-other.rules)
 * 1:7592 <-> DISABLED <-> MALWARE-OTHER Keylogger keylogger pro runtime detection (malware-other.rules)
 * 1:7591 <-> DISABLED <-> MALWARE-OTHER Keylogger keylogger pro runtime detection - flowbit set (malware-other.rules)
 * 1:7574 <-> DISABLED <-> MALWARE-OTHER Keylogger proagent 2.0 runtime detection (malware-other.rules)
 * 1:7552 <-> DISABLED <-> MALWARE-OTHER Keylogger ardamax keylogger runtime detection - ftp (malware-other.rules)
 * 1:7551 <-> DISABLED <-> MALWARE-OTHER Keylogger ardamax keylogger runtime detection - smtp (malware-other.rules)
 * 1:7549 <-> DISABLED <-> MALWARE-OTHER Keylogger activity monitor 3.8 runtime detection (malware-other.rules)
 * 1:7548 <-> DISABLED <-> MALWARE-OTHER Keylogger activity monitor 3.8 runtime detection - agent up notification (malware-other.rules)
 * 1:7547 <-> DISABLED <-> MALWARE-OTHER Keylogger activity monitor 3.8 runtime detection - agent status monitoring (malware-other.rules)
 * 1:7546 <-> DISABLED <-> MALWARE-OTHER Keylogger PerfectKeylogger runtime detection (malware-other.rules)
 * 1:7545 <-> DISABLED <-> MALWARE-OTHER Keylogger PerfectKeylogger runtime detection - flowbit set 2 (malware-other.rules)
 * 1:7544 <-> DISABLED <-> MALWARE-OTHER Keylogger PerfectKeylogger runtime detection - flowbit set 1 (malware-other.rules)
 * 1:7541 <-> DISABLED <-> MALWARE-OTHER Keylogger starlogger runtime detection (malware-other.rules)
 * 1:7539 <-> DISABLED <-> MALWARE-OTHER Keylogger eye spy pro 1.0 runtime detection (malware-other.rules)
 * 1:7515 <-> DISABLED <-> MALWARE-OTHER Keylogger watchdog runtime detection - remote monitoring (malware-other.rules)
 * 1:7514 <-> DISABLED <-> MALWARE-OTHER Keylogger watchdog runtime detection - send out info to server periodically (malware-other.rules)
 * 1:7513 <-> DISABLED <-> MALWARE-OTHER Keylogger watchdog runtime detection - init connection (malware-other.rules)
 * 1:7512 <-> DISABLED <-> MALWARE-OTHER Keylogger watchdog runtime detection - init connection - flowbit set (malware-other.rules)
 * 1:7505 <-> DISABLED <-> MALWARE-OTHER Keylogger actualspy runtime detection - smtp (malware-other.rules)
 * 1:7504 <-> DISABLED <-> MALWARE-OTHER Keylogger actualspy runtime detection - ftp-data (malware-other.rules)
 * 1:7502 <-> DISABLED <-> BROWSER-PLUGINS tsuserex.ADsTSUserEx.1 ActiveX clsid access (browser-plugins.rules)
 * 1:7500 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WM VIH2 Fix ActiveX clsid access (browser-plugins.rules)
 * 1:7498 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WM TV Out Smooth Picture Filter ActiveX clsid access (browser-plugins.rules)
 * 1:7496 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WMT Volume ActiveX clsid access (browser-plugins.rules)
 * 1:7494 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WMT Virtual Source ActiveX clsid access (browser-plugins.rules)
 * 1:7492 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WMT Virtual Renderer ActiveX clsid access (browser-plugins.rules)
 * 1:7490 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WMT Switch Filter ActiveX clsid access (browser-plugins.rules)
 * 1:7488 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WMT Screen capture Filter ActiveX clsid access (browser-plugins.rules)
 * 1:7486 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WMT Screen Capture Filter Task Page ActiveX clsid access (browser-plugins.rules)
 * 1:7484 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WMT Sample Info Filter ActiveX clsid access (browser-plugins.rules)
 * 1:7482 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WMT MuxDeMux Filter ActiveX clsid access (browser-plugins.rules)
 * 1:7480 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WMT Log Filter ActiveX clsid access (browser-plugins.rules)
 * 1:7478 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WMT Interlacer ActiveX clsid access (browser-plugins.rules)
 * 1:7476 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WMT Import Filter ActiveX clsid access (browser-plugins.rules)
 * 1:7474 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WMT FormatConversion ActiveX clsid access (browser-plugins.rules)
 * 1:7472 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WMT FormatConversion Prop Page ActiveX clsid access (browser-plugins.rules)
 * 1:7470 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WMT DV Extract Filter ActiveX clsid access (browser-plugins.rules)
 * 1:7468 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WMT DirectX Transform Wrapper ActiveX clsid access (browser-plugins.rules)
 * 1:7466 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WMT DeInterlace Prop Page ActiveX clsid access (browser-plugins.rules)
 * 1:7464 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WMT DeInterlace Filter ActiveX clsid access (browser-plugins.rules)
 * 1:7462 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WMT Black Frame Generator ActiveX clsid access (browser-plugins.rules)
 * 1:7460 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WMT Audio Analyzer ActiveX clsid access (browser-plugins.rules)
 * 1:7458 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Wmm2fxb.dll ActiveX clsid access (browser-plugins.rules)
 * 1:7456 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Wmm2fxa.dll ActiveX clsid access (browser-plugins.rules)
 * 1:7454 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Wmm2ae.dll ActiveX clsid access (browser-plugins.rules)
 * 1:7452 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WM Color Converter Filter ActiveX clsid access (browser-plugins.rules)
 * 1:7450 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Stetch ActiveX clsid access (browser-plugins.rules)
 * 1:7448 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer ShotDetect ActiveX clsid access (browser-plugins.rules)
 * 1:7446 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Record Queue ActiveX clsid access (browser-plugins.rules)
 * 1:7444 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Mmedia.AsyncMHandler.1 ActiveX clsid access (browser-plugins.rules)
 * 1:7442 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer mmAEPlugIn.AEPlugIn.1 ActiveX clsid access (browser-plugins.rules)
 * 1:7439 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer HTML Help ActiveX clsid access (browser-plugins.rules)
 * 1:7437 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Frame Eater ActiveX clsid access (browser-plugins.rules)
 * 1:7436 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Dynamic Casts ActiveX function call (browser-plugins.rules)
 * 1:7435 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Dynamic Casts ActiveX clsid access (browser-plugins.rules)
 * 1:7433 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectX Transform Wrapper Property Page ActiveX clsid access (browser-plugins.rules)
 * 1:7431 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectFrame.DirectControl.1 ActiveX clsid access (browser-plugins.rules)
 * 1:7429 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Bitmap ActiveX clsid access (browser-plugins.rules)
 * 1:7427 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Allocator Fix ActiveX clsid access (browser-plugins.rules)
 * 1:7425 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer 9x8Resize ActiveX clsid access (browser-plugins.rules)
 * 1:7210 <-> ENABLED <-> OS-WINDOWS DCERPC NCADG-IP-UDP srvsvc NetrPathCanonicalize overflow attempt (os-windows.rules)
 * 1:7209 <-> ENABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP srvsvc NetrPathCanonicalize overflow attempt (os-windows.rules)
 * 1:7186 <-> DISABLED <-> MALWARE-OTHER Keylogger kgb Keylogger runtime detection (malware-other.rules)
 * 1:7185 <-> DISABLED <-> MALWARE-OTHER Keylogger 007 spy software runtime detection - ftp (malware-other.rules)
 * 1:7184 <-> DISABLED <-> MALWARE-OTHER Keylogger 007 spy software runtime detection - smtp (malware-other.rules)
 * 1:7180 <-> DISABLED <-> MALWARE-OTHER Keylogger desktop detective 2000 runtime detection - init connection (malware-other.rules)
 * 1:7179 <-> DISABLED <-> MALWARE-OTHER Keylogger desktop detective 2000 runtime detection - init connection (malware-other.rules)
 * 1:7178 <-> DISABLED <-> MALWARE-OTHER Keylogger desktop detective 2000 runtime detection - init connection (malware-other.rules)
 * 1:7177 <-> DISABLED <-> MALWARE-OTHER Keylogger ab system spy runtime detection - info send through email (malware-other.rules)
 * 1:7176 <-> DISABLED <-> MALWARE-OTHER Keylogger ab system spy runtime detection - log retrieve (malware-other.rules)
 * 1:7175 <-> DISABLED <-> MALWARE-OTHER Keylogger ab system spy runtime detection - log retrieve (malware-other.rules)
 * 1:7169 <-> DISABLED <-> MALWARE-OTHER Keylogger ab system spy runtime detection - information exchange (malware-other.rules)
 * 1:7168 <-> DISABLED <-> MALWARE-OTHER Keylogger ab system spy runtime detection - information exchange - flowbit set 4 (malware-other.rules)
 * 1:7167 <-> DISABLED <-> MALWARE-OTHER Keylogger ab system spy runtime detection - information exchange - flowbit set 3 (malware-other.rules)
 * 1:7166 <-> DISABLED <-> MALWARE-OTHER Keylogger ab system spy runtime detection - information exchange - flowbit set 2 (malware-other.rules)
 * 1:7165 <-> ENABLED <-> MALWARE-OTHER Keylogger ab system spy runtime detection - information exchange - flowbit set 1 (malware-other.rules)
 * 1:7164 <-> DISABLED <-> MALWARE-OTHER Keylogger win-spy runtime detection - execute file server-to-client (malware-other.rules)
 * 1:7163 <-> DISABLED <-> MALWARE-OTHER Keylogger win-spy runtime detection - execute file client-to-server (malware-other.rules)
 * 1:7162 <-> DISABLED <-> MALWARE-OTHER Keylogger win-spy runtime detection - download file server-to-client (malware-other.rules)
 * 1:7161 <-> DISABLED <-> MALWARE-OTHER Keylogger win-spy runtime detection - download file client-to-server (malware-other.rules)
 * 1:7160 <-> DISABLED <-> MALWARE-OTHER Keylogger win-spy runtime detection - upload file server-to-client (malware-other.rules)
 * 1:7159 <-> DISABLED <-> MALWARE-OTHER Keylogger win-spy runtime detection - upload file client-to-server (malware-other.rules)
 * 1:7158 <-> DISABLED <-> MALWARE-OTHER Keylogger win-spy runtime detection - remote conn server-to-client (malware-other.rules)
 * 1:7157 <-> DISABLED <-> MALWARE-OTHER Keylogger win-spy runtime detection - remote conn client-to-server (malware-other.rules)
 * 1:7156 <-> DISABLED <-> MALWARE-OTHER Keylogger win-spy runtime detection - email delivery (malware-other.rules)
 * 1:7154 <-> DISABLED <-> MALWARE-OTHER Keylogger active keylogger home runtime detection (malware-other.rules)
 * 1:7071 <-> DISABLED <-> SERVER-WEBAPP encoded cross site scripting HTML Image tag set to javascript attempt (server-webapp.rules)
 * 1:7042 <-> DISABLED <-> OS-WINDOWS SMB Trans unicode andx mailslot heap overflow attempt (os-windows.rules)
 * 1:7041 <-> ENABLED <-> OS-WINDOWS SMB Trans andx mailslot heap overflow attempt (os-windows.rules)
 * 1:7040 <-> DISABLED <-> OS-WINDOWS SMB Trans unicode andx mailslot heap overflow attempt (os-windows.rules)
 * 1:704 <-> DISABLED <-> SERVER-MSSQL xp_sprintf possible buffer overflow (server-mssql.rules)
 * 1:7039 <-> DISABLED <-> OS-WINDOWS SMB Trans andx mailslot heap overflow attempt (os-windows.rules)
 * 1:7038 <-> DISABLED <-> OS-WINDOWS SMB Trans unicode mailslot heap overflow attempt (os-windows.rules)
 * 1:7037 <-> DISABLED <-> OS-WINDOWS SMB Trans mailslot heap overflow attempt (os-windows.rules)
 * 1:7036 <-> DISABLED <-> OS-WINDOWS SMB Trans unicode mailslot heap overflow attempt (os-windows.rules)
 * 1:7035 <-> ENABLED <-> OS-WINDOWS SMB Trans mailslot heap overflow attempt (os-windows.rules)
 * 1:7026 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows RDS.Dataspace ActiveX function call access (browser-plugins.rules)
 * 1:7018 <-> DISABLED <-> BROWSER-PLUGINS Sysmon ActiveX function call access (browser-plugins.rules)
 * 1:7017 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer RDS.DataControl ActiveX function call access (browser-plugins.rules)
 * 1:7016 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Object.Microsoft.DXTFilter ActiveX function call access (browser-plugins.rules)
 * 1:7015 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer NMSA.MediaDescription ActiveX function call access (browser-plugins.rules)
 * 1:7014 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer NMSA.ASFSourceMediaDescription.1 ActiveX function call access (browser-plugins.rules)
 * 1:7013 <-> DISABLED <-> BROWSER-PLUGINS Microsoft.ISCatAdm ActiveX function call access (browser-plugins.rules)
 * 1:7012 <-> DISABLED <-> BROWSER-PLUGINS Internet.PopupMenu.1 ActiveX function call access (browser-plugins.rules)
 * 1:7011 <-> DISABLED <-> BROWSER-PLUGINS HtmlDlgSafeHelper.HtmlDlgSafeHelper ActiveX function call access (browser-plugins.rules)
 * 1:7010 <-> DISABLED <-> BROWSER-PLUGINS HtmlDlgSafeHelper.HtmlDlgSafeHelper.1 ActiveX function call access (browser-plugins.rules)
 * 1:7009 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows DirectAnimation.StructuredGraphicsControl ActiveX function call access (browser-plugins.rules)
 * 1:7008 <-> DISABLED <-> BROWSER-PLUGINS DirectAnimation.DAUserData ActiveX function call access (browser-plugins.rules)
 * 1:7007 <-> DISABLED <-> BROWSER-PLUGINS AxDebugger.Document.1 ActiveX function call access (browser-plugins.rules)
 * 1:7006 <-> DISABLED <-> BROWSER-PLUGINS ASControls.InstallEngineCtl ActiveX function call access (browser-plugins.rules)
 * 1:7005 <-> DISABLED <-> BROWSER-PLUGINS OutlookExpress.AddressBook ActiveX function call access (browser-plugins.rules)
 * 1:7004 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Internet.HHCtrl.1 ActiveX function call access (browser-plugins.rules)
 * 1:7003 <-> DISABLED <-> BROWSER-PLUGINS ADODB.Recordset ActiveX function call access (browser-plugins.rules)
 * 1:695 <-> DISABLED <-> SERVER-MSSQL xp_sprintf possible buffer overflow (server-mssql.rules)
 * 1:694 <-> DISABLED <-> INDICATOR-SHELLCODE shellcode attempt (indicator-shellcode.rules)
 * 1:693 <-> DISABLED <-> INDICATOR-SHELLCODE shellcode attempt (indicator-shellcode.rules)
 * 1:692 <-> DISABLED <-> INDICATOR-SHELLCODE shellcode attempt (indicator-shellcode.rules)
 * 1:691 <-> DISABLED <-> INDICATOR-SHELLCODE shellcode attempt (indicator-shellcode.rules)
 * 1:6906 <-> ENABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP rras RasRpcSetUserPreferences callback number overflow attempt (os-windows.rules)
 * 1:689 <-> DISABLED <-> SERVER-MSSQL xp_reg* registry access (server-mssql.rules)
 * 1:686 <-> DISABLED <-> SERVER-MSSQL xp_reg* - registry access (server-mssql.rules)
 * 1:6810 <-> DISABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP rras RasRpcSetUserPreferences area/country overflow attempt (os-windows.rules)
 * 1:672 <-> DISABLED <-> SERVER-MAIL vrfy decode (server-mail.rules)
 * 1:6714 <-> ENABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP rras RasRpcSetUserPreferences phonebook mode overflow attempt (os-windows.rules)
 * 1:6700 <-> DISABLED <-> FILE-IMAGE Microsoft Multiple Products malformed PNG detected tEXt overflow attempt (file-image.rules)
 * 1:6687 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DXImageTransform.Microsoft.MMSpecialEffect1Input ActiveX function call access (browser-plugins.rules)
 * 1:6686 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DXImageTransform.Microsoft.MMSpecialEffect2Inputs ActiveX clsid access (browser-plugins.rules)
 * 1:6684 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DXImageTransform.Microsoft.MMSpecialEffect1Input ActiveX clsid access (browser-plugins.rules)
 * 1:6682 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DXImageTransform.Microsoft.MMSpecialEffect2Inputs ActiveX function call access (browser-plugins.rules)
 * 1:6681 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Media Transform Effects ActiveX clsid access (browser-plugins.rules)
 * 1:6584 <-> DISABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP rras RasRpcSubmitRequest overflow attempt (os-windows.rules)
 * 1:654 <-> DISABLED <-> SERVER-MAIL RCPT TO overflow (server-mail.rules)
 * 1:6517 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DXImageTransform.Microsoft.Light ActiveX clsid access (browser-plugins.rules)
 * 1:6516 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DXImageTransform.Microsoft.Light ActiveX function call access (browser-plugins.rules)
 * 1:6511 <-> DISABLED <-> SERVER-WEBAPP ALT-N WebAdmin user param overflow attempt (server-webapp.rules)
 * 1:6507 <-> DISABLED <-> SERVER-WEBAPP novell edirectory imonitor overflow attempt (server-webapp.rules)
 * 1:6456 <-> ENABLED <-> OS-WINDOWS DCERPC NCADG-IP-UDP msdtc BuildContext heap overflow attempt (os-windows.rules)
 * 1:6455 <-> ENABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP msdtc BuildContext heap overflow attempt (os-windows.rules)
 * 1:6444 <-> ENABLED <-> OS-WINDOWS DCERPC NCADG-IP-UDP msdtc BuildContextW heap overflow attempt (os-windows.rules)
 * 1:6443 <-> ENABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP msdtc BuildContextW heap overflow attempt (os-windows.rules)
 * 1:6432 <-> ENABLED <-> OS-WINDOWS DCERPC NCADG-IP-UDP msdtc BuildContextW invalid second uuid size attempt (os-windows.rules)
 * 1:6431 <-> ENABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP msdtc BuildContextW invalid second uuid size attempt (os-windows.rules)
 * 1:6420 <-> ENABLED <-> OS-WINDOWS DCERPC NCADG-IP-UDP msdtc BuildContextW invalid uuid size attempt (os-windows.rules)
 * 1:6419 <-> ENABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP msdtc BuildContextW invalid uuid size attempt (os-windows.rules)
 * 1:6414 <-> DISABLED <-> SERVER-WEBAPP Novell GroupWise Messenger Accept-Language header buffer overflow attempt (server-webapp.rules)
 * 1:6413 <-> DISABLED <-> SERVER-MAIL Microsoft Windows Address Book Base64 encoded attachment detected (server-mail.rules)
 * 1:6412 <-> DISABLED <-> SERVER-MAIL Microsoft Windows Address Book attachment detected (server-mail.rules)
 * 1:6403 <-> DISABLED <-> SERVER-WEBAPP horde help module arbitrary command execution attempt (server-webapp.rules)
 * 1:6386 <-> DISABLED <-> MALWARE-OTHER Keylogger stealthwatcher 2000 runtime detection - agent up notification (malware-other.rules)
 * 1:6385 <-> DISABLED <-> MALWARE-OTHER Keylogger stealthwatcher 2000 runtime detection - agent status monitoring (malware-other.rules)
 * 1:6384 <-> DISABLED <-> MALWARE-OTHER Keylogger stealthwatcher 2000 runtime detection - agent discover broadcast (malware-other.rules)
 * 1:6383 <-> DISABLED <-> MALWARE-OTHER Keylogger stealthwatcher 2000 runtime detection - tcp connection setup (malware-other.rules)
 * 1:6362 <-> DISABLED <-> BLACKLIST User-Agent known malicious user agent - MGS-Internal-Web-Manager (blacklist.rules)
 * 1:6357 <-> DISABLED <-> BLACKLIST User-Agent known malicious user agent - Need2Find (blacklist.rules)
 * 1:6354 <-> DISABLED <-> BLACKLIST User-Agent known malicious user agent - ProxyDown (blacklist.rules)
 * 1:6341 <-> DISABLED <-> BLACKLIST User-Agent known malicious user agent - Spedia (blacklist.rules)
 * 1:6340 <-> DISABLED <-> MALWARE-OTHER Keylogger handy keylogger runtime detection (malware-other.rules)
 * 1:632 <-> DISABLED <-> SERVER-MAIL expn cybercop attempt (server-mail.rules)
 * 1:631 <-> DISABLED <-> SERVER-MAIL ehlo cybercop attempt (server-mail.rules)
 * 1:6281 <-> DISABLED <-> BLACKLIST User-Agent known malicious user agent - istsvc (blacklist.rules)
 * 1:6274 <-> DISABLED <-> BLACKLIST User-Agent known malicious user agent - Stubby (blacklist.rules)
 * 1:6270 <-> DISABLED <-> BLACKLIST User-Agent known malicious user agent - MyBrowser (blacklist.rules)
 * 1:6221 <-> DISABLED <-> MALWARE-OTHER Keylogger computerspy runtime detection (malware-other.rules)
 * 1:6220 <-> DISABLED <-> MALWARE-OTHER Keylogger boss everyware runtime detection (malware-other.rules)
 * 1:6208 <-> DISABLED <-> MALWARE-OTHER Keylogger winsession runtime detection - ftp (malware-other.rules)
 * 1:6207 <-> DISABLED <-> MALWARE-OTHER Keylogger winsession runtime detection - smtp (malware-other.rules)
 * 1:6198 <-> DISABLED <-> BLACKLIST User-Agent known malicious user agent - SQTR_VERIFY (blacklist.rules)
 * 1:6197 <-> DISABLED <-> BLACKLIST User-Agent known malicious user agent - smrtshpr-cs (blacklist.rules)
 * 1:6190 <-> DISABLED <-> MALWARE-OTHER Keylogger eblaster 5.0 runtime detection (malware-other.rules)
 * 1:6186 <-> DISABLED <-> BLACKLIST User-Agent known malicious user agent - SpywareStrike (blacklist.rules)
 * 1:6009 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows RDS.Dataspace ActiveX object access (browser-plugins.rules)
 * 1:6008 <-> DISABLED <-> BROWSER-PLUGINS Microsoft DT DDS OrgChart GDD Route ActiveX object access (browser-plugins.rules)
 * 1:6007 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DT DDS OrgChart GDD Layout ActiveX object access (browser-plugins.rules)
 * 1:6006 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DT Icon Control ActiveX object access (browser-plugins.rules)
 * 1:6005 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DT DDS Straight Line Routing Logic 2 ActiveX object access (browser-plugins.rules)
 * 1:6004 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DT DDS Circular Auto Layout Logic 2 ActiveX object access (browser-plugins.rules)
 * 1:6003 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DT DDS Rectilinear GDD Route ActiveX object access (browser-plugins.rules)
 * 1:6002 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DT DDS Rectilinear GDD Layout ActiveX object access (browser-plugins.rules)
 * 1:5997 <-> DISABLED <-> SERVER-WEBAPP WinProxy overly long host header buffer overflow attempt (server-webapp.rules)
 * 1:5992 <-> DISABLED <-> BLACKLIST User-Agent known malicious user agent - Mirar_KeywordContentHijacker (blacklist.rules)
 * 1:5988 <-> DISABLED <-> BLACKLIST User-Agent known malicious user agent - ZC-Bridge (blacklist.rules)
 * 1:5986 <-> DISABLED <-> BLACKLIST User-Agent known malicious user agent - TeomaBar (blacklist.rules)
 * 1:5978 <-> DISABLED <-> BLACKLIST User-Agent known malicious user agent - TM_SEARCH3 (blacklist.rules)
 * 1:5970 <-> DISABLED <-> BLACKLIST User-Agent known malicious user agent - Feat2 Updater (blacklist.rules)
 * 1:5955 <-> DISABLED <-> BLACKLIST User-Agent known malicious user agent - Popup Stopper (blacklist.rules)
 * 1:5954 <-> DISABLED <-> BLACKLIST User-Agent known malicious user agent - Browser Pal (blacklist.rules)
 * 1:5913 <-> DISABLED <-> BLACKLIST User-Agent known malicious user agent - My Agent (blacklist.rules)
 * 1:5901 <-> ENABLED <-> BLACKLIST User-Agent known malicious user agent - AdTools (blacklist.rules)
 * 1:5882 <-> ENABLED <-> MALWARE-OTHER Keylogger spyagent runtime detect - alert notification (malware-other.rules)
 * 1:5881 <-> ENABLED <-> MALWARE-OTHER Keylogger spyagent runtime detect - ftp delivery (malware-other.rules)
 * 1:5880 <-> ENABLED <-> MALWARE-OTHER Keylogger spyagent runtime detect - smtp delivery (malware-other.rules)
 * 1:5857 <-> DISABLED <-> BLACKLIST User-Agent known malicious user agent - MyWebSearchSearchAssistance (blacklist.rules)
 * 1:5838 <-> DISABLED <-> BLACKLIST User-Agent known malicious user agent - EI (blacklist.rules)
 * 1:5824 <-> DISABLED <-> BLACKLIST User-Agent known malicious user agent - Strip-Player (blacklist.rules)
 * 1:5808 <-> ENABLED <-> BLACKLIST User-Agent known malicious user agent - SAH Agent (blacklist.rules)
 * 1:5800 <-> ENABLED <-> BLACKLIST User-Agent known malicious user agent - MyWay (blacklist.rules)
 * 1:5790 <-> DISABLED <-> MALWARE-OTHER Keylogger pc actmon pro runtime detection - smtp (malware-other.rules)
 * 1:5789 <-> DISABLED <-> BLACKLIST User-Agent known malicious user agent - ActMon (blacklist.rules)
 * 1:5784 <-> DISABLED <-> MALWARE-OTHER Keylogger runtime detection - hwae urls browsed log (malware-other.rules)
 * 1:5783 <-> DISABLED <-> MALWARE-OTHER Keylogger runtime detection - hwae keystrokes log (malware-other.rules)
 * 1:5782 <-> DISABLED <-> MALWARE-OTHER Keylogger runtime detection - hwae word filtered echelon log (malware-other.rules)
 * 1:5781 <-> DISABLED <-> MALWARE-OTHER Keylogger runtime detection - hwae windows activity logs (malware-other.rules)
 * 1:5780 <-> DISABLED <-> MALWARE-OTHER Keylogger runtime detection - hwpe word filtered echelon log (malware-other.rules)
 * 1:5779 <-> DISABLED <-> MALWARE-OTHER Keylogger runtime detection - hwpe shell file logs (malware-other.rules)
 * 1:5778 <-> DISABLED <-> MALWARE-OTHER Keylogger runtime detection - hwpe windows activity logs (malware-other.rules)
 * 1:5777 <-> DISABLED <-> MALWARE-OTHER Keylogger gurl watcher runtime detection (malware-other.rules)
 * 1:5774 <-> DISABLED <-> BLACKLIST User-Agent known malicious user agent - FSW (blacklist.rules)
 * 1:5770 <-> DISABLED <-> BLACKLIST User-Agent known malicious user agent - Casino (blacklist.rules)
 * 1:5760 <-> DISABLED <-> BLACKLIST User-Agent known malicious user agent - OSSProxy (blacklist.rules)
 * 1:5759 <-> DISABLED <-> MALWARE-OTHER Keylogger fearlesskeyspy runtime detection (malware-other.rules)
 * 1:5742 <-> DISABLED <-> MALWARE-OTHER Keylogger activitylogger runtime detection (malware-other.rules)
 * 1:5739 <-> DISABLED <-> SERVER-MAIL headers too long server response (server-mail.rules)
 * 1:5738 <-> DISABLED <-> OS-WINDOWS SMB Trans unicode andx Max Param OS-WINDOWS attempt (os-windows.rules)
 * 1:5737 <-> DISABLED <-> OS-WINDOWS SMB-DS Trans unicode andx Max Param OS-WINDOWS attempt (os-windows.rules)
 * 1:5736 <-> DISABLED <-> OS-WINDOWS SMB-DS Trans andx Max Param OS-WINDOWS attempt (os-windows.rules)
 * 1:5735 <-> DISABLED <-> OS-WINDOWS SMB Trans andx Max Param OS-WINDOWS attempt (os-windows.rules)
 * 1:5734 <-> DISABLED <-> OS-WINDOWS SMB Trans andx Max Param OS-WINDOWS attempt (os-windows.rules)
 * 1:5733 <-> DISABLED <-> OS-WINDOWS SMB Trans unicode andx Max Param OS-WINDOWS attempt (os-windows.rules)
 * 1:5732 <-> DISABLED <-> OS-WINDOWS SMB Trans unicode Max Param OS-WINDOWS attempt (os-windows.rules)
 * 1:5731 <-> DISABLED <-> OS-WINDOWS SMB-DS Trans unicode Max Param OS-WINDOWS attempt (os-windows.rules)
 * 1:5730 <-> DISABLED <-> OS-WINDOWS SMB-DS Trans Max Param OS-WINDOWS attempt (os-windows.rules)
 * 1:5729 <-> DISABLED <-> OS-WINDOWS SMB Trans Max Param OS-WINDOWS attempt (os-windows.rules)
 * 1:5728 <-> DISABLED <-> OS-WINDOWS SMB Trans Max Param OS-WINDOWS attempt (os-windows.rules)
 * 1:5727 <-> DISABLED <-> OS-WINDOWS SMB Trans unicode Max Param OS-WINDOWS attempt (os-windows.rules)
 * 1:5726 <-> DISABLED <-> OS-WINDOWS SMB Trans unicode andx Max Param/Count OS-WINDOWS attempt (os-windows.rules)
 * 1:5725 <-> DISABLED <-> OS-WINDOWS SMB Trans andx Max Param/Count OS-WINDOWS attempt (os-windows.rules)
 * 1:5724 <-> DISABLED <-> OS-WINDOWS SMB-DS Trans unicode andx Max Param/Count OS-WINDOWS attempt (os-windows.rules)
 * 1:5723 <-> DISABLED <-> OS-WINDOWS SMB-DS Trans andx Max Param/Count OS-WINDOWS attempt (os-windows.rules)
 * 1:5722 <-> DISABLED <-> OS-WINDOWS SMB Trans unicode andx Max Param/Count OS-WINDOWS attempt (os-windows.rules)
 * 1:5721 <-> DISABLED <-> OS-WINDOWS SMB Trans andx Max Param/Count OS-WINDOWS attempt (os-windows.rules)
 * 1:5720 <-> DISABLED <-> OS-WINDOWS SMB Trans unicode Max Param/Count OS-WINDOWS attempt (os-windows.rules)
 * 1:5719 <-> DISABLED <-> OS-WINDOWS SMB Trans Max Param/Count OS-WINDOWS attempt (os-windows.rules)
 * 1:5718 <-> DISABLED <-> OS-WINDOWS SMB-DS Trans unicode Max Param/Count OS-WINDOWS attempt (os-windows.rules)
 * 1:5717 <-> DISABLED <-> OS-WINDOWS SMB-DS Trans Max Param/Count OS-WINDOWS attempt (os-windows.rules)
 * 1:5716 <-> DISABLED <-> OS-WINDOWS SMB Trans unicode Max Param/Count OS-WINDOWS attempt (os-windows.rules)
 * 1:5709 <-> DISABLED <-> SERVER-WEBAPP file upload directory traversal (server-webapp.rules)
 * 1:5485 <-> ENABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP llsrpc2 LlsrLicenseRequestW overflow attempt (os-windows.rules)
 * 1:530 <-> DISABLED <-> OS-WINDOWS NT NULL session (os-windows.rules)
 * 1:514 <-> DISABLED <-> SERVER-OTHER ramen worm (server-other.rules)
 * 1:512 <-> DISABLED <-> PUA-OTHER PCAnywhere Failed Login (pua-other.rules)
 * 1:5096 <-> DISABLED <-> OS-WINDOWS DCERPC NCADG-IP-UDP lsass DsRolerGetPrimaryDomainInformation attempt (os-windows.rules)
 * 1:5095 <-> DISABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP lsass DsRolerGetPrimaryDomainInformation attempt (os-windows.rules)
 * 1:509 <-> DISABLED <-> SERVER-WEBAPP PCCS mysql database admin tool access (server-webapp.rules)
 * 1:508 <-> DISABLED <-> SERVER-OTHER gopher proxy (server-other.rules)
 * 1:507 <-> DISABLED <-> PUA-OTHER PCAnywhere Attempted Administrator Login (pua-other.rules)
 * 1:505 <-> DISABLED <-> SERVER-OTHER Insecure TIMBUKTU Password (server-other.rules)
 * 1:4990 <-> DISABLED <-> SERVER-MSSQL heap-based overflow attempt (server-mssql.rules)
 * 1:4989 <-> DISABLED <-> SERVER-MSSQL heap-based overflow attempt (server-mssql.rules)
 * 1:4988 <-> DISABLED <-> SERVER-WEBAPP Barracuda IMG.PL directory traversal attempt (server-webapp.rules)
 * 1:4987 <-> DISABLED <-> SERVER-WEBAPP Twiki viewfile rev command injection attempt (server-webapp.rules)
 * 1:4986 <-> DISABLED <-> SERVER-WEBAPP Twiki view rev command injection attempt (server-webapp.rules)
 * 1:4985 <-> DISABLED <-> SERVER-WEBAPP Twiki rdiff rev command injection attempt (server-webapp.rules)
 * 1:4983 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Adodb.Stream ActiveX Object Access CreateObject Function (browser-plugins.rules)
 * 1:4982 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Adodb.Stream ActiveX object access (browser-plugins.rules)
 * 1:4915 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Shortcut Handler ActiveX object access (browser-plugins.rules)
 * 1:4914 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Repository Script Definition ActiveX object access (browser-plugins.rules)
 * 1:4913 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Repository Workspace ActiveX object access (browser-plugins.rules)
 * 1:4912 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Repository Root ActiveX object access (browser-plugins.rules)
 * 1:4911 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Repository Type Library ActiveX object access (browser-plugins.rules)
 * 1:4910 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Repository Relationship Definition ActiveX object access (browser-plugins.rules)
 * 1:4909 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Repository Property Definition ActiveX object access (browser-plugins.rules)
 * 1:4908 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Repository Method Definition ActiveX object access (browser-plugins.rules)
 * 1:4907 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Repository Collection Definition ActiveX object access (browser-plugins.rules)
 * 1:4906 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Repository Interface Definition ActiveX object access (browser-plugins.rules)
 * 1:4905 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Repository Object ActiveX object access (browser-plugins.rules)
 * 1:4904 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Repository Alias ActiveX object access (browser-plugins.rules)
 * 1:4903 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer VMR ImageSync 9 ActiveX object access (browser-plugins.rules)
 * 1:4902 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Video Mixing Renderer 9 ActiveX object access (browser-plugins.rules)
 * 1:4901 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer VMR Allocator Presenter 9 ActiveX object access (browser-plugins.rules)
 * 1:4900 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Outlook Progress Ctl ActiveX object access (browser-plugins.rules)
 * 1:4899 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer ISupportErrorInfo Interface ActiveX object access (browser-plugins.rules)
 * 1:4898 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer PSTypeComp ActiveX object access (browser-plugins.rules)
 * 1:4897 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer PSOAInterface ActiveX object access (browser-plugins.rules)
 * 1:4896 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer PSTypeLib ActiveX object access (browser-plugins.rules)
 * 1:4895 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer PSTypeInfo ActiveX object access (browser-plugins.rules)
 * 1:4894 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer PSEnumVariant ActiveX object access (browser-plugins.rules)
 * 1:4893 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Trident HTMLEditor ActiveX object access (browser-plugins.rules)
 * 1:4892 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MTSEvents Class ActiveX object access (browser-plugins.rules)
 * 1:4891 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer cfw Class ActiveX object access (browser-plugins.rules)
 * 1:4890 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer IAVIStream & IAVIFile Proxy ActiveX object access (browser-plugins.rules)
 * 1:4755 <-> ENABLED <-> OS-WINDOWS DCERPC NCADG-IP-UDP locator nsi_binding_lookup_begin overflow attempt (os-windows.rules)
 * 1:4754 <-> ENABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP locator nsi_binding_lookup_begin overflow attempt (os-windows.rules)
 * 1:4681 <-> DISABLED <-> SERVER-WEBAPP Symantec Antivirus admin scan interface negative Content-Length attempt (server-webapp.rules)
 * 1:4650 <-> DISABLED <-> SERVER-WEBAPP cacti graph_image.php access (server-webapp.rules)
 * 1:4648 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer wang image admin activex object access (browser-plugins.rules)
 * 1:4608 <-> DISABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP netware_cs function 43 overflow attempt (os-windows.rules)
 * 1:4413 <-> DISABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP spoolss AddPrinterEx overflow attempt (os-windows.rules)
 * 1:4358 <-> ENABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP umpnpmgr PNP_GetDeviceListSize attempt (os-windows.rules)
 * 1:4334 <-> DISABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP umpnpmgr PNP_GetDeviceList attempt (os-windows.rules)
 * 1:4246 <-> ENABLED <-> OS-WINDOWS DCERPC NCADG-IP-UDP msdtc BuildContextW overflow attempt (os-windows.rules)
 * 1:4245 <-> ENABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP msdtc BuildContextW overflow attempt (os-windows.rules)
 * 1:4236 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WMI ASDI Extension ActiveX object access (browser-plugins.rules)
 * 1:4235 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Helper Object for Java ActiveX object access (browser-plugins.rules)
 * 1:4234 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSVTDGridCtrl7 ActiveX object access (browser-plugins.rules)
 * 1:4233 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Visual Database Tools Query Designer v7.0 ActiveX object access (browser-plugins.rules)
 * 1:4232 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer SysTray Invoker ActiveX object access (browser-plugins.rules)
 * 1:4231 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer SysTray ActiveX object access (browser-plugins.rules)
 * 1:4230 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Search Assistant UI ActiveX object access (browser-plugins.rules)
 * 1:4229 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSAPP Export Support for Office Access ActiveX object access (browser-plugins.rules)
 * 1:4228 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Start Menu ActiveX object access (browser-plugins.rules)
 * 1:4227 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Network Connections ActiveX object access (browser-plugins.rules)
 * 1:4226 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DocHost User Interface Handler ActiveX object access (browser-plugins.rules)
 * 1:4225 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Repository ActiveX object access (browser-plugins.rules)
 * 1:4224 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer VideoPort ActiveX object access (browser-plugins.rules)
 * 1:4223 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer OpenCable Class ActiveX object access (browser-plugins.rules)
 * 1:4222 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Outllib.dll ActiveX object access (browser-plugins.rules)
 * 1:4221 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer ProxyStub Dispatch ActiveX object access (browser-plugins.rules)
 * 1:4220 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Network and Dial-Up Connections ActiveX object access (browser-plugins.rules)
 * 1:4219 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Network Connections Tray ActiveX object access (browser-plugins.rules)
 * 1:4218 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Microsoft Windows Visual Basic WebClass ActiveX object access (browser-plugins.rules)
 * 1:4217 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Office Services on the Web Free/Busy ActiveX object access (browser-plugins.rules)
 * 1:4216 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer CLSID_CComAcctImport ActiveX object access (browser-plugins.rules)
 * 1:4215 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer HTML Popup Window ActiveX object access (browser-plugins.rules)
 * 1:4214 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer TipGW Init ActiveX object access (browser-plugins.rules)
 * 1:4213 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DDS Picture Shape Control ActiveX object access (browser-plugins.rules)
 * 1:4212 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DDS Generic Class ActiveX object access (browser-plugins.rules)
 * 1:4211 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DDS Library Shape Control ActiveX object access (browser-plugins.rules)
 * 1:4210 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Msb1geen.dll ActiveX object access (browser-plugins.rules)
 * 1:3001 <-> DISABLED <-> OS-WINDOWS SMB Session Setup NTMLSSP andx asn1 overflow attempt (os-windows.rules)
 * 1:3002 <-> DISABLED <-> OS-WINDOWS SMB Session Setup NTMLSSP unicode andx asn1 overflow attempt (os-windows.rules)
 * 1:3000 <-> DISABLED <-> OS-WINDOWS SMB Session Setup NTMLSSP unicode asn1 overflow attempt (os-windows.rules)
 * 1:2936 <-> DISABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP nddeapi NDdeSetTrustedShareW overflow attempt (os-windows.rules)
 * 1:2926 <-> DISABLED <-> SERVER-WEBAPP PhpGedView PGV base directory manipulation (server-webapp.rules)
 * 1:4201 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Queued Components Recorder ActiveX object access (browser-plugins.rules)
 * 1:4200 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Index Server Scope Administration ActiveX object access (browser-plugins.rules)
 * 1:4199 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Blnmgrps.dll ActiveX object access (browser-plugins.rules)
 * 1:4198 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Blnmgrps.dll ActiveX object access (browser-plugins.rules)
 * 1:4197 <-> DISABLED <-> BROWSER-PLUGINS DigWebX MSN ActiveX object access (browser-plugins.rules)
 * 1:4193 <-> DISABLED <-> BROWSER-PLUGINS Kodak Image Editing ActiveX object access (browser-plugins.rules)
 * 1:4191 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows MsnPUpld ActiveX object access (browser-plugins.rules)
 * 1:4192 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer HHOpen ActiveX object access (browser-plugins.rules)
 * 1:4190 <-> DISABLED <-> BROWSER-PLUGINS Kodak Thumbnail Image ActiveX object access (browser-plugins.rules)
 * 1:4189 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Third-Party Plugin ActiveX object access (browser-plugins.rules)
 * 1:4188 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer RAV Online Scanner ActiveX object access (browser-plugins.rules)
 * 1:4187 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Terminal Services Advanced Client ActiveX object access (browser-plugins.rules)
 * 1:4186 <-> DISABLED <-> BROWSER-PLUGINS Kodak Image Editing ActiveX object access (browser-plugins.rules)
 * 1:4185 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Terminal Services Advanced Client ActiveX object access (browser-plugins.rules)
 * 1:4184 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Certificate Enrollment ActiveX object access (browser-plugins.rules)
 * 1:4183 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows HTML Help ActiveX object access (browser-plugins.rules)
 * 1:4182 <-> DISABLED <-> BROWSER-PLUGINS Microsoft MSN Chat v4.5, 4.6 ActiveX object access (browser-plugins.rules)
 * 1:4181 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Smartcard Enrollment ActiveX object access (browser-plugins.rules)
 * 1:4180 <-> DISABLED <-> BROWSER-PLUGINS Kodak Image Scan Control ActiveX object access (browser-plugins.rules)
 * 1:4179 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows DirectX Files Viewer ActiveX object access (browser-plugins.rules)
 * 1:4178 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Office 2000 and 2002 Web Components Record Navigation Control ActiveX object access (browser-plugins.rules)
 * 1:4176 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Office 2000 and 2002 Web Components Chart ActiveX object access (browser-plugins.rules)
 * 1:4177 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Office 2000 and 2002 Web Components Spreadsheet ActiveX clsid access (browser-plugins.rules)
 * 1:4175 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Office 2000/2002 Web Components PivotTable ActiveX object access (browser-plugins.rules)
 * 1:4174 <-> DISABLED <-> BROWSER-PLUGINS Symantec RuFSI registry Information Class ActiveX object access (browser-plugins.rules)
 * 1:4173 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows MsnPUpld ActiveX object access (browser-plugins.rules)
 * 1:4171 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Registration Wizard ActiveX object access (browser-plugins.rules)
 * 1:4172 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Agent v1.5 ActiveX clsid access (browser-plugins.rules)
 * 1:4170 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Office 2000 and 2002 Web Components Data Source Control ActiveX clsid access (browser-plugins.rules)
 * 1:4169 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Active Setup ActiveX object access (browser-plugins.rules)
 * 1:4168 <-> DISABLED <-> BROWSER-PLUGINS Shell Automation Service ActiveX object access (browser-plugins.rules)
 * 1:4165 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Image Control 1.0 ActiveX object access (browser-plugins.rules)
 * 1:4167 <-> DISABLED <-> BROWSER-PLUGINS MSN Heartbeat ActiveX clsid access (browser-plugins.rules)
 * 1:4164 <-> DISABLED <-> BROWSER-PLUGINS DigWebX MSN ActiveX object access (browser-plugins.rules)
 * 1:4163 <-> DISABLED <-> BROWSER-PLUGINS DigWebX MSN ActiveX object access (browser-plugins.rules)
 * 1:4162 <-> DISABLED <-> BROWSER-PLUGINS DigWebX MSN ActiveX object access (browser-plugins.rules)
 * 1:4160 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Reporting Tool ActiveX object access (browser-plugins.rules)
 * 1:4161 <-> DISABLED <-> BROWSER-PLUGINS DigWebX MSN ActiveX object access (browser-plugins.rules)
 * 1:4159 <-> DISABLED <-> BROWSER-PLUGINS Multimedia File Property Sheet ActiveX object access (browser-plugins.rules)
 * 1:4158 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Media Player Active Movie ActiveX object access (browser-plugins.rules)
 * 1:4157 <-> DISABLED <-> BROWSER-PLUGINS MSN Setup BBS 4.71.0.10 ActiveX object access (browser-plugins.rules)
 * 1:4155 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer htmlfile ActiveX object access (browser-plugins.rules)
 * 1:4156 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Media Player 7+ ActiveX object access (browser-plugins.rules)
 * 1:4154 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Active Setup ActiveX object access (browser-plugins.rules)
 * 1:4153 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Eyedog ActiveX object access (browser-plugins.rules)
 * 1:4152 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Media Player 6.4 ActiveX object access (browser-plugins.rules)
 * 1:4151 <-> DISABLED <-> BROWSER-PLUGINS System Monitor Source Properties ActiveX object access (browser-plugins.rules)
 * 1:4150 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Office Outlook View OVCtl ActiveX function call access (browser-plugins.rules)
 * 1:4148 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer  DHTML Editing ActiveX clsid access (browser-plugins.rules)
 * 1:4147 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer ActiveLabel ActiveX object access (browser-plugins.rules)
 * 1:4146 <-> DISABLED <-> BROWSER-PLUGINS Share Point Portal Services Log Sink ActiveX object access (browser-plugins.rules)
 * 1:4145 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Trouble Shooter ActiveX object access (browser-plugins.rules)
 * 1:4072 <-> ENABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP umpnpmgr PNP_DetectResourceConflict attempt (os-windows.rules)
 * 1:3967 <-> ENABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP umpnpmgr PNP_QueryResConfList attempt (os-windows.rules)
 * 1:3827 <-> DISABLED <-> SERVER-WEBAPP xmlrpc.php post attempt (server-webapp.rules)
 * 1:3824 <-> DISABLED <-> SERVER-MAIL AUTH user overflow attempt (server-mail.rules)
 * 1:3822 <-> DISABLED <-> SERVER-WEBAPP RealNetworks RealPlayer realtext long URI request attempt (server-webapp.rules)
 * 1:3816 <-> DISABLED <-> SERVER-WEBAPP BadBlue ext.dll buffer overflow attempt (server-webapp.rules)
 * 1:3694 <-> DISABLED <-> SERVER-WEBAPP Squid content length cache poisoning attempt (server-webapp.rules)
 * 1:3693 <-> DISABLED <-> SERVER-WEBAPP IBM WebSphere j_security_check overflow attempt (server-webapp.rules)
 * 1:3682 <-> DISABLED <-> SERVER-MAIL spoofed MIME-Type auto-execution attempt (server-mail.rules)
 * 1:3676 <-> DISABLED <-> SERVER-WEBAPP newsscript.pl admin attempt (server-webapp.rules)
 * 1:3675 <-> DISABLED <-> SERVER-OTHER IBM DB2 DTS empty format string dos attempt (server-other.rules)
 * 1:3673 <-> DISABLED <-> OS-WINDOWS Microsoft SMS remote control client DoS overly long length attempt (os-windows.rules)
 * 1:3656 <-> DISABLED <-> SERVER-MAIL MDaemon 6.5.1 and prior versions MAIL overflow attempt (server-mail.rules)
 * 1:3655 <-> DISABLED <-> SERVER-MAIL SEND overflow attempt (server-mail.rules)
 * 1:3654 <-> DISABLED <-> SERVER-MAIL SOML overflow attempt (server-mail.rules)
 * 1:3653 <-> DISABLED <-> SERVER-MAIL SAML overflow attempt (server-mail.rules)
 * 1:3629 <-> DISABLED <-> SERVER-WEBAPP sambar /search/results.stm access (server-webapp.rules)
 * 1:3591 <-> DISABLED <-> OS-WINDOWS DCERPC NCADG-IP-UDP mqqm QMDeleteObject overflow attempt (os-windows.rules)
 * 1:3590 <-> DISABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP mqqm QMDeleteObject overflow attempt (os-windows.rules)
 * 1:3547 <-> DISABLED <-> SERVER-WEBAPP TrackerCam overly long php parameter overflow attempt (server-webapp.rules)
 * 1:3548 <-> DISABLED <-> SERVER-WEBAPP TrackerCam negative Content-Length attempt (server-webapp.rules)
 * 1:3546 <-> DISABLED <-> SERVER-WEBAPP TrackerCam User-Agent buffer overflow attempt (server-webapp.rules)
 * 1:3545 <-> DISABLED <-> SERVER-WEBAPP TrackerCam ComGetLogFile.php3 log information disclosure (server-webapp.rules)
 * 1:3544 <-> DISABLED <-> SERVER-WEBAPP TrackerCam ComGetLogFile.php3 directory traversal attempt (server-webapp.rules)
 * 1:3486 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SSLv3 invalid data version attempt (os-windows.rules)
 * 1:3467 <-> DISABLED <-> SERVER-WEBAPP CISCO VoIP Portinformation access (server-webapp.rules)
 * 1:3461 <-> DISABLED <-> SERVER-MAIL Content-Type overflow attempt (server-mail.rules)
 * 1:3454 <-> DISABLED <-> SERVER-OTHER Arkeia client backup generic info probe (server-other.rules)
 * 1:3453 <-> DISABLED <-> SERVER-OTHER Arkeia client backup system info probe (server-other.rules)
 * 1:3409 <-> ENABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP IActivation remoteactivation overflow attempt (os-windows.rules)
 * 1:3398 <-> ENABLED <-> OS-WINDOWS DCERPC NCADG-IP-UDP ISystemActivator RemoteCreateInstance attempt (os-windows.rules)
 * 1:3397 <-> ENABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP ISystemActivator RemoteCreateInstance attempt (os-windows.rules)
 * 1:3239 <-> DISABLED <-> OS-WINDOWS DCERPC NCADG-IP-UDP irot IrotIsRunning/Revoke overflow attempt (os-windows.rules)
 * 1:3238 <-> DISABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP irot IrotIsRunning/Revoke overflow attempt (os-windows.rules)
 * 1:3235 <-> DISABLED <-> OS-WINDOWS Messenger message overflow attempt (os-windows.rules)
 * 1:3234 <-> DISABLED <-> OS-WINDOWS Messenger message little endian overflow attempt (os-windows.rules)
 * 1:246 <-> DISABLED <-> MALWARE-OTHER mstream agent pong to handler (malware-other.rules)
 * 1:248 <-> DISABLED <-> MALWARE-OTHER mstream handler to client (malware-other.rules)
 * 1:3218 <-> DISABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP winreg OpenKey overflow attempt (os-windows.rules)
 * 1:3196 <-> DISABLED <-> OS-WINDOWS name query overflow attempt UDP (os-windows.rules)
 * 1:3195 <-> DISABLED <-> OS-WINDOWS name query overflow attempt TCP (os-windows.rules)
 * 1:3171 <-> ENABLED <-> OS-WINDOWS DCERPC NCADG-IP-UDP msqueue function 4 overflow attempt (os-windows.rules)
 * 1:317 <-> DISABLED <-> OS-LINUX x86 Linux mountd overflow (os-linux.rules)
 * 1:316 <-> DISABLED <-> OS-LINUX x86 Linux mountd overflow (os-linux.rules)
 * 1:3159 <-> ENABLED <-> OS-WINDOWS DCERPC NCADG-IP-UDP ISystemActivator CoGetInstanceFromFile attempt (os-windows.rules)
 * 1:3158 <-> ENABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP ISystemActivator CoGetInstanceFromFile attempt (os-windows.rules)
 * 1:315 <-> DISABLED <-> OS-LINUX x86 Linux mountd overflow (os-linux.rules)
 * 1:3146 <-> DISABLED <-> OS-WINDOWS SMB-DS Trans2 FIND_FIRST2 response andx overflow attempt (os-windows.rules)
 * 1:3145 <-> DISABLED <-> OS-WINDOWS SMB-DS Trans2 FIND_FIRST2 response overflow attempt (os-windows.rules)
 * 1:3144 <-> DISABLED <-> OS-WINDOWS SMB Trans2 FIND_FIRST2 response andx overflow attempt (os-windows.rules)
 * 1:3143 <-> DISABLED <-> OS-WINDOWS SMB Trans2 FIND_FIRST2 command response overflow attempt (os-windows.rules)
 * 1:247 <-> DISABLED <-> MALWARE-OTHER mstream client to handler (malware-other.rules)
 * 1:314 <-> DISABLED <-> SERVER-OTHER Bind Buffer Overflow named tsig overflow attempt (server-other.rules)
 * 1:3130 <-> DISABLED <-> PUA-OTHER Microsoft MSN Messenger png overflow (pua-other.rules)
 * 1:313 <-> DISABLED <-> OS-LINUX ntalkd x86 Linux overflow (os-linux.rules)
 * 1:3114 <-> DISABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP llsrpc LlsrConnect overflow attempt (os-windows.rules)
 * 1:3086 <-> DISABLED <-> SERVER-WEBAPP 3Com 3CRADSL72 ADSL 11g Wireless Router app_sta.stm access attempt (server-webapp.rules)
 * 1:3078 <-> DISABLED <-> NNTP Microsoft Windows SEARCH pattern overflow attempt (nntp.rules)
 * 1:303 <-> DISABLED <-> SERVER-OTHER Bind Buffer Overflow named tsig overflow attempt (server-other.rules)
 * 1:2484 <-> DISABLED <-> SERVER-WEBAPP source.jsp access (server-webapp.rules)
 * 1:3016 <-> DISABLED <-> MALWARE-CNC Insane Network 4.0 connection port 63536 (malware-cnc.rules)
 * 1:3014 <-> DISABLED <-> MALWARE-CNC Asylum 0.1 connection (malware-cnc.rules)
 * 1:3015 <-> DISABLED <-> MALWARE-CNC Insane Network 4.0 connection (malware-cnc.rules)
 * 1:3005 <-> DISABLED <-> OS-WINDOWS SMB-DS Session Setup NTMLSSP unicode andx asn1 overflow attempt (os-windows.rules)
 * 1:3004 <-> DISABLED <-> OS-WINDOWS SMB-DS Session Setup NTMLSSP andx asn1 overflow attempt (os-windows.rules)
 * 1:3003 <-> DISABLED <-> OS-WINDOWS SMB-DS Session Setup NTMLSSP unicode asn1 overflow attempt (os-windows.rules)
 * 1:9427 <-> DISABLED <-> BROWSER-PLUGINS Acer LunchApp.APlunch ActiveX clsid access (browser-plugins.rules)
 * 1:9620 <-> DISABLED <-> SERVER-WEBAPP pajax call_dispatcher remote exec attempt (server-webapp.rules)
 * 1:9626 <-> DISABLED <-> BROWSER-PLUGINS AcroPDF.PDF ActiveX clsid access (browser-plugins.rules)
 * 1:9629 <-> DISABLED <-> BROWSER-PLUGINS Citrix.ICAClient ActiveX clsid access (browser-plugins.rules)
 * 1:9631 <-> DISABLED <-> BROWSER-PLUGINS Citrix.ICAClient ActiveX function call access (browser-plugins.rules)
 * 1:9640 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows ADODB.Connection ActiveX function call access (browser-plugins.rules)
 * 1:9647 <-> DISABLED <-> MALWARE-OTHER Keylogger system surveillance pro runtime detection (malware-other.rules)
 * 1:9648 <-> DISABLED <-> MALWARE-OTHER Keylogger emailspypro runtime detection (malware-other.rules)
 * 1:9649 <-> DISABLED <-> MALWARE-OTHER Keylogger ghost Keylogger runtime detection - flowbit set (malware-other.rules)
 * 1:9650 <-> DISABLED <-> MALWARE-OTHER Keylogger ghost Keylogger runtime detection (malware-other.rules)
 * 1:9668 <-> DISABLED <-> BROWSER-PLUGINS Outlook Recipient Control ActiveX clsid access (browser-plugins.rules)
 * 1:9670 <-> DISABLED <-> BROWSER-PLUGINS Outlook Recipient Control ActiveX function call access (browser-plugins.rules)
 * 1:9671 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer AutoStream.AutoStream.1 ActiveX clsid access (browser-plugins.rules)
 * 1:9673 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer AutoStream.AutoStream.1 ActiveX function call access (browser-plugins.rules)
 * 1:976 <-> DISABLED <-> SERVER-WEBAPP .bat? access (server-webapp.rules)
 * 1:9769 <-> ENABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP msqueue function 4 overflow attempt (os-windows.rules)
 * 1:9791 <-> DISABLED <-> SERVER-WEBAPP .cmd? access (server-webapp.rules)
 * 1:9793 <-> DISABLED <-> BROWSER-PLUGINS Yahoo Messenger YMMAPI.YMailAttach ActiveX clsid access (browser-plugins.rules)
 * 1:9795 <-> DISABLED <-> BROWSER-PLUGINS Panda ActiveScan ActiveScan.1 ActiveX clsid access (browser-plugins.rules)
 * 1:9797 <-> DISABLED <-> BROWSER-PLUGINS Panda ActiveScan ActiveScan.1 ActiveX function call access (browser-plugins.rules)
 * 1:9798 <-> DISABLED <-> BROWSER-PLUGINS Panda ActiveScan PAVPZ.SOS.1 ActiveX clsid access (browser-plugins.rules)
 * 1:9800 <-> DISABLED <-> BROWSER-PLUGINS Panda ActiveScan PAVPZ.SOS.1 ActiveX function call access (browser-plugins.rules)
 * 1:9812 <-> DISABLED <-> BROWSER-PLUGINS Yahoo Messenger YMMAPI.YMailAttach ActiveX function call access (browser-plugins.rules)
 * 1:9814 <-> DISABLED <-> BROWSER-PLUGINS ICQPhone.SipxPhoneManager ActiveX clsid access (browser-plugins.rules)
 * 1:9816 <-> DISABLED <-> BROWSER-PLUGINS ICQPhone.SipxPhoneManager ActiveX function call access (browser-plugins.rules)
 * 1:9817 <-> DISABLED <-> BROWSER-PLUGINS CEnroll.CEnroll.2 ActiveX clsid access (browser-plugins.rules)
 * 1:9820 <-> ENABLED <-> BROWSER-PLUGINS OWC11.DataSourceControl.11 ActiveX function call access (browser-plugins.rules)
 * 1:9821 <-> DISABLED <-> BROWSER-PLUGINS TriEditDocument.TriEditDocument ActiveX clsid access (browser-plugins.rules)
 * 1:9824 <-> DISABLED <-> BROWSER-PLUGINS Rediff Bol Downloader ActiveX clsid access (browser-plugins.rules)
 * 1:9826 <-> DISABLED <-> BROWSER-PLUGINS Rediff Bol Downloader ActiveX function call access (browser-plugins.rules)
 * 1:9827 <-> DISABLED <-> MALWARE-OTHER Keylogger paq keylog runtime detection - smtp (malware-other.rules)
 * 1:9828 <-> DISABLED <-> MALWARE-OTHER Keylogger paq keylog runtime detection - ftp (malware-other.rules)
 * 1:9830 <-> DISABLED <-> MALWARE-OTHER Keylogger supreme spy runtime detection (malware-other.rules)
 * 1:9914 <-> DISABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP tapisrv ClientRequest LSetAppPriority overflow attempt (os-windows.rules)
 * 1:8527 <-> DISABLED <-> SERVER-MSSQL xp_SetSQLSecurity unicode vulnerable function attempt (server-mssql.rules)
 * 1:8528 <-> DISABLED <-> SERVER-MSSQL xp_SetSQLSecurity vulnerable function attempt (server-mssql.rules)
 * 1:8529 <-> DISABLED <-> SERVER-MSSQL xp_showcolv unicode vulnerable function attempt (server-mssql.rules)
 * 1:8530 <-> DISABLED <-> SERVER-MSSQL xp_showcolv unicode vulnerable function attempt (server-mssql.rules)
 * 1:8531 <-> DISABLED <-> SERVER-MSSQL xp_showcolv vulnerable function attempt (server-mssql.rules)
 * 1:8532 <-> DISABLED <-> SERVER-MSSQL xp_sqlagent_monitor unicode vulnerable function attempt (server-mssql.rules)
 * 1:8533 <-> DISABLED <-> SERVER-MSSQL xp_sqlagent_monitor vulnerable function attempt (server-mssql.rules)
 * 1:8534 <-> DISABLED <-> SERVER-MSSQL xp_sqlagent_monitor unicode vulnerable function attempt (server-mssql.rules)
 * 1:8535 <-> DISABLED <-> SERVER-MSSQL xp_sqlinventory unicode vulnerable function attempt (server-mssql.rules)
 * 1:8536 <-> DISABLED <-> SERVER-MSSQL xp_sqlinventory vulnerable function attempt (server-mssql.rules)
 * 1:8765 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DAView.1 ActiveX clsid access (browser-plugins.rules)
 * 1:8767 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DAView.1 ActiveX function call access (browser-plugins.rules)
 * 1:8768 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DAVector3.1 ActiveX clsid access (browser-plugins.rules)
 * 1:8770 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DAVector3.1 ActiveX function call access (browser-plugins.rules)
 * 1:8771 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DAVector2.1 ActiveX clsid access (browser-plugins.rules)
 * 1:8773 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DAVector2.1 ActiveX function call access (browser-plugins.rules)
 * 1:8774 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DAUserData.1 ActiveX clsid access (browser-plugins.rules)
 * 1:8776 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DAUserData.1 ActiveX function call access (browser-plugins.rules)
 * 1:8777 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DATransform3.1 ActiveX clsid access (browser-plugins.rules)
 * 1:8779 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DATransform3.1 ActiveX function call access (browser-plugins.rules)
 * 1:8780 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DATransform2.1 ActiveX clsid access (browser-plugins.rules)
 * 1:8782 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DATransform2.1 ActiveX function call access (browser-plugins.rules)
 * 1:8783 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DAString.1 ActiveX clsid access (browser-plugins.rules)
 * 1:8785 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DAString.1 ActiveX function call access (browser-plugins.rules)
 * 1:8786 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DASound.1 ActiveX clsid access (browser-plugins.rules)
 * 1:8788 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DASound.1 ActiveX function call access (browser-plugins.rules)
 * 1:8789 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DAPoint3.1 ActiveX clsid access (browser-plugins.rules)
 * 1:8791 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DAPoint3.1 ActiveX function call access (browser-plugins.rules)
 * 1:8792 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DAPoint2.1 ActiveX clsid access (browser-plugins.rules)
 * 1:8794 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DAPoint2.1 ActiveX function call access (browser-plugins.rules)
 * 1:8795 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DAPath2.1 ActiveX clsid access (browser-plugins.rules)
 * 1:8797 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DAPath2.1 ActiveX function call access (browser-plugins.rules)
 * 1:8798 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DAPair.1 ActiveX clsid access (browser-plugins.rules)
 * 1:8800 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DAPair.1 ActiveX function call access (browser-plugins.rules)
 * 1:8801 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DANumber.1 ActiveX clsid access (browser-plugins.rules)
 * 1:8803 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DANumber.1 ActiveX function call access (browser-plugins.rules)
 * 1:8804 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DAMontage.1 ActiveX clsid access (browser-plugins.rules)
 * 1:8806 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DAMontage.1 ActiveX function call access (browser-plugins.rules)
 * 1:8807 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DAMicrophone.1 ActiveX clsid access (browser-plugins.rules)
 * 1:8809 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DAMicrophone.1 ActiveX function call access (browser-plugins.rules)
 * 1:8810 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DAMatte.1 ActiveX clsid access (browser-plugins.rules)
 * 1:8812 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DAMatte.1 ActiveX function call access (browser-plugins.rules)
 * 1:8813 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DALineStyle.1 ActiveX clsid access (browser-plugins.rules)
 * 1:8815 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DALineStyle.1 ActiveX function call access (browser-plugins.rules)
 * 1:8816 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DAJoinStyle.1 ActiveX clsid access (browser-plugins.rules)
 * 1:8818 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DAJoinStyle.1 ActiveX function call access (browser-plugins.rules)
 * 1:8819 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DAImage.1 ActiveX clsid access (browser-plugins.rules)
 * 1:8821 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DAImage.1 ActiveX function call access (browser-plugins.rules)
 * 1:8822 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DAGeometry.1 ActiveX clsid access (browser-plugins.rules)
 * 1:8824 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DAGeometry.1 ActiveX function call access (browser-plugins.rules)
 * 1:8825 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DADashStyle.1 ActiveX clsid access (browser-plugins.rules)
 * 1:8827 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DADashStyle.1 ActiveX function call access (browser-plugins.rules)
 * 1:8828 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DAColor.1 ActiveX clsid access (browser-plugins.rules)
 * 1:8830 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DAColor.1 ActiveX function call access (browser-plugins.rules)
 * 1:8831 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DACamera.1 ActiveX clsid access (browser-plugins.rules)
 * 1:8833 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DACamera.1 ActiveX function call access (browser-plugins.rules)
 * 1:8834 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DABoolean.1 ActiveX clsid access (browser-plugins.rules)
 * 1:8836 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DABoolean.1 ActiveX function call access (browser-plugins.rules)
 * 1:8837 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DABbox3.1 ActiveX clsid access (browser-plugins.rules)
 * 1:8839 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DABbox3.1 ActiveX function call access (browser-plugins.rules)
 * 1:8840 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DABbox2.1 ActiveX clsid access (browser-plugins.rules)
 * 1:8842 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DABbox2.1 ActiveX function call access (browser-plugins.rules)
 * 1:8843 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DAArray.1 ActiveX clsid access (browser-plugins.rules)
 * 1:8845 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DAArray.1 ActiveX function call access (browser-plugins.rules)
 * 1:8846 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Agent Character Custom Proxy Class ActiveX clsid access (browser-plugins.rules)
 * 1:8848 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Agent Notify Sink Custom Proxy Class ActiveX clsid access (browser-plugins.rules)
 * 1:8850 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Agent Custom Proxy Class ActiveX clsid access (browser-plugins.rules)
 * 1:8852 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Agent v2.0 ActiveX clsid access (browser-plugins.rules)
 * 1:8854 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Agent v2.0 ActiveX function call access (browser-plugins.rules)
 * 1:8856 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Agent v1.5 ActiveX function call access (browser-plugins.rules)
 * 1:8925 <-> DISABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP wkssvc NetrAddAlternateComputerName overflow attempt (os-windows.rules)
 * 1:9027 <-> ENABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP wkssvc NetrJoinDomain2 overflow attempt (os-windows.rules)
 * 1:9129 <-> DISABLED <-> BROWSER-PLUGINS WinZip FileView 6.1 ActiveX clsid access (browser-plugins.rules)
 * 1:9131 <-> DISABLED <-> BROWSER-PLUGINS WinZip FileView 6.1 ActiveX function call access (browser-plugins.rules)
 * 1:9132 <-> DISABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP netware_cs NwrOpenEnumNdsStubTrees_Any overflow attempt (os-windows.rules)
 * 1:9228 <-> DISABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP netware_cs NwGetConnectionInformation overflow attempt (os-windows.rules)
 * 1:1001 <-> DISABLED <-> SERVER-WEBAPP carbo.dll access (server-webapp.rules)
 * 1:10013 <-> DISABLED <-> BROWSER-PLUGINS CCRP FolderTreeView ActiveX clsid access (browser-plugins.rules)
 * 1:10015 <-> DISABLED <-> BROWSER-PLUGINS Oracle ORADC ActiveX clsid access (browser-plugins.rules)
 * 1:10017 <-> DISABLED <-> BROWSER-PLUGINS Oracle ORADC ActiveX function call access (browser-plugins.rules)
 * 1:10084 <-> DISABLED <-> BROWSER-PLUGINS NCTAudioFile2 ActiveX clsid access (browser-plugins.rules)
 * 1:10086 <-> DISABLED <-> BROWSER-PLUGINS NCTAudioFile2 ActiveX function call access (browser-plugins.rules)
 * 1:10088 <-> DISABLED <-> MALWARE-OTHER Keylogger beyond Keylogger runtime detection - log sent by smtp (malware-other.rules)
 * 1:10089 <-> DISABLED <-> MALWARE-OTHER Keylogger beyond Keylogger runtime detection - log sent by ftp (malware-other.rules)
 * 1:10096 <-> DISABLED <-> MALWARE-OTHER Keylogger win32.remotekeylog.b runtime detection - keylog (malware-other.rules)
 * 1:10097 <-> DISABLED <-> MALWARE-OTHER Keylogger win32.remotekeylog.b runtime detection (malware-other.rules)
 * 1:10098 <-> DISABLED <-> MALWARE-OTHER Keylogger win32.remotekeylog.b runtime detection - get system info (malware-other.rules)
 * 1:10099 <-> DISABLED <-> MALWARE-OTHER Keylogger win32.remotekeylog.b runtime detection (malware-other.rules)
 * 1:10100 <-> DISABLED <-> MALWARE-OTHER Keylogger win32.remotekeylog.b runtime detection - open website (malware-other.rules)
 * 1:10128 <-> DISABLED <-> BROWSER-PLUGINS Aliplay ActiveX clsid access (browser-plugins.rules)
 * 1:10137 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Input Method Editor ActiveX clsid access (browser-plugins.rules)
 * 1:10139 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Input Method Editor ActiveX function call access (browser-plugins.rules)
 * 1:10140 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Input Method Editor 2 ActiveX clsid access (browser-plugins.rules)
 * 1:10142 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer LexRefBilingualTextContext ActiveX clsid access (browser-plugins.rules)
 * 1:10144 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer LexRefBilingualTextContext ActiveX function call access (browser-plugins.rules)
 * 1:10145 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer HTML Inline Sound Control ActiveX clsid access (browser-plugins.rules)
 * 1:10147 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer HTML Inline Sound Control ActiveX function call access (browser-plugins.rules)
 * 1:10148 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer HTML Inline Movie Control ActiveX clsid access (browser-plugins.rules)
 * 1:10150 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer HTML Inline Movie Control ActiveX function call access (browser-plugins.rules)
 * 1:10151 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer BlnSetUser Proxy ActiveX clsid access (browser-plugins.rules)
 * 1:10153 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer BlnSetUser Proxy ActiveX function call access (browser-plugins.rules)
 * 1:10154 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer BlnSetUser Proxy 2 ActiveX clsid access (browser-plugins.rules)
 * 1:10156 <-> DISABLED <-> BROWSER-PLUGINS ActiveX Soft DVD Tools ActiveX clsid access (browser-plugins.rules)
 * 1:10162 <-> DISABLED <-> BROWSER-PLUGINS BrowseDialog ActiveX clsid access (browser-plugins.rules)
 * 1:10165 <-> DISABLED <-> MALWARE-OTHER Keylogger mybr Keylogger runtime detection (malware-other.rules)
 * 1:10167 <-> DISABLED <-> MALWARE-OTHER Keylogger radar spy 1.0 runtime detection - send html log (malware-other.rules)
 * 1:10170 <-> DISABLED <-> BROWSER-PLUGINS Verisign ConfigCHK ActiveX clsid access (browser-plugins.rules)
 * 1:10172 <-> DISABLED <-> SERVER-WEBAPP uTorrent announce buffer overflow attempt (server-webapp.rules)
 * 1:10173 <-> DISABLED <-> BROWSER-PLUGINS Trend Micro OfficeScan Client ActiveX clsid access (browser-plugins.rules)
 * 1:10175 <-> DISABLED <-> BROWSER-PLUGINS Trend Micro OfficeScan Client ActiveX function call access (browser-plugins.rules)
 * 1:10176 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Shell User Enumeration Object ActiveX clsid access (browser-plugins.rules)
 * 1:10178 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Shell User Enumeration Object ActiveX function call access (browser-plugins.rules)
 * 1:10181 <-> DISABLED <-> MALWARE-OTHER Keylogger systemsleuth runtime detection (malware-other.rules)
 * 1:10183 <-> DISABLED <-> MALWARE-OTHER Keylogger activity Keylogger runtime detection (malware-other.rules)
 * 1:10186 <-> DISABLED <-> SERVER-MAIL ClamAV mime parsing directory traversal (server-mail.rules)
 * 1:10189 <-> DISABLED <-> BROWSER-PLUGINS DivXBrowserPlugin ActiveX clsid access (browser-plugins.rules)
 * 1:10191 <-> DISABLED <-> BROWSER-PLUGINS DivXBrowserPlugin ActiveX function call access (browser-plugins.rules)
 * 1:10192 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer Ierpplug.dll ActiveX clsid access (browser-plugins.rules)
 * 1:10193 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer Ierpplug.dll ActiveX function call access (browser-plugins.rules)
 * 1:10194 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer Ierpplug.dll ActiveX function call access (browser-plugins.rules)
 * 1:10195 <-> DISABLED <-> SERVER-WEBAPP Content-Length buffer overflow attempt (server-webapp.rules)
 * 1:10214 <-> DISABLED <-> BROWSER-PLUGINS Shockwave ActiveX Control ActiveX clsid access (browser-plugins.rules)
 * 1:10216 <-> DISABLED <-> BROWSER-PLUGINS Shockwave ActiveX Control ActiveX function call access (browser-plugins.rules)
 * 1:10387 <-> DISABLED <-> BROWSER-PLUGINS McAfee Site Manager ActiveX clsid access (browser-plugins.rules)
 * 1:10389 <-> DISABLED <-> BROWSER-PLUGINS McAfee Site Manager ActiveX function call access (browser-plugins.rules)
 * 1:10390 <-> DISABLED <-> BROWSER-PLUGINS Symantec Support Controls SmartIssue ActiveX clsid access (browser-plugins.rules)
 * 1:10392 <-> DISABLED <-> BROWSER-PLUGINS Symantec Support Controls SmartIssue ActiveX function call access (browser-plugins.rules)
 * 1:10393 <-> DISABLED <-> BROWSER-PLUGINS Symantec SupportSoft SmartIssue ActiveX clsid access (browser-plugins.rules)
 * 1:10395 <-> DISABLED <-> BROWSER-PLUGINS Symantec SupportSoft SmartIssue ActiveX function call access (browser-plugins.rules)
 * 1:10404 <-> DISABLED <-> BROWSER-PLUGINS SignKorea SKCommAX ActiveX clsid access (browser-plugins.rules)
 * 1:10406 <-> DISABLED <-> BROWSER-PLUGINS SignKorea SKCommAX ActiveX function call access (browser-plugins.rules)
 * 1:10412 <-> DISABLED <-> BROWSER-PLUGINS IBM Lotus SameTime STJNILoader Alt CLSID ActiveX clsid access (browser-plugins.rules)
 * 1:10414 <-> DISABLED <-> BROWSER-PLUGINS IBM Lotus SameTime STJNILoader Alt CLSID ActiveX function call access (browser-plugins.rules)
 * 1:10415 <-> DISABLED <-> BROWSER-PLUGINS IBM Lotus SameTime STJNILoader ActiveX clsid access (browser-plugins.rules)
 * 1:10417 <-> DISABLED <-> BROWSER-PLUGINS IBM Lotus SameTime STJNILoader ActiveX function call access (browser-plugins.rules)
 * 1:10419 <-> DISABLED <-> BROWSER-PLUGINS HP Mercury Quality Center SPIDERLib ActiveX clsid access (browser-plugins.rules)
 * 1:10421 <-> DISABLED <-> BROWSER-PLUGINS HP Mercury Quality Center SPIDERLib ActiveX function call access (browser-plugins.rules)
 * 1:10423 <-> DISABLED <-> BROWSER-PLUGINS Yahoo Audio Conferencing ActiveX clsid access (browser-plugins.rules)
 * 1:10425 <-> DISABLED <-> BROWSER-PLUGINS Yahoo Audio Conferencing ActiveX function call access (browser-plugins.rules)
 * 1:10427 <-> DISABLED <-> BROWSER-PLUGINS Kaspersky AntiVirus SysInfo ActiveX clsid access (browser-plugins.rules)
 * 1:10429 <-> DISABLED <-> BROWSER-PLUGINS Kaspersky AntiVirus SysInfo ActiveX function call access (browser-plugins.rules)
 * 1:10431 <-> DISABLED <-> BROWSER-PLUGINS Kaspersky AntiVirus KAV60Info ActiveX clsid access (browser-plugins.rules)
 * 1:10433 <-> DISABLED <-> BROWSER-PLUGINS Kaspersky AntiVirus KAV60Info ActiveX function call access (browser-plugins.rules)
 * 1:10436 <-> DISABLED <-> MALWARE-OTHER Keylogger keyspy runtime detection (malware-other.rules)
 * 1:10440 <-> DISABLED <-> MALWARE-OTHER Keylogger pc black box runtime detection (malware-other.rules)
 * 1:10466 <-> DISABLED <-> BROWSER-PLUGINS iPIX Image Well ActiveX clsid access (browser-plugins.rules)
 * 1:10468 <-> DISABLED <-> BROWSER-PLUGINS iPIX Image Well ActiveX function call access (browser-plugins.rules)
 * 1:1047 <-> DISABLED <-> SERVER-WEBAPP Netscape Enterprise DOS (server-webapp.rules)
 * 1:10470 <-> DISABLED <-> BROWSER-PLUGINS iPIX Media Send Class ActiveX clsid access (browser-plugins.rules)
 * 1:10472 <-> DISABLED <-> BROWSER-PLUGINS iPIX Media Send Class ActiveX function call access (browser-plugins.rules)
 * 1:10475 <-> ENABLED <-> OS-WINDOWS Microsoft Windows UPnP notification type overflow attempt (os-windows.rules)
 * 1:10476 <-> DISABLED <-> BROWSER-PLUGINS MarkAny MaPrintModule_WORK ActiveX clsid access (browser-plugins.rules)
 * 1:10478 <-> DISABLED <-> BROWSER-PLUGINS MarkAny MaPrintModule_WORK ActiveX function call access (browser-plugins.rules)
 * 1:1048 <-> DISABLED <-> SERVER-WEBAPP Netscape Enterprise directory listing attempt (server-webapp.rules)
 * 1:1050 <-> DISABLED <-> SERVER-WEBAPP iPlanet GETPROPERTIES attempt (server-webapp.rules)
 * 1:1054 <-> DISABLED <-> SERVER-WEBAPP weblogic/tomcat .jsp view source attempt (server-webapp.rules)
 * 1:10603 <-> DISABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP dns R_DnssrvUpdateRecord2 overflow attempt (os-windows.rules)
 * 1:1062 <-> DISABLED <-> SERVER-WEBAPP nc.exe attempt (server-webapp.rules)
 * 1:1064 <-> DISABLED <-> SERVER-WEBAPP wsh attempt (server-webapp.rules)
 * 1:1065 <-> DISABLED <-> SERVER-WEBAPP rcmd attempt (server-webapp.rules)
 * 1:1066 <-> DISABLED <-> SERVER-WEBAPP telnet attempt (server-webapp.rules)
 * 1:1067 <-> DISABLED <-> SERVER-WEBAPP net attempt (server-webapp.rules)
 * 1:1068 <-> DISABLED <-> SERVER-WEBAPP tftp attempt (server-webapp.rules)
 * 1:1070 <-> DISABLED <-> SERVER-WEBAPP WebDAV search access (server-webapp.rules)
 * 1:1071 <-> DISABLED <-> SERVER-WEBAPP .htpasswd access (server-webapp.rules)
 * 1:1072 <-> DISABLED <-> SERVER-WEBAPP Lotus Domino directory traversal (server-webapp.rules)
 * 1:1073 <-> DISABLED <-> SERVER-WEBAPP webhits.exe access (server-webapp.rules)
 * 1:1080 <-> DISABLED <-> SERVER-WEBAPP unify eWave ServletExec upload (server-webapp.rules)
 * 1:1081 <-> DISABLED <-> SERVER-WEBAPP Netscape Servers suite DOS (server-webapp.rules)
 * 1:1082 <-> DISABLED <-> SERVER-WEBAPP amazon 1-click cookie theft (server-webapp.rules)
 * 1:1083 <-> DISABLED <-> SERVER-WEBAPP unify eWave ServletExec DOS (server-webapp.rules)
 * 1:1084 <-> DISABLED <-> SERVER-WEBAPP Allaire JRUN DOS attempt (server-webapp.rules)
 * 1:1085 <-> DISABLED <-> SERVER-WEBAPP strings overflow (server-webapp.rules)
 * 1:1086 <-> DISABLED <-> SERVER-WEBAPP strings overflow (server-webapp.rules)
 * 1:10900 <-> DISABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP dns R_DnssrvEnumRecords overflow attempt (os-windows.rules)
 * 1:1091 <-> DISABLED <-> SERVER-WEBAPP ICQ Webfront HTTP DOS (server-webapp.rules)
 * 1:1095 <-> DISABLED <-> SERVER-WEBAPP Talentsoft Web+ Source Code view access (server-webapp.rules)
 * 1:1096 <-> DISABLED <-> SERVER-WEBAPP Talentsoft Web+ internal IP Address access (server-webapp.rules)
 * 1:10978 <-> DISABLED <-> BROWSER-PLUGINS Second Sight Software ActiveGS ActiveX clsid access (browser-plugins.rules)
 * 1:1098 <-> DISABLED <-> SERVER-WEBAPP SmartWin CyberOffice Shopping Cart access (server-webapp.rules)
 * 1:10980 <-> DISABLED <-> BROWSER-PLUGINS Second Sight Software ActiveGS ActiveX function call access (browser-plugins.rules)
 * 1:10982 <-> DISABLED <-> BROWSER-PLUGINS Second Sight Software ActiveMod ActiveX clsid access (browser-plugins.rules)
 * 1:10984 <-> DISABLED <-> BROWSER-PLUGINS Second Sight Software ActiveMod ActiveX function call access (browser-plugins.rules)
 * 1:10986 <-> DISABLED <-> BROWSER-PLUGINS GraceNote CDDB ActiveX clsid access (browser-plugins.rules)
 * 1:10988 <-> DISABLED <-> BROWSER-PLUGINS GraceNote CDDB ActiveX function call access (browser-plugins.rules)
 * 1:1099 <-> DISABLED <-> SERVER-WEBAPP cybercop scan (server-webapp.rules)
 * 1:10990 <-> DISABLED <-> SERVER-WEBAPP encoded cross site scripting HTML Image tag attempt (server-webapp.rules)
 * 1:10991 <-> DISABLED <-> BROWSER-PLUGINS Microgaming Download Helper ActiveX clsid access (browser-plugins.rules)
 * 1:10993 <-> DISABLED <-> BROWSER-PLUGINS Microgaming Download Helper ActiveX function call access (browser-plugins.rules)
 * 1:10997 <-> DISABLED <-> SERVER-WEBAPP SSLv2 OpenSSl KEY_ARG buffer overflow attempt (server-webapp.rules)
 * 1:1100 <-> DISABLED <-> SERVER-WEBAPP L3retriever HTTP Probe (server-webapp.rules)
 * 1:1101 <-> DISABLED <-> SERVER-WEBAPP Webtrends HTTP probe (server-webapp.rules)
 * 1:1102 <-> DISABLED <-> SERVER-WEBAPP nessus 1.X 404 probe (server-webapp.rules)
 * 1:1103 <-> DISABLED <-> SERVER-WEBAPP Netscape admin passwd (server-webapp.rules)
 * 1:1105 <-> DISABLED <-> SERVER-WEBAPP BigBrother access (server-webapp.rules)
 * 1:1107 <-> DISABLED <-> SERVER-WEBAPP ftp.pl access (server-webapp.rules)
 * 1:11073 <-> DISABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP rpcss _RemoteGetClassObject attempt (os-windows.rules)
 * 1:11074 <-> DISABLED <-> OS-WINDOWS DCERPC NCADG-IP-UDP rpcss _RemoteGetClassObject attempt (os-windows.rules)
 * 1:1109 <-> DISABLED <-> SERVER-WEBAPP ROXEN directory list attempt (server-webapp.rules)
 * 1:1110 <-> DISABLED <-> SERVER-WEBAPP apache source.asp file access (server-webapp.rules)
 * 1:1115 <-> DISABLED <-> SERVER-WEBAPP ICQ webserver DOS (server-webapp.rules)
 * 1:1116 <-> DISABLED <-> SERVER-WEBAPP Lotus DelDoc attempt (server-webapp.rules)
 * 1:1117 <-> DISABLED <-> SERVER-WEBAPP Lotus EditDoc attempt (server-webapp.rules)
 * 1:11176 <-> ENABLED <-> BROWSER-PLUGINS Microsoft Office PowerPoint Viewer ActiveX clsid access (browser-plugins.rules)
 * 1:11178 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Office PowerPoint Viewer ActiveX function call access (browser-plugins.rules)
 * 1:1118 <-> DISABLED <-> SERVER-WEBAPP ls%20-l (server-webapp.rules)
 * 1:11181 <-> ENABLED <-> BROWSER-PLUGINS Microsoft Office Excel Viewer ActiveX clsid access (browser-plugins.rules)
 * 1:11183 <-> ENABLED <-> BROWSER-PLUGINS Microsoft Office Excel Viewer ActiveX function call access (browser-plugins.rules)
 * 1:11187 <-> ENABLED <-> BROWSER-PLUGINS Microsoft Office Word Viewer ActiveX clsid access (browser-plugins.rules)
 * 1:11189 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Office Word Viewer ActiveX function call access (browser-plugins.rules)
 * 1:1119 <-> DISABLED <-> SERVER-WEBAPP mlog.phtml access (server-webapp.rules)
 * 1:11193 <-> DISABLED <-> SERVER-WEBAPP Oracle iSQL Plus cross site scripting attempt (server-webapp.rules)
 * 1:11194 <-> DISABLED <-> SERVER-WEBAPP Oracle iSQL Plus cross site scripting attempt (server-webapp.rules)
 * 1:11197 <-> DISABLED <-> BROWSER-PLUGINS ActiveX Soft DVD Tools ActiveX function call access (browser-plugins.rules)
 * 1:11199 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Office Viewer ActiveX clsid access (browser-plugins.rules)
 * 1:1120 <-> DISABLED <-> SERVER-WEBAPP mylog.phtml access (server-webapp.rules)
 * 1:11201 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Office Viewer ActiveX function call access (browser-plugins.rules)
 * 1:11206 <-> DISABLED <-> BROWSER-PLUGINS East Wind Software ADVDAUDIO ActiveX clsid access (browser-plugins.rules)
 * 1:11208 <-> DISABLED <-> BROWSER-PLUGINS East Wind Software ADVDAUDIO ActiveX function call access (browser-plugins.rules)
 * 1:11210 <-> DISABLED <-> BROWSER-PLUGINS Sienzo Digital Music Mentor ActiveX clsid access (browser-plugins.rules)
 * 1:11212 <-> DISABLED <-> BROWSER-PLUGINS Sienzo Digital Music Mentor ActiveX function call access (browser-plugins.rules)
 * 1:11214 <-> DISABLED <-> BROWSER-PLUGINS VeralSoft HTTP File Uploader ActiveX clsid access (browser-plugins.rules)
 * 1:11216 <-> DISABLED <-> BROWSER-PLUGINS VeralSoft HTTP File Uploader ActiveX function call access (browser-plugins.rules)
 * 1:11218 <-> DISABLED <-> BROWSER-PLUGINS SmartCode VNC Manager ActiveX clsid access (browser-plugins.rules)
 * 1:1122 <-> DISABLED <-> SERVER-WEBAPP /etc/passwd (server-webapp.rules)
 * 1:11220 <-> DISABLED <-> BROWSER-PLUGINS SmartCode VNC Manager ActiveX function call access (browser-plugins.rules)
 * 1:11223 <-> DISABLED <-> SERVER-WEBAPP google proxystylesheet arbitrary command execution attempt (server-webapp.rules)
 * 1:11224 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSAuth ActiveX clsid access (browser-plugins.rules)
 * 1:11226 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSAuth ActiveX function call access (browser-plugins.rules)
 * 1:11228 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Input Method Editor 3 ActiveX clsid access (browser-plugins.rules)
 * 1:1123 <-> DISABLED <-> SERVER-WEBAPP ?PageServices access (server-webapp.rules)
 * 1:11230 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Cryptographic API COM 1 ActiveX clsid access (browser-plugins.rules)
 * 1:11232 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Cryptographic API COM 1 ActiveX function call access (browser-plugins.rules)
 * 1:11234 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Cryptographic API COM 2 ActiveX clsid access (browser-plugins.rules)
 * 1:11236 <-> DISABLED <-> BROWSER-PLUGINS OutlookExpress.AddressBook ActiveX clsid access (browser-plugins.rules)
 * 1:11239 <-> DISABLED <-> BROWSER-PLUGINS DXImageTransform.Microsoft.Redirect ActiveX clsid access (browser-plugins.rules)
 * 1:1124 <-> DISABLED <-> SERVER-WEBAPP Ecommerce check.txt access (server-webapp.rules)
 * 1:11241 <-> DISABLED <-> BROWSER-PLUGINS DXImageTransform.Microsoft.Redirect ActiveX function call access (browser-plugins.rules)
 * 1:11243 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DAstatics ActiveX clsid access (browser-plugins.rules)
 * 1:11245 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DAstatics ActiveX function call access (browser-plugins.rules)
 * 1:11247 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Research In Motion TeamOn Import ActiveX clsid access (browser-plugins.rules)
 * 1:1125 <-> DISABLED <-> SERVER-WEBAPP webcart access (server-webapp.rules)
 * 1:11250 <-> DISABLED <-> BROWSER-PLUGINS Sony Rootkit Uninstaller ActiveX clsid access (browser-plugins.rules)
 * 1:11252 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Address ActiveX clsid access (browser-plugins.rules)
 * 1:11253 <-> DISABLED <-> BROWSER-PLUGINS Microsoft MciWndx ActiveX clsid access (browser-plugins.rules)
 * 1:11255 <-> DISABLED <-> BROWSER-PLUGINS Microsoft MciWndx ActiveX function call access (browser-plugins.rules)
 * 1:11259 <-> DISABLED <-> BROWSER-PLUGINS BarcodeWiz ActiveX clsid access (browser-plugins.rules)
 * 1:1126 <-> DISABLED <-> SERVER-WEBAPP AuthChangeUrl access (server-webapp.rules)
 * 1:11261 <-> DISABLED <-> BROWSER-PLUGINS BarcodeWiz ActiveX function call access (browser-plugins.rules)
 * 1:11264 <-> DISABLED <-> SERVER-MSSQL Microsoft SQL Server 2000 Server hello buffer overflow attempt (server-mssql.rules)
 * 1:11268 <-> DISABLED <-> BROWSER-PLUGINS Symantec Norton AntiVirus ActiveX clsid access (browser-plugins.rules)
 * 1:1127 <-> DISABLED <-> SERVER-WEBAPP convert.bas access (server-webapp.rules)
 * 1:11270 <-> DISABLED <-> BROWSER-PLUGINS Symantec Norton AntiVirus ActiveX function call access (browser-plugins.rules)
 * 1:11274 <-> DISABLED <-> BROWSER-PLUGINS RControl ActiveX clsid access (browser-plugins.rules)
 * 1:11276 <-> DISABLED <-> BROWSER-PLUGINS GDivX Zenith Player AVI Fixer ActiveX clsid access (browser-plugins.rules)
 * 1:11278 <-> DISABLED <-> BROWSER-PLUGINS GDivX Zenith Player AVI Fixer ActiveX function call access (browser-plugins.rules)
 * 1:1128 <-> DISABLED <-> SERVER-WEBAPP cpshost.dll access (server-webapp.rules)
 * 1:11280 <-> DISABLED <-> BROWSER-PLUGINS FlexLabel ActiveX clsid access (browser-plugins.rules)
 * 1:11282 <-> DISABLED <-> BROWSER-PLUGINS FlexLabel ActiveX function call access (browser-plugins.rules)
 * 1:11284 <-> DISABLED <-> BROWSER-PLUGINS AudioCDRipper ActiveX clsid access (browser-plugins.rules)
 * 1:11286 <-> DISABLED <-> BROWSER-PLUGINS AudioCDRipper ActiveX function call access (browser-plugins.rules)
 * 1:1129 <-> DISABLED <-> SERVER-WEBAPP .htaccess access (server-webapp.rules)
 * 1:11291 <-> DISABLED <-> BROWSER-PLUGINS Hewlett Packard HPQVWOCX.DL ActiveX clsid access (browser-plugins.rules)
 * 1:11293 <-> DISABLED <-> BROWSER-PLUGINS IDAutomation Linear Bar Code ActiveX clsid access (browser-plugins.rules)
 * 1:11295 <-> DISABLED <-> BROWSER-PLUGINS IDAutomation Linear Bar Code ActiveX function call access (browser-plugins.rules)
 * 1:11297 <-> DISABLED <-> BROWSER-PLUGINS Clever Database Comparer ActiveX clsid access (browser-plugins.rules)
 * 1:11299 <-> DISABLED <-> BROWSER-PLUGINS Clever Database Comparer ActiveX function call access (browser-plugins.rules)
 * 1:1130 <-> DISABLED <-> SERVER-WEBAPP .wwwacl access (server-webapp.rules)
 * 1:11301 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DB Software Laboratory DeWizardX ActiveX clsid access (browser-plugins.rules)
 * 1:11303 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DB Software Laboratory DeWizardX ActiveX function call access (browser-plugins.rules)
 * 1:11307 <-> DISABLED <-> MALWARE-OTHER Keylogger computer monitor Keylogger runtime detection (malware-other.rules)
 * 1:11309 <-> DISABLED <-> MALWARE-OTHER Keylogger sskc v2.0 runtime detection (malware-other.rules)
 * 1:1131 <-> DISABLED <-> SERVER-WEBAPP .wwwacl access (server-webapp.rules)
 * 1:11311 <-> DISABLED <-> MALWARE-OTHER Keylogger pcsentinelsoftware Keylogger runtime detection - upload infor (malware-other.rules)
 * 1:1132 <-> DISABLED <-> SERVER-WEBAPP Netscape Unixware overflow (server-webapp.rules)
 * 1:11324 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Input Method Editor 3 ActiveX function call access (browser-plugins.rules)
 * 1:1134 <-> DISABLED <-> SERVER-WEBAPP Phorum admin access (server-webapp.rules)
 * 1:1136 <-> DISABLED <-> SERVER-WEBAPP cd.. (server-webapp.rules)
 * 1:1137 <-> DISABLED <-> SERVER-WEBAPP Phorum authentication access (server-webapp.rules)
 * 1:1139 <-> DISABLED <-> SERVER-WEBAPP whisker HEAD/./ (server-webapp.rules)
 * 1:1140 <-> DISABLED <-> SERVER-WEBAPP guestbook.pl access (server-webapp.rules)
 * 1:1141 <-> DISABLED <-> SERVER-WEBAPP handler access (server-webapp.rules)
 * 1:1142 <-> DISABLED <-> SERVER-WEBAPP /.... access (server-webapp.rules)
 * 1:1145 <-> DISABLED <-> SERVER-WEBAPP /~root access (server-webapp.rules)
 * 1:1146 <-> DISABLED <-> SERVER-WEBAPP Ecommerce import.txt access (server-webapp.rules)
 * 1:1147 <-> DISABLED <-> SERVER-WEBAPP cat%20 access (server-webapp.rules)
 * 1:1148 <-> DISABLED <-> SERVER-WEBAPP Ecommerce import.txt access (server-webapp.rules)
 * 1:1150 <-> DISABLED <-> SERVER-WEBAPP Domino catalog.nsf access (server-webapp.rules)
 * 1:1151 <-> DISABLED <-> SERVER-WEBAPP Domino domcfg.nsf access (server-webapp.rules)
 * 1:1152 <-> DISABLED <-> SERVER-WEBAPP Domino domlog.nsf access (server-webapp.rules)
 * 1:1153 <-> DISABLED <-> SERVER-WEBAPP Domino log.nsf access (server-webapp.rules)
 * 1:1154 <-> DISABLED <-> SERVER-WEBAPP Domino names.nsf access (server-webapp.rules)
 * 1:1155 <-> DISABLED <-> SERVER-WEBAPP Ecommerce checks.txt access (server-webapp.rules)
 * 1:1156 <-> DISABLED <-> SERVER-WEBAPP apache directory disclosure attempt (server-webapp.rules)
 * 1:1157 <-> DISABLED <-> SERVER-WEBAPP Netscape PublishingXpert access (server-webapp.rules)
 * 1:1158 <-> DISABLED <-> SERVER-WEBAPP windmail.exe access (server-webapp.rules)
 * 1:1159 <-> DISABLED <-> SERVER-WEBAPP webplus access (server-webapp.rules)
 * 1:1160 <-> DISABLED <-> SERVER-WEBAPP Netscape dir index wp (server-webapp.rules)
 * 1:1161 <-> DISABLED <-> SERVER-WEBAPP piranha passwd.php3 access (server-webapp.rules)
 * 1:11616 <-> DISABLED <-> SERVER-WEBAPP Symantec Sygate Policy Manager SQL injection (server-webapp.rules)
 * 1:1162 <-> DISABLED <-> SERVER-WEBAPP cart 32 AdminPwd access (server-webapp.rules)
 * 1:11620 <-> DISABLED <-> BROWSER-PLUGINS DXImageTransform.Microsoft.Chroma ActiveX function call access (browser-plugins.rules)
 * 1:11622 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Office 2000 OUACTR ActiveX clsid access (browser-plugins.rules)
 * 1:11624 <-> DISABLED <-> BROWSER-PLUGINS LeadTools ISIS ActiveX clsid access (browser-plugins.rules)
 * 1:11626 <-> DISABLED <-> BROWSER-PLUGINS LeadTools ISIS ActiveX function call access (browser-plugins.rules)
 * 1:11628 <-> DISABLED <-> BROWSER-PLUGINS LeadTools JPEG 2000 COM Object ActiveX function call access (browser-plugins.rules)
 * 1:11630 <-> DISABLED <-> BROWSER-PLUGINS LeadTools Raster Dialog File Object ActiveX clsid access (browser-plugins.rules)
 * 1:11632 <-> DISABLED <-> BROWSER-PLUGINS LeadTools Raster Dialog File Object ActiveX function call access (browser-plugins.rules)
 * 1:11634 <-> DISABLED <-> BROWSER-PLUGINS LeadTools Raster Dialog File_D Object ActiveX clsid access (browser-plugins.rules)
 * 1:11636 <-> DISABLED <-> BROWSER-PLUGINS LeadTools Raster Dialog File_D Object ActiveX function call access (browser-plugins.rules)
 * 1:11638 <-> DISABLED <-> BROWSER-PLUGINS LeadTools Raster Document Object Library ActiveX clsid access (browser-plugins.rules)
 * 1:1164 <-> DISABLED <-> SERVER-WEBAPP shopping cart access (server-webapp.rules)
 * 1:11640 <-> DISABLED <-> BROWSER-PLUGINS LeadTools Raster Document Object Library ActiveX function call access (browser-plugins.rules)
 * 1:11642 <-> DISABLED <-> BROWSER-PLUGINS LeadTools Raster ISIS Object ActiveX clsid access (browser-plugins.rules)
 * 1:11644 <-> DISABLED <-> BROWSER-PLUGINS LeadTools Raster ISIS Object ActiveX function call access (browser-plugins.rules)
 * 1:11646 <-> DISABLED <-> BROWSER-PLUGINS LeadTools Raster Thumbnail Object Library ActiveX clsid access (browser-plugins.rules)
 * 1:11648 <-> DISABLED <-> BROWSER-PLUGINS LeadTools Raster Thumbnail Object Library ActiveX function call access (browser-plugins.rules)
 * 1:1165 <-> DISABLED <-> SERVER-WEBAPP Novell Groupwise gwweb.exe access (server-webapp.rules)
 * 1:11650 <-> DISABLED <-> BROWSER-PLUGINS LeadTools Raster Variant Object Library ActiveX clsid access (browser-plugins.rules)
 * 1:11652 <-> DISABLED <-> BROWSER-PLUGINS LeadTools Raster Variant Object Library ActiveX function call access (browser-plugins.rules)
 * 1:11654 <-> DISABLED <-> BROWSER-PLUGINS LeadTools Thumbnail Browser Control ActiveX clsid access (browser-plugins.rules)
 * 1:11656 <-> DISABLED <-> BROWSER-PLUGINS LeadTools Thumbnail Browser Control ActiveX function call access (browser-plugins.rules)
 * 1:11658 <-> DISABLED <-> BROWSER-PLUGINS Dart ZipLite Compression ActiveX clsid access (browser-plugins.rules)
 * 1:1166 <-> DISABLED <-> SERVER-WEBAPP ws_ftp.ini access (server-webapp.rules)
 * 1:11660 <-> DISABLED <-> BROWSER-PLUGINS EDraw Office Viewer ActiveX clsid access (browser-plugins.rules)
 * 1:11662 <-> DISABLED <-> BROWSER-PLUGINS EDraw Office Viewer ActiveX function call access (browser-plugins.rules)
 * 1:11664 <-> DISABLED <-> SERVER-WEBAPP sphpblog password.txt access attempt (server-webapp.rules)
 * 1:11665 <-> DISABLED <-> SERVER-WEBAPP sphpblog install03_cgi access attempt (server-webapp.rules)
 * 1:11666 <-> DISABLED <-> SERVER-WEBAPP sphpblog upload_img_cgi access attempt (server-webapp.rules)
 * 1:11667 <-> DISABLED <-> SERVER-WEBAPP sphpblog arbitrary file delete attempt (server-webapp.rules)
 * 1:11668 <-> DISABLED <-> SERVER-WEBAPP vbulletin php code injection (server-webapp.rules)
 * 1:1167 <-> DISABLED <-> SERVER-WEBAPP rpm_query access (server-webapp.rules)
 * 1:11673 <-> DISABLED <-> BROWSER-PLUGINS Zenturi ProgramChecker ActiveX clsid access (browser-plugins.rules)
 * 1:11675 <-> DISABLED <-> BROWSER-PLUGINS Zenturi ProgramChecker ActiveX function call access (browser-plugins.rules)
 * 1:11677 <-> DISABLED <-> BROWSER-PLUGINS Provideo Camimage Class ISSCamControl ActiveX clsid access (browser-plugins.rules)
 * 1:1168 <-> DISABLED <-> SERVER-WEBAPP mall log order access (server-webapp.rules)
 * 1:11680 <-> DISABLED <-> SERVER-WEBAPP Oracle Java web proxy sockd buffer overflow attempt (server-webapp.rules)
 * 1:11685 <-> DISABLED <-> SERVER-WEBAPP Oracle iSQL Plus cross site scripting attempt (server-webapp.rules)
 * 1:1173 <-> DISABLED <-> SERVER-WEBAPP architext_query.pl access (server-webapp.rules)
 * 1:1175 <-> DISABLED <-> SERVER-WEBAPP wwwboard.pl access (server-webapp.rules)
 * 1:1177 <-> DISABLED <-> SERVER-WEBAPP Netscape Enterprise Server directory view (server-webapp.rules)
 * 1:1178 <-> DISABLED <-> SERVER-WEBAPP Phorum read access (server-webapp.rules)
 * 1:1179 <-> DISABLED <-> SERVER-WEBAPP Phorum violation access (server-webapp.rules)
 * 1:1180 <-> DISABLED <-> SERVER-WEBAPP get32.exe access (server-webapp.rules)
 * 1:1181 <-> DISABLED <-> SERVER-WEBAPP Annex Terminal DOS attempt (server-webapp.rules)
 * 1:11818 <-> DISABLED <-> BROWSER-PLUGINS Yahoo Webcam Viewer Wrapper ActiveX clsid access (browser-plugins.rules)
 * 1:11820 <-> DISABLED <-> BROWSER-PLUGINS Yahoo Webcam Viewer Wrapper ActiveX function call access (browser-plugins.rules)
 * 1:11822 <-> DISABLED <-> BROWSER-PLUGINS Yahoo Webcam Upload ActiveX clsid access (browser-plugins.rules)
 * 1:11823 <-> DISABLED <-> BROWSER-PLUGINS Yahoo Webcam Upload ActiveX clsid unicode access (browser-plugins.rules)
 * 1:11824 <-> DISABLED <-> BROWSER-PLUGINS Yahoo Webcam Upload ActiveX function call access (browser-plugins.rules)
 * 1:11825 <-> DISABLED <-> BROWSER-PLUGINS Yahoo Webcam Upload ActiveX function call unicode access (browser-plugins.rules)
 * 1:11826 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Voice Control ActiveX clsid access (browser-plugins.rules)
 * 1:11828 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Voice Control ActiveX function call access (browser-plugins.rules)
 * 1:1183 <-> DISABLED <-> SERVER-WEBAPP Netscape Enterprise Server directory view (server-webapp.rules)
 * 1:11830 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Direct Speech Recognition ActiveX clsid access (browser-plugins.rules)
 * 1:11832 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Direct Speech Recognition ActiveX function call access (browser-plugins.rules)
 * 1:11839 <-> DISABLED <-> BROWSER-PLUGINS TEC-IT TBarCode ActiveX clsid access (browser-plugins.rules)
 * 1:1184 <-> DISABLED <-> SERVER-WEBAPP Netscape Enterprise Server directory view (server-webapp.rules)
 * 1:11841 <-> DISABLED <-> BROWSER-PLUGINS TEC-IT TBarCode ActiveX function call access (browser-plugins.rules)
 * 1:11843 <-> DISABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP spoolss AddPrinter overflow attempt (os-windows.rules)
 * 1:1186 <-> DISABLED <-> SERVER-WEBAPP Netscape Enterprise Server directory view (server-webapp.rules)
 * 1:1187 <-> DISABLED <-> SERVER-WEBAPP SalesLogix Eviewer web command attempt (server-webapp.rules)
 * 1:1188 <-> DISABLED <-> SERVER-WEBAPP Netscape Enterprise Server directory view (server-webapp.rules)
 * 1:1189 <-> DISABLED <-> SERVER-WEBAPP Netscape Enterprise Server directory view (server-webapp.rules)
 * 1:1190 <-> DISABLED <-> SERVER-WEBAPP Netscape Enterprise Server directory view (server-webapp.rules)
 * 1:1191 <-> DISABLED <-> SERVER-WEBAPP Netscape Enterprise Server directory view (server-webapp.rules)
 * 1:1192 <-> DISABLED <-> SERVER-WEBAPP Trend Micro OfficeScan access (server-webapp.rules)
 * 1:1193 <-> DISABLED <-> SERVER-WEBAPP oracle web arbitrary command execution attempt (server-webapp.rules)
 * 1:11940 <-> DISABLED <-> BROWSER-PLUGINS Westbyte Internet Download Accelerator ActiveX function call access (browser-plugins.rules)
 * 1:11942 <-> DISABLED <-> BROWSER-PLUGINS Westbyte internet download accelerator ActiveX clsid access (browser-plugins.rules)
 * 1:11943 <-> DISABLED <-> BROWSER-PLUGINS HP ModemUtil ActiveX clsid access (browser-plugins.rules)
 * 1:1197 <-> DISABLED <-> SERVER-WEBAPP Phorum code access (server-webapp.rules)
 * 1:1198 <-> DISABLED <-> SERVER-WEBAPP Netscape Enterprise Server directory view (server-webapp.rules)
 * 1:1199 <-> DISABLED <-> SERVER-WEBAPP Compaq Insight directory traversal (server-webapp.rules)
 * 1:12010 <-> DISABLED <-> BROWSER-PLUGINS RKD Software BarCode ActiveX clsid access (browser-plugins.rules)
 * 1:12012 <-> DISABLED <-> BROWSER-PLUGINS RKD Software BarCode ActiveX function call access (browser-plugins.rules)
 * 1:12015 <-> DISABLED <-> BROWSER-PLUGINS NCTAudioStudio2 NCT WavChunksEditor ActiveX clsid access (browser-plugins.rules)
 * 1:12017 <-> DISABLED <-> BROWSER-PLUGINS NCTAudioStudio2 NCT WavChunksEditor ActiveX function call access (browser-plugins.rules)
 * 1:12019 <-> DISABLED <-> BROWSER-PLUGINS NCTsoft NCTAudioFile2 NCTWMAFile ActiveX clsid access (browser-plugins.rules)
 * 1:1202 <-> DISABLED <-> SERVER-WEBAPP search.vts access (server-webapp.rules)
 * 1:12021 <-> DISABLED <-> BROWSER-PLUGINS NCTsoft NCTAudioFile2 NCTWMAFile ActiveX function call access (browser-plugins.rules)
 * 1:12029 <-> DISABLED <-> BROWSER-PLUGINS HP Digital Imaging hpqxml.dll ActiveX clsid access (browser-plugins.rules)
 * 1:12048 <-> DISABLED <-> MALWARE-OTHER Keylogger computer Keylogger runtime detection (malware-other.rules)
 * 1:12049 <-> DISABLED <-> MALWARE-OTHER Keylogger apophis spy 1.0 runtime detection (malware-other.rules)
 * 1:12059 <-> DISABLED <-> SERVER-WEBAPP Oracle iSQL Plus cross site scripting attempt (server-webapp.rules)
 * 1:12060 <-> DISABLED <-> SERVER-WEBAPP Oracle iSQL Plus cross site scripting attempt (server-webapp.rules)
 * 1:12062 <-> DISABLED <-> BROWSER-PLUGINS HP Instant Support ActiveX clsid access (browser-plugins.rules)
 * 1:1207 <-> DISABLED <-> SERVER-WEBAPP htgrep access (server-webapp.rules)
 * 1:12083 <-> DISABLED <-> BROWSER-PLUGINS Data Dynamics ActiveBar Actbar3 ActiveX clsid access (browser-plugins.rules)
 * 1:12085 <-> DISABLED <-> BROWSER-PLUGINS Data Dynamics ActiveBar Actbar3 ActiveX function call access (browser-plugins.rules)
 * 1:12087 <-> DISABLED <-> BROWSER-PLUGINS McAfee NeoTrace ActiveX clsid access (browser-plugins.rules)
 * 1:12089 <-> DISABLED <-> BROWSER-PLUGINS McAfee NeoTrace ActiveX function call access (browser-plugins.rules)
 * 1:1209 <-> DISABLED <-> SERVER-WEBAPP .nsconfig access (server-webapp.rules)
 * 1:12091 <-> DISABLED <-> BROWSER-PLUGINS EldoS SecureBlackbox PGPBBox ActiveX clsid access (browser-plugins.rules)
 * 1:12093 <-> DISABLED <-> BROWSER-PLUGINS EldoS SecureBlackbox PGPBBox ActiveX function call access (browser-plugins.rules)
 * 1:12116 <-> DISABLED <-> BROWSER-PLUGINS Zenturi ProgramChecker SASATL ActiveX clsid access (browser-plugins.rules)
 * 1:12118 <-> DISABLED <-> BROWSER-PLUGINS Zenturi ProgramChecker SASATL ActiveX function call access (browser-plugins.rules)
 * 1:1212 <-> DISABLED <-> SERVER-WEBAPP Admin_files access (server-webapp.rules)
 * 1:12128 <-> DISABLED <-> MALWARE-OTHER Keylogger remotekeylog.b runtime detection - init connection (malware-other.rules)
 * 1:12129 <-> DISABLED <-> MALWARE-OTHER Keylogger remotekeylog.b runtime detection - get sys info (malware-other.rules)
 * 1:1213 <-> DISABLED <-> SERVER-WEBAPP backup access (server-webapp.rules)
 * 1:12130 <-> DISABLED <-> MALWARE-OTHER Keylogger remotekeylog.b runtime detection - get sys info (malware-other.rules)
 * 1:12131 <-> DISABLED <-> MALWARE-OTHER Keylogger remotekeylog.b runtime detection - keylogging (malware-other.rules)
 * 1:12132 <-> DISABLED <-> MALWARE-OTHER Keylogger remotekeylog.b runtime detection - keylogging (malware-other.rules)
 * 1:12133 <-> DISABLED <-> MALWARE-OTHER Keylogger remotekeylog.b runtime detection - open url (malware-other.rules)
 * 1:12134 <-> DISABLED <-> MALWARE-OTHER Keylogger remotekeylog.b runtime detection - open url (malware-other.rules)
 * 1:12135 <-> DISABLED <-> MALWARE-OTHER Keylogger remotekeylog.b runtime detection - fun (malware-other.rules)
 * 1:12136 <-> DISABLED <-> MALWARE-OTHER Keylogger remotekeylog.b runtime detection - fun (malware-other.rules)
 * 1:12137 <-> DISABLED <-> MALWARE-OTHER Keylogger Keylogger king home 2.3 runtime detection (malware-other.rules)
 * 1:1214 <-> DISABLED <-> SERVER-WEBAPP intranet access (server-webapp.rules)
 * 1:12141 <-> DISABLED <-> MALWARE-OTHER Keylogger logit v1.0 runtime detection (malware-other.rules)
 * 1:1216 <-> DISABLED <-> SERVER-WEBAPP filemail access (server-webapp.rules)
 * 1:12168 <-> DISABLED <-> BROWSER-PLUGINS Computer Associates ETrust Intrusion Detection Caller.DLL ActiveX clsid access (browser-plugins.rules)
 * 1:1217 <-> DISABLED <-> SERVER-WEBAPP plusmail access (server-webapp.rules)
 * 1:1218 <-> DISABLED <-> SERVER-WEBAPP adminlogin access (server-webapp.rules)
 * 1:12189 <-> DISABLED <-> BROWSER-PLUGINS Clever Internet Suite ActiveX clsid access (browser-plugins.rules)
 * 1:12191 <-> DISABLED <-> BROWSER-PLUGINS Clever Internet Suite ActiveX function call access (browser-plugins.rules)
 * 1:12193 <-> DISABLED <-> BROWSER-PLUGINS Yahoo Widgets Engine ActiveX clsid access (browser-plugins.rules)
 * 1:12195 <-> DISABLED <-> BROWSER-PLUGINS Yahoo Widgets Engine ActiveX function call access (browser-plugins.rules)
 * 1:1220 <-> DISABLED <-> SERVER-WEBAPP ultraboard access (server-webapp.rules)
 * 1:12200 <-> DISABLED <-> BROWSER-PLUGINS VMWare IntraProcessLogging ActiveX clsid access (browser-plugins.rules)
 * 1:12203 <-> DISABLED <-> BROWSER-PLUGINS VMWare Vielib.dll ActiveX clsid access (browser-plugins.rules)
 * 1:12205 <-> DISABLED <-> BROWSER-PLUGINS VMWare Vielib.dll ActiveX function call access (browser-plugins.rules)
 * 1:12207 <-> DISABLED <-> BROWSER-PLUGINS Computer Associates ETrust Intrusion Detection Caller.DLL ActiveX function call access (browser-plugins.rules)
 * 1:1221 <-> DISABLED <-> SERVER-WEBAPP Muscat Empower cgi access (server-webapp.rules)
 * 1:12221 <-> DISABLED <-> SERVER-WEBAPP file upload GLOBAL variable overwrite attempt (server-webapp.rules)
 * 1:12226 <-> DISABLED <-> MALWARE-OTHER Keylogger overspy runtime detection (malware-other.rules)
 * 1:1224 <-> DISABLED <-> SERVER-WEBAPP ROADS search.pl attempt (server-webapp.rules)
 * 1:12246 <-> DISABLED <-> BROWSER-PLUGINS Symantec NavComUI AxSysListView32 ActiveX clsid access (browser-plugins.rules)
 * 1:12248 <-> DISABLED <-> BROWSER-PLUGINS Symantec NavComUI AxSysListView32 ActiveX function call access (browser-plugins.rules)
 * 1:12250 <-> DISABLED <-> BROWSER-PLUGINS Symantec NavComUI AxSysListView32OAA ActiveX clsid access (browser-plugins.rules)
 * 1:12252 <-> DISABLED <-> BROWSER-PLUGINS Symantec NavComUI AxSysListView32OAA ActiveX function call access (browser-plugins.rules)
 * 1:12257 <-> DISABLED <-> BROWSER-PLUGINS Microsoft DirectX Media SDK ActiveX clsid access (browser-plugins.rules)
 * 1:12259 <-> DISABLED <-> BROWSER-PLUGINS Microsoft DirectX Media SDK ActiveX function call access (browser-plugins.rules)
 * 1:12261 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Visual Basic 6 PDWizard.File ActiveX clsid access (browser-plugins.rules)
 * 1:12263 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Visual Basic 6 PDWizard.File ActiveX function call access (browser-plugins.rules)
 * 1:12265 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Visual Basic 6 SearchHelper ActiveX clsid access (browser-plugins.rules)
 * 1:12267 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Visual Basic 6 SearchHelper ActiveX function call access (browser-plugins.rules)
 * 1:12269 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Visual Basic 6 TLIApplication ActiveX clsid access (browser-plugins.rules)
 * 1:12270 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Visual Basic 6 TLIApplication ActiveX function call (browser-plugins.rules)
 * 1:12273 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Visual Basic 6 TypeLibInfo ActiveX clsid access (browser-plugins.rules)
 * 1:12275 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Visual Basic 6 TypeLibInfo ActiveX function call access (browser-plugins.rules)
 * 1:1230 <-> DISABLED <-> SERVER-WEBAPP VirusWall FtpSave access (server-webapp.rules)
 * 1:12301 <-> DISABLED <-> BROWSER-PLUGINS eCentrex VOIP Client Module ActiveX clsid access (browser-plugins.rules)
 * 1:1231 <-> DISABLED <-> SERVER-WEBAPP VirusWall catinfo access (server-webapp.rules)
 * 1:1232 <-> DISABLED <-> SERVER-WEBAPP VirusWall catinfo access (server-webapp.rules)
 * 1:1234 <-> DISABLED <-> SERVER-WEBAPP VirusWall FtpSaveCSP access (server-webapp.rules)
 * 1:1235 <-> DISABLED <-> SERVER-WEBAPP VirusWall FtpSaveCVP access (server-webapp.rules)
 * 1:12360 <-> DISABLED <-> SERVER-WEBAPP PHP function CRLF injection attempt (server-webapp.rules)
 * 1:12362 <-> DISABLED <-> SERVER-WEBAPP Squid HTTP Proxy-Authorization overflow (server-webapp.rules)
 * 1:12372 <-> DISABLED <-> MALWARE-OTHER Keylogger mg-shadow 2.0 runtime detection (malware-other.rules)
 * 1:12379 <-> DISABLED <-> MALWARE-OTHER Keylogger PaqKeylogger 5.1 runtime detection - ftp (malware-other.rules)
 * 1:12380 <-> DISABLED <-> BROWSER-PLUGINS Oracle JInitiator ActiveX clsid access (browser-plugins.rules)
 * 1:12382 <-> DISABLED <-> BROWSER-PLUGINS Oracle EasyMail Objects ActiveX clsid access (browser-plugins.rules)
 * 1:12384 <-> DISABLED <-> BROWSER-PLUGINS Yahoo Messenger YVerInfo ActiveX clsid access (browser-plugins.rules)
 * 1:12386 <-> DISABLED <-> BROWSER-PLUGINS Yahoo Messenger YVerInfo ActiveX function call access (browser-plugins.rules)
 * 1:12388 <-> DISABLED <-> BROWSER-PLUGINS PPStream PowerPlayer ActiveX clsid access (browser-plugins.rules)
 * 1:1239 <-> ENABLED <-> OS-WINDOWS RFParalyze Attempt (os-windows.rules)
 * 1:12393 <-> DISABLED <-> BROWSER-PLUGINS Intuit QuickBooks Online Edition 1 ActiveX clsid access (browser-plugins.rules)
 * 1:12395 <-> DISABLED <-> BROWSER-PLUGINS Intuit QuickBooks Online Edition 2 ActiveX clsid access (browser-plugins.rules)
 * 1:12397 <-> DISABLED <-> BROWSER-PLUGINS Intuit QuickBooks Online Edition 3 ActiveX clsid access (browser-plugins.rules)
 * 1:12399 <-> DISABLED <-> BROWSER-PLUGINS Intuit QuickBooks Online Edition 4 ActiveX clsid access (browser-plugins.rules)
 * 1:12401 <-> DISABLED <-> BROWSER-PLUGINS Intuit QuickBooks Online Edition 5 ActiveX clsid access (browser-plugins.rules)
 * 1:12403 <-> DISABLED <-> BROWSER-PLUGINS Intuit QuickBooks Online Edition 6 ActiveX clsid access (browser-plugins.rules)
 * 1:12405 <-> DISABLED <-> BROWSER-PLUGINS Intuit QuickBooks Online Edition 7 ActiveX clsid access (browser-plugins.rules)
 * 1:12407 <-> DISABLED <-> BROWSER-PLUGINS Intuit QuickBooks Online Edition 8 ActiveX clsid access (browser-plugins.rules)
 * 1:12409 <-> DISABLED <-> BROWSER-PLUGINS Intuit QuickBooks Online Edition 9 ActiveX clsid access (browser-plugins.rules)
 * 1:1241 <-> DISABLED <-> SERVER-WEBAPP SWEditServlet directory traversal attempt (server-webapp.rules)
 * 1:12411 <-> DISABLED <-> BROWSER-PLUGINS Intuit QuickBooks Online Edition 10 ActiveX clsid access (browser-plugins.rules)
 * 1:12413 <-> DISABLED <-> BROWSER-PLUGINS Earth Resource Mapper NCSView ActiveX clsid access (browser-plugins.rules)
 * 1:12415 <-> DISABLED <-> BROWSER-PLUGINS Earth Resource Mapper NCSView ActiveX function call access (browser-plugins.rules)
 * 1:12417 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Visual FoxPro ActiveX clsid access (browser-plugins.rules)
 * 1:12419 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Visual FoxPro ActiveX function call access (browser-plugins.rules)
 * 1:12428 <-> DISABLED <-> BROWSER-PLUGINS GlobalLink glitemflat.dll ActiveX clsid access (browser-plugins.rules)
 * 1:12430 <-> DISABLED <-> BROWSER-PLUGINS EDraw Office Viewer Component ActiveX clsid access (browser-plugins.rules)
 * 1:12432 <-> DISABLED <-> BROWSER-PLUGINS EDraw Office Viewer Component ActiveX function call access (browser-plugins.rules)
 * 1:12434 <-> DISABLED <-> BROWSER-PLUGINS BaoFeng Storm MPS.dll ActiveX clsid access (browser-plugins.rules)
 * 1:12438 <-> DISABLED <-> BROWSER-PLUGINS Ultra Crypto Component CryptoX.dll ActiveX clsid access (browser-plugins.rules)
 * 1:12440 <-> DISABLED <-> BROWSER-PLUGINS Ultra Crypto Component CryptoX.dll ActiveX function call access (browser-plugins.rules)
 * 1:12442 <-> DISABLED <-> BROWSER-PLUGINS Ultra Crypto Component CryptoX.dll 2 ActiveX clsid access (browser-plugins.rules)
 * 1:12444 <-> DISABLED <-> BROWSER-PLUGINS Microsoft SQL Server Distributed Management Objects ActiveX clsid access (browser-plugins.rules)
 * 1:12446 <-> DISABLED <-> BROWSER-PLUGINS Microsoft SQL Server Distributed Management Objects ActiveX function call access (browser-plugins.rules)
 * 1:12448 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Agent Control ActiveX clsid access (browser-plugins.rules)
 * 1:12450 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Agent Control ActiveX function call access (browser-plugins.rules)
 * 1:12452 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Agent File Provider ActiveX clsid access (browser-plugins.rules)
 * 1:12459 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Visual Studio 6 PDWizard.ocx ActiveX clsid access (browser-plugins.rules)
 * 1:12461 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Visual Studio 6 VBTOVSI.dll ActiveX clsid access (browser-plugins.rules)
 * 1:12464 <-> DISABLED <-> NNTP cancel overflow attempt (nntp.rules)
 * 1:12466 <-> DISABLED <-> BROWSER-PLUGINS MW6 Technologies QRCode ActiveX clsid access (browser-plugins.rules)
 * 1:12468 <-> DISABLED <-> BROWSER-PLUGINS COWON America JetAudio JetFlExt.dll ActiveX clsid access (browser-plugins.rules)
 * 1:12470 <-> DISABLED <-> BROWSER-PLUGINS COWON America JetAudio JetFlExt.dll ActiveX function call access (browser-plugins.rules)
 * 1:12472 <-> DISABLED <-> BROWSER-PLUGINS Oracle Java Web Start ActiveX clsid access (browser-plugins.rules)
 * 1:12474 <-> DISABLED <-> BROWSER-PLUGINS Oracle Java Web Start ActiveX function call access (browser-plugins.rules)
 * 1:12476 <-> DISABLED <-> BROWSER-PLUGINS Yahoo Messenger CYFT ActiveX clsid access (browser-plugins.rules)
 * 1:12478 <-> DISABLED <-> BROWSER-PLUGINS Yahoo Messenger CYFT ActiveX function call access (browser-plugins.rules)
 * 1:12480 <-> ENABLED <-> MALWARE-OTHER Keylogger inside website logger 2.4 runtime detection (malware-other.rules)
 * 1:1250 <-> DISABLED <-> SERVER-WEBAPP Cisco IOS HTTP configuration attempt (server-webapp.rules)
 * 1:1254 <-> DISABLED <-> SERVER-WEBAPP PHPLIB remote command attempt (server-webapp.rules)
 * 1:1255 <-> DISABLED <-> SERVER-WEBAPP PHPLIB remote command attempt (server-webapp.rules)
 * 1:1258 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Manager DOS (server-webapp.rules)
 * 1:1259 <-> DISABLED <-> SERVER-WEBAPP SWEditServlet access (server-webapp.rules)
 * 1:12592 <-> DISABLED <-> SERVER-MAIL Recipient arbitrary command injection attempt (server-mail.rules)
 * 1:12598 <-> DISABLED <-> BROWSER-PLUGINS Xunlei Web Thunder ActiveX clsid access (browser-plugins.rules)
 * 1:12600 <-> DISABLED <-> BROWSER-PLUGINS ebCrypt IncrementalHash ActiveX clsid access (browser-plugins.rules)
 * 1:12602 <-> DISABLED <-> BROWSER-PLUGINS ebCrypt IncrementalHash ActiveX function call access (browser-plugins.rules)
 * 1:12604 <-> DISABLED <-> BROWSER-PLUGINS ebCrypt PRNGenerator ActiveX clsid access (browser-plugins.rules)
 * 1:12606 <-> DISABLED <-> BROWSER-PLUGINS ebCrypt PRNGenerator ActiveX function call access (browser-plugins.rules)
 * 1:12610 <-> DISABLED <-> SERVER-WEBAPP phpBB viewtopic double URL encoding attempt (server-webapp.rules)
 * 1:12612 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows MFC Library ActiveX clsid access (browser-plugins.rules)
 * 1:12614 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows MFC Library ActiveX function call access (browser-plugins.rules)
 * 1:12616 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Visual Studio 6 PDWizard.ocx ActiveX function call access (browser-plugins.rules)
 * 1:12625 <-> DISABLED <-> MALWARE-OTHER Keylogger windows family safety 2.0 runtime detection (malware-other.rules)
 * 1:12635 <-> DISABLED <-> OS-WINDOWS RPC NTLMSSP malformed credentials attempt (os-windows.rules)
 * 1:12637 <-> DISABLED <-> BROWSER-PLUGINS Kaspersky Online Scanner KAVWebScan.dll ActiveX clsid access (browser-plugins.rules)
 * 1:12639 <-> DISABLED <-> BROWSER-PLUGINS Kaspersky Online Scanner KAVWebScan.dll ActiveX function call access (browser-plugins.rules)
 * 1:12642 <-> DISABLED <-> OS-WINDOWS RPC NTLMSSP malformed credentials (os-windows.rules)
 * 1:12644 <-> DISABLED <-> BROWSER-PLUGINS PBEmail7 ActiveX clsid access (browser-plugins.rules)
 * 1:12646 <-> DISABLED <-> BROWSER-PLUGINS PBEmail7 ActiveX function call access (browser-plugins.rules)
 * 1:12648 <-> DISABLED <-> BROWSER-PLUGINS DB Software Laboratory VImpX ActiveX clsid access (browser-plugins.rules)
 * 1:12650 <-> DISABLED <-> BROWSER-PLUGINS DB Software Laboratory VImpX ActiveX function call access (browser-plugins.rules)
 * 1:12666 <-> DISABLED <-> SERVER-OTHER HP OpenView OVTrace buffer overflow attempt (server-other.rules)
 * 1:12689 <-> DISABLED <-> BROWSER-PLUGINS GlobalLink ConnectAndEnterRoom ActiveX clsid access (browser-plugins.rules)
 * 1:12698 <-> DISABLED <-> MALWARE-OTHER Keylogger net vizo 5.2 runtime detection (malware-other.rules)
 * 1:12711 <-> DISABLED <-> SERVER-APACHE Apache Tomcat WebDAV system tag remote file disclosure attempt (server-apache.rules)
 * 1:12714 <-> DISABLED <-> BROWSER-PLUGINS WebEx GPCContainer ActiveX clsid access (browser-plugins.rules)
 * 1:12716 <-> DISABLED <-> BROWSER-PLUGINS WebEx GPCContainer ActiveX function call access (browser-plugins.rules)
 * 1:12729 <-> DISABLED <-> BROWSER-PLUGINS AOL Radio AmpX ActiveX clsid access (browser-plugins.rules)
 * 1:12731 <-> DISABLED <-> BROWSER-PLUGINS AOL Radio AmpX ActiveX function call access (browser-plugins.rules)
 * 1:12733 <-> DISABLED <-> BROWSER-PLUGINS ComponentOne FlexGrid ActiveX clsid access (browser-plugins.rules)
 * 1:12735 <-> DISABLED <-> BROWSER-PLUGINS ComponentOne FlexGrid ActiveX function call access (browser-plugins.rules)
 * 1:12737 <-> DISABLED <-> BROWSER-PLUGINS Xunlei Thunder PPLAYER.DLL ActiveX clsid access (browser-plugins.rules)
 * 1:12739 <-> DISABLED <-> BROWSER-PLUGINS Xunlei Thunder PPLAYER.DLL ActiveX function call access (browser-plugins.rules)
 * 1:12747 <-> DISABLED <-> BROWSER-PLUGINS BitDefender Online Scanner ActiveX clsid access (browser-plugins.rules)
 * 1:12749 <-> DISABLED <-> BROWSER-PLUGINS BitDefender Online Scanner ActiveX function call access (browser-plugins.rules)
 * 1:12751 <-> DISABLED <-> BROWSER-PLUGINS RichFX Basic Player ActiveX clsid access (browser-plugins.rules)
 * 1:12753 <-> DISABLED <-> BROWSER-PLUGINS RichFX Basic Player ActiveX function call access (browser-plugins.rules)
 * 1:12755 <-> DISABLED <-> BROWSER-PLUGINS PPStream PowerList ActiveX clsid access (browser-plugins.rules)
 * 1:12758 <-> DISABLED <-> MALWARE-OTHER Keylogger/RAT digi watcher 2.32 runtime detection (malware-other.rules)
 * 1:12759 <-> DISABLED <-> MALWARE-OTHER Keylogger/RAT digi watcher 2.32 runtime detection (malware-other.rules)
 * 1:12760 <-> DISABLED <-> MALWARE-OTHER Keylogger powered Keylogger 2.2 runtime detection (malware-other.rules)
 * 1:12761 <-> DISABLED <-> MALWARE-OTHER Keylogger powered Keylogger 2.2 runtime detection (malware-other.rules)
 * 1:12762 <-> DISABLED <-> BROWSER-PLUGINS Yahoo Toolbar Helper Class ActiveX clsid access (browser-plugins.rules)
 * 1:12764 <-> DISABLED <-> BROWSER-PLUGINS Yahoo Toolbar Helper Class ActiveX function call access (browser-plugins.rules)
 * 1:12766 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer RMOC3260.DLL ActiveX clsid access (browser-plugins.rules)
 * 1:12767 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer RMOC3260.DLL ActiveX function call access (browser-plugins.rules)
 * 1:12768 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer RMOC3260.DLL ActiveX function call access (browser-plugins.rules)
 * 1:12770 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows obfuscated RDS.Dataspace ActiveX exploit attempt (browser-plugins.rules)
 * 1:12771 <-> DISABLED <-> BROWSER-PLUGINS obfuscated BaoFeng Storm MPS.dll ActiveX exploit attempt (browser-plugins.rules)
 * 1:12772 <-> DISABLED <-> BROWSER-PLUGINS obfuscated PPStream PowerPlayer ActiveX exploit attempt (browser-plugins.rules)
 * 1:12773 <-> DISABLED <-> BROWSER-PLUGINS obfuscated Xunlei Thunder PPLAYER.DLL ActiveX exploit attempt (browser-plugins.rules)
 * 1:12774 <-> DISABLED <-> BROWSER-PLUGINS obfuscated GlobalLink ConnectAndEnterRoom ActiveX exploit attempt (browser-plugins.rules)
 * 1:12775 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer obfuscated Ierpplug.dll ActiveX exploit attempt (browser-plugins.rules)
 * 1:12780 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader 4 Vulnerable Methods ActiveX clsid access (browser-plugins.rules)
 * 1:12782 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader 4 Vulnerable Methods ActiveX function call access (browser-plugins.rules)
 * 1:12792 <-> DISABLED <-> MALWARE-OTHER Keylogger spy lantern Keylogger pro 6.0 runtime detection (malware-other.rules)
 * 1:12793 <-> DISABLED <-> MALWARE-OTHER Keylogger spy lantern Keylogger pro 6.0 runtime detection (malware-other.rules)
 * 1:12803 <-> DISABLED <-> BROWSER-PLUGINS VideoLAN VLC ActiveX clsid access (browser-plugins.rules)
 * 1:12805 <-> DISABLED <-> BROWSER-PLUGINS VideoLAN VLC ActiveX function call access (browser-plugins.rules)
 * 1:1291 <-> DISABLED <-> SERVER-WEBAPP sml3com access (server-webapp.rules)
 * 1:12946 <-> DISABLED <-> OS-WINDOWS SMB-DS SMBv2 protocol negotiation attempt (os-windows.rules)
 * 1:12947 <-> DISABLED <-> OS-WINDOWS SMB SMBv2 protocol negotiation attempt (os-windows.rules)
 * 1:12948 <-> DISABLED <-> BROWSER-PLUGINS Vantage Linguistics 1 ActiveX clsid access (browser-plugins.rules)
 * 1:1295 <-> DISABLED <-> INDICATOR-COMPROMISE nimda RICHED20.DLL (indicator-compromise.rules)
 * 1:12950 <-> DISABLED <-> BROWSER-PLUGINS Vantage Linguistics 2 ActiveX clsid access (browser-plugins.rules)
 * 1:12952 <-> DISABLED <-> BROWSER-PLUGINS Vantage Linguistics 3 ActiveX clsid access (browser-plugins.rules)
 * 1:12954 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DXLTPI.DLL ActiveX clsid access (browser-plugins.rules)
 * 1:12957 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSN Heartbeat 2 ActiveX clsid access (browser-plugins.rules)
 * 1:12959 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSN Heartbeat 3 ActiveX clsid access (browser-plugins.rules)
 * 1:12961 <-> DISABLED <-> BROWSER-PLUGINS Intuit QuickBooks Online Import 1 ActiveX clsid access (browser-plugins.rules)
 * 1:12963 <-> DISABLED <-> BROWSER-PLUGINS Intuit QuickBooks Online Import 2 ActiveX clsid access (browser-plugins.rules)
 * 1:12965 <-> DISABLED <-> BROWSER-PLUGINS Intuit QuickBooks Online Import 3 ActiveX clsid access (browser-plugins.rules)
 * 1:12967 <-> DISABLED <-> BROWSER-PLUGINS Intuit QuickBooks Online Import 4 ActiveX clsid access (browser-plugins.rules)
 * 1:12969 <-> DISABLED <-> BROWSER-PLUGINS Intuit QuickBooks Online Import 5 ActiveX clsid access (browser-plugins.rules)
 * 1:12977 <-> DISABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP mqqm QMCreateObjectInternal overflow attempt (os-windows.rules)
 * 1:12978 <-> DISABLED <-> OS-WINDOWS DCERPC NCADG-IP-UDP mqqm QMCreateObjectInternal overflow attempt (os-windows.rules)
 * 1:1300 <-> DISABLED <-> SERVER-WEBAPP admin.php file upload attempt (server-webapp.rules)
 * 1:1301 <-> DISABLED <-> SERVER-WEBAPP admin.php access (server-webapp.rules)
 * 1:1302 <-> DISABLED <-> SERVER-WEBAPP console.exe access (server-webapp.rules)
 * 1:1303 <-> DISABLED <-> SERVER-WEBAPP cs.exe access (server-webapp.rules)
 * 1:13161 <-> ENABLED <-> SERVER-OTHER HP OpenView CGI parameter buffer overflow attempt (server-other.rules)
 * 1:13210 <-> DISABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP mqqm QMObjectPathToObjectFormat overflow attempt (os-windows.rules)
 * 1:13211 <-> DISABLED <-> OS-WINDOWS DCERPC NCADG-IP-UDP mqqm QMObjectPathToObjectFormat overflow attempt (os-windows.rules)
 * 1:13216 <-> DISABLED <-> BROWSER-PLUGINS ShockwaveFlash.ShockwaveFlash ActiveX function call access (browser-plugins.rules)
 * 1:13219 <-> DISABLED <-> BROWSER-PLUGINS HP Software Update RulesEngine.dll ActiveX clsid access (browser-plugins.rules)
 * 1:13224 <-> DISABLED <-> BROWSER-PLUGINS Yahoo Toolbar YShortcut ActiveX clsid access (browser-plugins.rules)
 * 1:13226 <-> DISABLED <-> BROWSER-PLUGINS Yahoo Toolbar YShortcut ActiveX function call access (browser-plugins.rules)
 * 1:13228 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 1 ActiveX clsid access (browser-plugins.rules)
 * 1:13230 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 2 ActiveX clsid access (browser-plugins.rules)
 * 1:13232 <-> DISABLED <-> BROWSER-PLUGINS Persits Software XUpload ActiveX clsid access (browser-plugins.rules)
 * 1:13234 <-> DISABLED <-> BROWSER-PLUGINS Persits Software XUpload ActiveX function call access (browser-plugins.rules)
 * 1:13236 <-> DISABLED <-> MALWARE-OTHER Keylogger active Keylogger 3.9.2 runtime detection (malware-other.rules)
 * 1:13237 <-> DISABLED <-> MALWARE-OTHER Keylogger active Keylogger 3.9.2 runtime detection (malware-other.rules)
 * 1:1324 <-> DISABLED <-> INDICATOR-SHELLCODE ssh CRC32 overflow /bin/sh (indicator-shellcode.rules)
 * 1:13243 <-> DISABLED <-> MALWARE-OTHER Keylogger computer monitor 1.1 by lastcomfort runtime detection (malware-other.rules)
 * 1:13244 <-> DISABLED <-> MALWARE-OTHER Keylogger computer monitor 1.1 by lastcomfort runtime detection (malware-other.rules)
 * 1:1325 <-> DISABLED <-> INDICATOR-SHELLCODE ssh CRC32 overflow filler (indicator-shellcode.rules)
 * 1:13258 <-> DISABLED <-> BROWSER-PLUGINS IBM Lotus Domino Web Access 6 ActiveX clsid access (browser-plugins.rules)
 * 1:1326 <-> DISABLED <-> INDICATOR-SHELLCODE ssh CRC32 overflow NOOP (indicator-shellcode.rules)
 * 1:13260 <-> DISABLED <-> BROWSER-PLUGINS IBM Lotus Domino Web Access 6 ActiveX function call access (browser-plugins.rules)
 * 1:13262 <-> DISABLED <-> BROWSER-PLUGINS IBM Lotus Domino Web Access 7 ActiveX clsid access (browser-plugins.rules)
 * 1:13264 <-> DISABLED <-> BROWSER-PLUGINS IBM Lotus Domino Web Access 7 ActiveX function call access (browser-plugins.rules)
 * 1:13266 <-> DISABLED <-> BROWSER-PLUGINS SkyFex Client ActiveX clsid access (browser-plugins.rules)
 * 1:1327 <-> DISABLED <-> INDICATOR-SHELLCODE ssh CRC32 overflow (indicator-shellcode.rules)
 * 1:13273 <-> DISABLED <-> BROWSER-PLUGINS DivX Web Player ActiveX clsid access (browser-plugins.rules)
 * 1:13275 <-> DISABLED <-> BROWSER-PLUGINS DivX Web Player ActiveX function call access (browser-plugins.rules)
 * 1:13278 <-> DISABLED <-> MALWARE-OTHER Keylogger advanced spy 4.0 runtime detection (malware-other.rules)
 * 1:13279 <-> DISABLED <-> MALWARE-OTHER Keylogger advanced spy 4.0 runtime detection (malware-other.rules)
 * 1:13280 <-> DISABLED <-> MALWARE-OTHER Keylogger email spy monitor 6.9 runtime detection (malware-other.rules)
 * 1:13281 <-> DISABLED <-> MALWARE-OTHER Keylogger email spy monitor 6.9 runtime detection (malware-other.rules)
 * 1:13289 <-> DISABLED <-> BROWSER-PLUGINS Gatway CWebLaunchCtl ActiveX clsid access (browser-plugins.rules)
 * 1:13294 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Rich TextBox ActiveX clsid access (browser-plugins.rules)
 * 1:13296 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Rich TextBox ActiveX clsid access (browser-plugins.rules)
 * 1:13298 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Rich TextBox ActiveX function call access (browser-plugins.rules)
 * 1:13303 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Visual FoxPro 2 ActiveX clsid access (browser-plugins.rules)
 * 1:13305 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Visual FoxPro 2 ActiveX function call access (browser-plugins.rules)
 * 1:13312 <-> DISABLED <-> BROWSER-PLUGINS StreamAudio ProxyManager ActiveX clsid access (browser-plugins.rules)
 * 1:13314 <-> DISABLED <-> BROWSER-PLUGINS StreamAudio ProxyManager ActiveX function call access (browser-plugins.rules)
 * 1:13321 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Package and Deployment Wizard ActiveX clsid access (browser-plugins.rules)
 * 1:13323 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Package and Deployment Wizard ActiveX function call access (browser-plugins.rules)
 * 1:13325 <-> DISABLED <-> BROWSER-PLUGINS Macrovision FLEXnet Connect ActiveX clsid access (browser-plugins.rules)
 * 1:13327 <-> DISABLED <-> BROWSER-PLUGINS Macrovision FLEXnet Connect ActiveX function call access (browser-plugins.rules)
 * 1:13329 <-> DISABLED <-> BROWSER-PLUGINS Toshiba Surveillance Surveillix DVR ActiveX clsid access (browser-plugins.rules)
 * 1:13331 <-> DISABLED <-> BROWSER-PLUGINS Toshiba Surveillance Surveillix DVR ActiveX function call access (browser-plugins.rules)
 * 1:13333 <-> DISABLED <-> BROWSER-PLUGINS HP Virtual Rooms ActiveX clsid access (browser-plugins.rules)
 * 1:13335 <-> DISABLED <-> BROWSER-PLUGINS Lycos File Upload Component ActiveX clsid access (browser-plugins.rules)
 * 1:13337 <-> DISABLED <-> BROWSER-PLUGINS Comodo AntiVirus ActiveX clsid access (browser-plugins.rules)
 * 1:13348 <-> DISABLED <-> BROWSER-PLUGINS Move Networks Media Player ActiveX clsid access (browser-plugins.rules)
 * 1:13350 <-> DISABLED <-> BROWSER-PLUGINS Move Networks Media Player ActiveX function call access (browser-plugins.rules)
 * 1:13352 <-> DISABLED <-> BROWSER-PLUGINS Lycos File Upload Component ActiveX function call access (browser-plugins.rules)
 * 1:13354 <-> DISABLED <-> BROWSER-PLUGINS HP Virtual Rooms ActiveX function call access (browser-plugins.rules)
 * 1:13419 <-> ENABLED <-> BROWSER-PLUGINS Facebook Photo Uploader ActiveX clsid access (browser-plugins.rules)
 * 1:13421 <-> ENABLED <-> BROWSER-PLUGINS Facebook Photo Uploader ActiveX function call access (browser-plugins.rules)
 * 1:13423 <-> DISABLED <-> BROWSER-PLUGINS SwiftView ActiveX clsid access (browser-plugins.rules)
 * 1:13426 <-> DISABLED <-> BROWSER-PLUGINS Yahoo Music JukeBox DataGrid ActiveX clsid access (browser-plugins.rules)
 * 1:13428 <-> DISABLED <-> BROWSER-PLUGINS Yahoo Music JukeBox DataGrid ActiveX function call access (browser-plugins.rules)
 * 1:13430 <-> DISABLED <-> BROWSER-PLUGINS Yahoo Music JukeBox MediaGrid ActiveX clsid access (browser-plugins.rules)
 * 1:13432 <-> DISABLED <-> BROWSER-PLUGINS Yahoo Music JukeBox MediaGrid ActiveX function call access (browser-plugins.rules)
 * 1:13434 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader 4 Property Overflows ActiveX clsid access (browser-plugins.rules)
 * 1:13436 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader 4 Property Overflows ActiveX function call access (browser-plugins.rules)
 * 1:13438 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader 5 Vulnerable Methods ActiveX clsid access (browser-plugins.rules)
 * 1:13440 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader 5 Vulnerable Methods ActiveX function call access (browser-plugins.rules)
 * 1:13442 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader 5 Property Overflows ActiveX clsid access (browser-plugins.rules)
 * 1:13444 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader 5 Property Overflows ActiveX function call access (browser-plugins.rules)
 * 1:13446 <-> DISABLED <-> BROWSER-PLUGINS GlobalLink HanGamePlugin ActiveX clsid access (browser-plugins.rules)
 * 1:13451 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Visual FoxPro foxtlib ActiveX clsid access (browser-plugins.rules)
 * 1:13457 <-> ENABLED <-> BROWSER-PLUGINS Microsoft Windows Forms 2.0 ActiveX clsid access (browser-plugins.rules)
 * 1:13459 <-> ENABLED <-> BROWSER-PLUGINS Microsoft Windows Forms 2.0 ActiveX function call access (browser-plugins.rules)
 * 1:13472 <-> DISABLED <-> FILE-OFFICE Microsoft Works invalid chunk size (file-office.rules)
 * 1:13479 <-> DISABLED <-> MALWARE-OTHER Keylogger findnot guarddog 4.0 runtime detection (malware-other.rules)
 * 1:13480 <-> DISABLED <-> MALWARE-OTHER Keylogger findnot guarddog 4.0 runtime detection (malware-other.rules)
 * 1:13494 <-> DISABLED <-> MALWARE-OTHER Keylogger smart pc Keylogger runtime detection (malware-other.rules)
 * 1:13523 <-> DISABLED <-> BROWSER-PLUGINS Novell iPrint ActiveX clsid access (browser-plugins.rules)
 * 1:13525 <-> DISABLED <-> BROWSER-PLUGINS Novell iPrint ActiveX function call access (browser-plugins.rules)
 * 1:13527 <-> DISABLED <-> BROWSER-PLUGINS D-Link MPEG4 SHM Audio Control ActiveX clsid access (browser-plugins.rules)
 * 1:13529 <-> DISABLED <-> BROWSER-PLUGINS D-Link MPEG4 SHM Audio Control ActiveX function call access (browser-plugins.rules)
 * 1:13531 <-> DISABLED <-> BROWSER-PLUGINS 4xem VatCtrl ActiveX clsid access (browser-plugins.rules)
 * 1:13533 <-> DISABLED <-> BROWSER-PLUGINS 4xem VatCtrl ActiveX function call access (browser-plugins.rules)
 * 1:13535 <-> DISABLED <-> BROWSER-PLUGINS Vivotek RTSP MPEG4 SP Control ActiveX clsid access (browser-plugins.rules)
 * 1:13537 <-> DISABLED <-> BROWSER-PLUGINS Vivotek RTSP MPEG4 SP Control ActiveX function call access (browser-plugins.rules)
 * 1:13539 <-> DISABLED <-> BROWSER-PLUGINS Symantec Backup Exec ActiveX clsid access (browser-plugins.rules)
 * 1:13541 <-> DISABLED <-> BROWSER-PLUGINS Symantec Backup Exec ActiveX function call access (browser-plugins.rules)
 * 1:13543 <-> DISABLED <-> BROWSER-PLUGINS Learn2 STRunner ActiveX clsid access (browser-plugins.rules)
 * 1:13545 <-> DISABLED <-> BROWSER-PLUGINS Learn2 STRunner ActiveX function call access (browser-plugins.rules)
 * 1:13547 <-> DISABLED <-> BROWSER-PLUGINS Sony ImageStation ActiveX clsid access (browser-plugins.rules)
 * 1:13549 <-> DISABLED <-> BROWSER-PLUGINS Sony ImageStation ActiveX function call access (browser-plugins.rules)
 * 1:13567 <-> DISABLED <-> MALWARE-OTHER Keylogger msn spy monitor runtime detection (malware-other.rules)
 * 1:13568 <-> DISABLED <-> MALWARE-OTHER Keylogger sys keylog 1.3 advanced runtime detection (malware-other.rules)
 * 1:13580 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Office Web Components remote code execution attempt ActiveX clsid access (browser-plugins.rules)
 * 1:13595 <-> DISABLED <-> BROWSER-PLUGINS ICQ Toolbar toolbaru.dll ActiveX clsid access (browser-plugins.rules)
 * 1:13597 <-> DISABLED <-> BROWSER-PLUGINS ICQ Toolbar toolbaru.dll ActiveX function call access (browser-plugins.rules)
 * 1:13599 <-> DISABLED <-> BROWSER-PLUGINS Kingsoft Antivirus Online Update Module ActiveX clsid access (browser-plugins.rules)
 * 1:13601 <-> DISABLED <-> BROWSER-PLUGINS Kingsoft Antivirus Online Update Module ActiveX function call access (browser-plugins.rules)
 * 1:13603 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer Download Handler ActiveX function call access (browser-plugins.rules)
 * 1:13605 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer RAM Download Handler ActiveX function call access (browser-plugins.rules)
 * 1:13607 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer RMOC3260.DLL Vulnerble Property ActiveX clsid access (browser-plugins.rules)
 * 1:13609 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer RMOC3260.DLL Vulnerble Property ActiveX function call access (browser-plugins.rules)
 * 1:13617 <-> DISABLED <-> SERVER-ORACLE Oracle database version 8 username buffer overflow attempt (server-oracle.rules)
 * 1:13618 <-> DISABLED <-> SERVER-ORACLE Oracle database version 9 username buffer overflow attempt (server-oracle.rules)
 * 1:13621 <-> DISABLED <-> BROWSER-PLUGINS CA BrightStor ListCtrl ActiveX clsid access (browser-plugins.rules)
 * 1:13623 <-> DISABLED <-> BROWSER-PLUGINS CA BrightStor ListCtrl ActiveX function call access (browser-plugins.rules)
 * 1:13642 <-> DISABLED <-> MALWARE-OTHER Keylogger easy Keylogger runtime detection (malware-other.rules)
 * 1:13651 <-> DISABLED <-> MALWARE-OTHER Keylogger family cyber alert runtime detection - smtp traffic for recorded activities (malware-other.rules)
 * 1:13656 <-> ENABLED <-> SERVER-WEBAPP Cisco Secure Access Control Server UCP Application CSuserCGI.exe buffer overflow attempt (server-webapp.rules)
 * 1:13657 <-> DISABLED <-> BROWSER-PLUGINS BusinessObjects RptViewerAx ActiveX clsid access (browser-plugins.rules)
 * 1:13659 <-> DISABLED <-> BROWSER-PLUGINS BusinessObjects RptViewerAx ActiveX function call access (browser-plugins.rules)
 * 1:13661 <-> DISABLED <-> BROWSER-PLUGINS VeralSoft HTTP File Upload ActiveX clsid access (browser-plugins.rules)
 * 1:13668 <-> ENABLED <-> BROWSER-PLUGINS Microsoft Windows Help 2.0 Contents Control ActiveX clsid access (browser-plugins.rules)
 * 1:13670 <-> ENABLED <-> BROWSER-PLUGINS Microsoft Windows Help 2.0 Contents Control ActiveX function call access (browser-plugins.rules)
 * 1:13672 <-> ENABLED <-> BROWSER-PLUGINS Microsoft Windows Help 2.0 Contents Control 2 ActiveX clsid access (browser-plugins.rules)
 * 1:13674 <-> ENABLED <-> BROWSER-PLUGINS Microsoft Windows Help 2.0 Contents Control 2 ActiveX function call access (browser-plugins.rules)
 * 1:13679 <-> DISABLED <-> BROWSER-PLUGINS IBiz EBanking Integrator ActiveX clsid access (browser-plugins.rules)
 * 1:13681 <-> DISABLED <-> BROWSER-PLUGINS CDNetworks Nefficient Download ActiveX clsid access (browser-plugins.rules)
 * 1:13683 <-> DISABLED <-> BROWSER-PLUGINS CDNetworks Nefficient Download ActiveX function call access (browser-plugins.rules)
 * 1:13685 <-> DISABLED <-> BROWSER-PLUGINS Chilkat HTTP 1 ActiveX clsid access (browser-plugins.rules)
 * 1:13687 <-> DISABLED <-> BROWSER-PLUGINS Chilkat HTTP 1 ActiveX function call access (browser-plugins.rules)
 * 1:13689 <-> DISABLED <-> BROWSER-PLUGINS Chilkat HTTP 2 ActiveX clsid access (browser-plugins.rules)
 * 1:13691 <-> DISABLED <-> BROWSER-PLUGINS Chilkat HTTP 2 ActiveX function call access (browser-plugins.rules)
 * 1:13699 <-> DISABLED <-> BROWSER-PLUGINS CA DSM gui_cm_ctrls ActiveX clsid access (browser-plugins.rules)
 * 1:13715 <-> ENABLED <-> SERVER-WEBAPP HP OpenView Network Node Manager HTTP handling buffer overflow attempt (server-webapp.rules)
 * 1:13720 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 3 ActiveX clsid access (browser-plugins.rules)
 * 1:13722 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 4 ActiveX clsid access (browser-plugins.rules)
 * 1:13724 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 5 ActiveX clsid access (browser-plugins.rules)
 * 1:13726 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 6 ActiveX clsid access (browser-plugins.rules)
 * 1:13728 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 7 ActiveX clsid access (browser-plugins.rules)
 * 1:13730 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 8 ActiveX clsid access (browser-plugins.rules)
 * 1:13732 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 9 ActiveX clsid access (browser-plugins.rules)
 * 1:13734 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 10 ActiveX clsid access (browser-plugins.rules)
 * 1:13736 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 11 ActiveX clsid access (browser-plugins.rules)
 * 1:13738 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 12 ActiveX clsid access (browser-plugins.rules)
 * 1:1374 <-> DISABLED <-> SERVER-WEBAPP .htgroup access (server-webapp.rules)
 * 1:13740 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 13 ActiveX clsid access (browser-plugins.rules)
 * 1:13742 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 14 ActiveX clsid access (browser-plugins.rules)
 * 1:13744 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 15 ActiveX clsid access (browser-plugins.rules)
 * 1:13746 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 16 ActiveX clsid access (browser-plugins.rules)
 * 1:13748 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 17 ActiveX clsid access (browser-plugins.rules)
 * 1:1375 <-> DISABLED <-> SERVER-WEBAPP sadmind worm access (server-webapp.rules)
 * 1:13750 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 18 ActiveX clsid access (browser-plugins.rules)
 * 1:13752 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 19 ActiveX clsid access (browser-plugins.rules)
 * 1:13754 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 20 ActiveX clsid access (browser-plugins.rules)
 * 1:13756 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 21 ActiveX clsid access (browser-plugins.rules)
 * 1:13758 <-> DISABLED <-> BROWSER-PLUGINS Microsoft HeartbeatCtl ActiveX clsid access (browser-plugins.rules)
 * 1:1376 <-> DISABLED <-> SERVER-WEBAPP jrun directory browse attempt (server-webapp.rules)
 * 1:13760 <-> DISABLED <-> BROWSER-PLUGINS Microsoft HeartbeatCtl ActiveX function call access (browser-plugins.rules)
 * 1:13767 <-> DISABLED <-> MALWARE-OTHER Keylogger cyber sitter runtime detection (malware-other.rules)
 * 1:13768 <-> DISABLED <-> MALWARE-OTHER Keylogger cyber sitter runtime detection (malware-other.rules)
 * 1:13778 <-> DISABLED <-> MALWARE-OTHER Keylogger kgb employee monitor runtime detection (malware-other.rules)
 * 1:13783 <-> DISABLED <-> BROWSER-PLUGINS Yahoo Assistant ActiveX clsid access (browser-plugins.rules)
 * 1:13785 <-> DISABLED <-> BROWSER-PLUGINS Ourgame GLWorld ActiveX clsid access (browser-plugins.rules)
 * 1:13787 <-> DISABLED <-> BROWSER-PLUGINS Ourgame GLWorld ActiveX function call access (browser-plugins.rules)
 * 1:13804 <-> DISABLED <-> SERVER-OTHER Borland Software InterBase ibserver.exe Service Attach Request buffer overflow attempt (server-other.rules)
 * 1:1381 <-> DISABLED <-> SERVER-WEBAPP Trend Micro OfficeScan attempt (server-webapp.rules)
 * 1:13812 <-> DISABLED <-> MALWARE-OTHER Keylogger refog Keylogger runtime detection (malware-other.rules)
 * 1:13819 <-> DISABLED <-> SERVER-WEBAPP IBM Lotus Domino Web Server Accept-Language header buffer overflow attempt (server-webapp.rules)
 * 1:13827 <-> DISABLED <-> OS-WINDOWS Microsoft Windows PGM denial of service attempt (os-windows.rules)
 * 1:13828 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer sapi.dll ActiveX clsid access (browser-plugins.rules)
 * 1:13830 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer sapi.dll alternate killbit ActiveX clsid access (browser-plugins.rules)
 * 1:13832 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer backweb ActiveX clsid access (browser-plugins.rules)
 * 1:13839 <-> ENABLED <-> SERVER-OTHER CA ARCServ NetBackup remote file upload attempt (server-other.rules)
 * 1:13844 <-> DISABLED <-> SERVER-MAIL BDAT size longer than contents exploit attempt (server-mail.rules)
 * 1:13845 <-> DISABLED <-> SERVER-MAIL BDAT size public exploit attempt (server-mail.rules)
 * 1:1385 <-> DISABLED <-> SERVER-WEBAPP mod-plsql administration access (server-webapp.rules)
 * 1:13857 <-> DISABLED <-> BROWSER-PLUGINS HP Instant Support DataManager ActiveX clsid access (browser-plugins.rules)
 * 1:13859 <-> DISABLED <-> BROWSER-PLUGINS HP Instant Support DataManager ActiveX function call access (browser-plugins.rules)
 * 1:1386 <-> DISABLED <-> SERVER-MSSQL raiserror possible buffer overflow (server-mssql.rules)
 * 1:13883 <-> DISABLED <-> BROWSER-PLUGINS UUSee UUUpgrade ActiveX clsid access (browser-plugins.rules)
 * 1:13885 <-> DISABLED <-> BROWSER-PLUGINS UUSee UUUpgrade ActiveX function call access (browser-plugins.rules)
 * 1:13891 <-> DISABLED <-> SERVER-MSSQL Memory page overwrite attempt  (server-mssql.rules)
 * 1:13892 <-> DISABLED <-> SERVER-MSSQL Convert function style overwrite  (server-mssql.rules)
 * 1:13894 <-> DISABLED <-> SERVER-MAIL Micrsoft Office Outlook Web Access From field cross-site scripting attempt  (server-mail.rules)
 * 1:13895 <-> ENABLED <-> SERVER-MAIL Micrsoft Office Outlook Web Access invalid CSS escape sequence script execution attempt  (server-mail.rules)
 * 1:13896 <-> DISABLED <-> SERVER-MSSQL Microsoft SQL server MTF file download (server-mssql.rules)
 * 1:13903 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Access Snapshot Viewer 1 ActiveX clsid access (browser-plugins.rules)
 * 1:13905 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Access Snapshot Viewer 1 ActiveX function call access (browser-plugins.rules)
 * 1:13907 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Access Snapshot Viewer 2 ActiveX clsid access (browser-plugins.rules)
 * 1:13913 <-> DISABLED <-> BROWSER-PLUGINS AcroPDF.PDF ActiveX function call access (browser-plugins.rules)
 * 1:13929 <-> ENABLED <-> SERVER-WEBAPP Adobe RoboHelp rx SQL injection attempt (server-webapp.rules)
 * 1:13950 <-> ENABLED <-> FILE-OTHER Oracle Java Web Start JNLP attribute buffer overflow attempt (file-other.rules)
 * 1:13951 <-> ENABLED <-> SERVER-WEBAPP Oracle Database Server buffer overflow attempt (server-webapp.rules)
 * 1:13965 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Message System ActiveX clsid access (browser-plugins.rules)
 * 1:13967 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Message System ActiveX function call access (browser-plugins.rules)
 * 1:1399 <-> DISABLED <-> SERVER-WEBAPP PHP-Nuke remote file include attempt (server-webapp.rules)
 * 1:14013 <-> DISABLED <-> BROWSER-PLUGINS WebEx Meeting Manager atucfobj ActiveX clsid access (browser-plugins.rules)
 * 1:14015 <-> DISABLED <-> BROWSER-PLUGINS WebEx Meeting Manager atucfobj ActiveX function call access (browser-plugins.rules)
 * 1:14021 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Visual Studio Msmask32 ActiveX clsid access (browser-plugins.rules)
 * 1:14023 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Visual Studio Msmask32 ActiveX function call access (browser-plugins.rules)
 * 1:14025 <-> DISABLED <-> BROWSER-PLUGINS Computer Associates gui_cm_ctrls ActiveX clsid access (browser-plugins.rules)
 * 1:14027 <-> DISABLED <-> BROWSER-PLUGINS CA DSM gui_cm_ctrls ActiveX function call access (browser-plugins.rules)
 * 1:14029 <-> DISABLED <-> BROWSER-PLUGINS Computer Associates gui_cm_ctrls ActiveX clsid access (browser-plugins.rules)
 * 1:14031 <-> DISABLED <-> BROWSER-PLUGINS Computer Associates gui_cm_ctrls ActiveX function call access (browser-plugins.rules)
 * 1:14033 <-> DISABLED <-> BROWSER-PLUGINS Orbit Downloader ActiveX clsid access (browser-plugins.rules)
 * 1:14035 <-> DISABLED <-> BROWSER-PLUGINS Orbit Downloader ActiveX function call access (browser-plugins.rules)
 * 1:14037 <-> DISABLED <-> BROWSER-PLUGINS Novell iPrint ActiveX operation or printer-url parameter overflow attempt (browser-plugins.rules)
 * 1:14038 <-> DISABLED <-> BROWSER-PLUGINS Novell iPrint ActiveX target-frame parameter overflow attempt (browser-plugins.rules)
 * 1:14042 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer General Property Page ActiveX clsid access (browser-plugins.rules)
 * 1:14044 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer Playback Handler ActiveX function call access (browser-plugins.rules)
 * 1:14046 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer RMP Download Handler ActiveX function call access (browser-plugins.rules)
 * 1:14048 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer RNX Download Handler ActiveX function call access (browser-plugins.rules)
 * 1:14050 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer SMIL Download Handler ActiveX function call access (browser-plugins.rules)
 * 1:14052 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer Stream Handler ActiveX function call access (browser-plugins.rules)
 * 1:14065 <-> DISABLED <-> MALWARE-OTHER Keylogger emptybase j runtime detection (malware-other.rules)
 * 1:1407 <-> DISABLED <-> SERVER-WEBAPP smssend.php access (server-webapp.rules)
 * 1:14074 <-> DISABLED <-> MALWARE-OTHER Keylogger spybosspro 4.2 runtime detection (malware-other.rules)
 * 1:14075 <-> DISABLED <-> MALWARE-OTHER Keylogger ultimate Keylogger pro runtime detection (malware-other.rules)
 * 1:14088 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 1 ActiveX clsid access (browser-plugins.rules)
 * 1:14090 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 2 ActiveX clsid access (browser-plugins.rules)
 * 1:14092 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 3 ActiveX clsid access (browser-plugins.rules)
 * 1:14094 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 4 ActiveX clsid access (browser-plugins.rules)
 * 1:14096 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 5 ActiveX clsid access (browser-plugins.rules)
 * 1:14098 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 6 ActiveX clsid access (browser-plugins.rules)
 * 1:14100 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 7 ActiveX clsid access (browser-plugins.rules)
 * 1:14102 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 8 ActiveX clsid access (browser-plugins.rules)
 * 1:14104 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 9 ActiveX clsid access (browser-plugins.rules)
 * 1:14106 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 10 ActiveX clsid access (browser-plugins.rules)
 * 1:14108 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 11 ActiveX clsid access (browser-plugins.rules)
 * 1:14110 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 12 ActiveX clsid access (browser-plugins.rules)
 * 1:14112 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 13 ActiveX clsid access (browser-plugins.rules)
 * 1:14114 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 14 ActiveX clsid access (browser-plugins.rules)
 * 1:14116 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 15 ActiveX clsid access (browser-plugins.rules)
 * 1:14118 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 16 ActiveX clsid access (browser-plugins.rules)
 * 1:14120 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 17 ActiveX clsid access (browser-plugins.rules)
 * 1:14122 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 18 ActiveX clsid access (browser-plugins.rules)
 * 1:14124 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 19 ActiveX clsid access (browser-plugins.rules)
 * 1:14126 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 20 ActiveX clsid access (browser-plugins.rules)
 * 1:14128 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 21 ActiveX clsid access (browser-plugins.rules)
 * 1:14130 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 22 ActiveX clsid access (browser-plugins.rules)
 * 1:14132 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 23 ActiveX clsid access (browser-plugins.rules)
 * 1:14134 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 24 ActiveX clsid access (browser-plugins.rules)
 * 1:14136 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 25 ActiveX clsid access (browser-plugins.rules)
 * 1:14138 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 26 ActiveX clsid access (browser-plugins.rules)
 * 1:14140 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 27 ActiveX clsid access (browser-plugins.rules)
 * 1:14142 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 28 ActiveX clsid access (browser-plugins.rules)
 * 1:14144 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 29 ActiveX clsid access (browser-plugins.rules)
 * 1:14146 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 30 ActiveX clsid access (browser-plugins.rules)
 * 1:14148 <-> ENABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 31 ActiveX clsid access (browser-plugins.rules)
 * 1:14150 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 32 ActiveX clsid access (browser-plugins.rules)
 * 1:14152 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 33 ActiveX clsid access (browser-plugins.rules)
 * 1:14154 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 34 ActiveX clsid access (browser-plugins.rules)
 * 1:14156 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 35 ActiveX clsid access (browser-plugins.rules)
 * 1:14158 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 36 ActiveX clsid access (browser-plugins.rules)
 * 1:14160 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 37 ActiveX clsid access (browser-plugins.rules)
 * 1:14162 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 38 ActiveX clsid access (browser-plugins.rules)
 * 1:14164 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 39 ActiveX clsid access (browser-plugins.rules)
 * 1:14166 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 40 ActiveX clsid access (browser-plugins.rules)
 * 1:14168 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 41 ActiveX clsid access (browser-plugins.rules)
 * 1:14170 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 42 ActiveX clsid access (browser-plugins.rules)
 * 1:14172 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 43 ActiveX clsid access (browser-plugins.rules)
 * 1:14174 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 44 ActiveX clsid access (browser-plugins.rules)
 * 1:14176 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 45 ActiveX clsid access (browser-plugins.rules)
 * 1:14178 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 46 ActiveX clsid access (browser-plugins.rules)
 * 1:14180 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 47 ActiveX clsid access (browser-plugins.rules)
 * 1:14182 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 48 ActiveX clsid access (browser-plugins.rules)
 * 1:14184 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 49 ActiveX clsid access (browser-plugins.rules)
 * 1:14186 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 50 ActiveX clsid access (browser-plugins.rules)
 * 1:14188 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 51 ActiveX clsid access (browser-plugins.rules)
 * 1:14190 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 52 ActiveX clsid access (browser-plugins.rules)
 * 1:14192 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 53 ActiveX clsid access (browser-plugins.rules)
 * 1:14194 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 54 ActiveX clsid access (browser-plugins.rules)
 * 1:14196 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 55 ActiveX clsid access (browser-plugins.rules)
 * 1:14198 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 56 ActiveX clsid access (browser-plugins.rules)
 * 1:14200 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 57 ActiveX clsid access (browser-plugins.rules)
 * 1:14202 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 58 ActiveX clsid access (browser-plugins.rules)
 * 1:14204 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 59 ActiveX clsid access (browser-plugins.rules)
 * 1:14206 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 60 ActiveX clsid access (browser-plugins.rules)
 * 1:14208 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 61 ActiveX clsid access (browser-plugins.rules)
 * 1:14210 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 62 ActiveX clsid access (browser-plugins.rules)
 * 1:14212 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 63 ActiveX clsid access (browser-plugins.rules)
 * 1:14214 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 64 ActiveX clsid access (browser-plugins.rules)
 * 1:14216 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 65 ActiveX clsid access (browser-plugins.rules)
 * 1:14218 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 66 ActiveX clsid access (browser-plugins.rules)
 * 1:14220 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 67 ActiveX clsid access (browser-plugins.rules)
 * 1:14222 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 68 ActiveX clsid access (browser-plugins.rules)
 * 1:14224 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 69 ActiveX clsid access (browser-plugins.rules)
 * 1:14226 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 70 ActiveX clsid access (browser-plugins.rules)
 * 1:14228 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 71 ActiveX clsid access (browser-plugins.rules)
 * 1:1423 <-> DISABLED <-> SERVER-WEBAPP content-disposition memchr overflow (server-webapp.rules)
 * 1:14231 <-> DISABLED <-> BROWSER-PLUGINS SoftArtisans XFile FileManager ActiveX clsid access (browser-plugins.rules)
 * 1:14233 <-> DISABLED <-> BROWSER-PLUGINS SoftArtisans XFile FileManager ActiveX function call access (browser-plugins.rules)
 * 1:14235 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Media Services ActiveX clsid access (browser-plugins.rules)
 * 1:14237 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Media Services ActiveX function call access (browser-plugins.rules)
 * 1:14239 <-> DISABLED <-> BROWSER-PLUGINS Friendly Technologies fwRemoteConfig ActiveX clsid access (browser-plugins.rules)
 * 1:14241 <-> DISABLED <-> BROWSER-PLUGINS Friendly Technologies fwRemoteConfig ActiveX function call access (browser-plugins.rules)
 * 1:14243 <-> DISABLED <-> BROWSER-PLUGINS Najdi.si Toolbar ActiveX clsid access (browser-plugins.rules)
 * 1:14245 <-> DISABLED <-> BROWSER-PLUGINS Najdi.si Toolbar ActiveX function call access (browser-plugins.rules)
 * 1:14247 <-> DISABLED <-> BROWSER-PLUGINS Eyeball MessengerSDK ActiveX clsid access (browser-plugins.rules)
 * 1:14249 <-> DISABLED <-> BROWSER-PLUGINS Eyeball MessengerSDK ActiveX function call access (browser-plugins.rules)
 * 1:1425 <-> DISABLED <-> SERVER-WEBAPP content-disposition file upload attempt (server-webapp.rules)
 * 1:14255 <-> ENABLED <-> BROWSER-PLUGINS Microsoft Windows Media Encoder 9 ActiveX clsid access (browser-plugins.rules)
 * 1:14257 <-> ENABLED <-> BROWSER-PLUGINS Microsoft Windows Media Encoder 9 ActiveX function call access (browser-plugins.rules)
 * 1:14266 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Image Acquisition Logger ActiveX clsid access (browser-plugins.rules)
 * 1:14268 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Image Acquisition Logger ActiveX function call access (browser-plugins.rules)
 * 1:14270 <-> DISABLED <-> BROWSER-PLUGINS VieLib2.Vie2Locator ActiveX clsid access (browser-plugins.rules)
 * 1:14272 <-> DISABLED <-> BROWSER-PLUGINS VieLib2.Vie2Locator ActiveX function call access (browser-plugins.rules)
 * 1:14274 <-> DISABLED <-> BROWSER-PLUGINS Vie2Lib.Vie2LinuxVolume ActiveX clsid access (browser-plugins.rules)
 * 1:14276 <-> DISABLED <-> BROWSER-PLUGINS Vie2Lib.Vie2LinuxVolume ActiveX function call access (browser-plugins.rules)
 * 1:14278 <-> DISABLED <-> BROWSER-PLUGINS VieLib2.Vie2Process ActiveX clsid access (browser-plugins.rules)
 * 1:14280 <-> DISABLED <-> BROWSER-PLUGINS VieLib2.Vie2Process ActiveX function call access (browser-plugins.rules)
 * 1:14282 <-> DISABLED <-> BROWSER-PLUGINS IntraProcessLogging.Logger ActiveX clsid access (browser-plugins.rules)
 * 1:14284 <-> DISABLED <-> BROWSER-PLUGINS IntraProcessLogging.Logger ActiveX function call access (browser-plugins.rules)
 * 1:14286 <-> DISABLED <-> BROWSER-PLUGINS VMClientHosts Class ActiveX clsid access (browser-plugins.rules)
 * 1:14288 <-> DISABLED <-> BROWSER-PLUGINS VMClientHosts Class ActiveX function call access (browser-plugins.rules)
 * 1:14290 <-> DISABLED <-> BROWSER-PLUGINS VhdCvtCom.DiskLibCreateParamObj ActiveX clsid access (browser-plugins.rules)
 * 1:14292 <-> DISABLED <-> BROWSER-PLUGINS VhdCvtCom.DiskLibCreateParamObj ActiveX function call access (browser-plugins.rules)
 * 1:14294 <-> DISABLED <-> BROWSER-PLUGINS RemoteDirDlg Class ActiveX clsid access (browser-plugins.rules)
 * 1:14296 <-> DISABLED <-> BROWSER-PLUGINS RemoteDirDlg Class ActiveX function call access (browser-plugins.rules)
 * 1:14298 <-> DISABLED <-> BROWSER-PLUGINS TeamListViewWnd Class ActiveX clsid access (browser-plugins.rules)
 * 1:14300 <-> DISABLED <-> BROWSER-PLUGINS TeamListViewWnd Class ActiveX function call access (browser-plugins.rules)
 * 1:14302 <-> DISABLED <-> BROWSER-PLUGINS VMStatusbarCtl Class ActiveX clsid access (browser-plugins.rules)
 * 1:14304 <-> DISABLED <-> BROWSER-PLUGINS VMStatusbarCtl Class ActiveX function call access (browser-plugins.rules)
 * 1:14306 <-> DISABLED <-> BROWSER-PLUGINS Vmc2vmx.CoVPCConfiguration ActiveX clsid access (browser-plugins.rules)
 * 1:14308 <-> DISABLED <-> BROWSER-PLUGINS Vmc2vmx.CoVPCConfiguration ActiveX function call access (browser-plugins.rules)
 * 1:14310 <-> DISABLED <-> BROWSER-PLUGINS VmdbUpdate Class ActiveX clsid access (browser-plugins.rules)
 * 1:14312 <-> DISABLED <-> BROWSER-PLUGINS VmdbUpdate Class ActiveX function call access (browser-plugins.rules)
 * 1:14314 <-> DISABLED <-> BROWSER-PLUGINS VMWare unspecified 1 ActiveX clsid access (browser-plugins.rules)
 * 1:14316 <-> DISABLED <-> BROWSER-PLUGINS VmdbExecuteError Class ActiveX clsid access (browser-plugins.rules)
 * 1:14318 <-> DISABLED <-> BROWSER-PLUGINS VmdbExecuteError Class ActiveX function call access (browser-plugins.rules)
 * 1:14320 <-> DISABLED <-> BROWSER-PLUGINS VMWare unspecified 2 ActiveX clsid access (browser-plugins.rules)
 * 1:14322 <-> DISABLED <-> BROWSER-PLUGINS reconfig.SysImageUti ActiveX clsid access (browser-plugins.rules)
 * 1:14324 <-> DISABLED <-> BROWSER-PLUGINS reconfig.SysImageUti ActiveX function call access (browser-plugins.rules)
 * 1:14326 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Visual Database Tools Query Designer V7.0 ActiveX clsid access (browser-plugins.rules)
 * 1:14328 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Visual Database Tools Query Designer V7.0 ActiveX function call access (browser-plugins.rules)
 * 1:1433 <-> DISABLED <-> SERVER-WEBAPP .history access (server-webapp.rules)
 * 1:14330 <-> DISABLED <-> BROWSER-PLUGINS VmdbContext Class ActiveX clsid access (browser-plugins.rules)
 * 1:14332 <-> DISABLED <-> BROWSER-PLUGINS VmdbContext Class ActiveX function call access (browser-plugins.rules)
 * 1:14334 <-> DISABLED <-> BROWSER-PLUGINS VMClientVMs Class ActiveX clsid access (browser-plugins.rules)
 * 1:14336 <-> DISABLED <-> BROWSER-PLUGINS VMClientVMs Class ActiveX function call access (browser-plugins.rules)
 * 1:14338 <-> DISABLED <-> BROWSER-PLUGINS vmappPropObj Class ActiveX clsid access (browser-plugins.rules)
 * 1:1434 <-> DISABLED <-> SERVER-WEBAPP .bash_history access (server-webapp.rules)
 * 1:14340 <-> DISABLED <-> BROWSER-PLUGINS vmappPropObj Class ActiveX function call access (browser-plugins.rules)
 * 1:14342 <-> DISABLED <-> BROWSER-PLUGINS VMWare unspecified 3 ActiveX clsid access (browser-plugins.rules)
 * 1:14344 <-> DISABLED <-> BROWSER-PLUGINS VMMsg Class ActiveX clsid access (browser-plugins.rules)
 * 1:14346 <-> DISABLED <-> BROWSER-PLUGINS VMMsg Class ActiveX function call access (browser-plugins.rules)
 * 1:14348 <-> DISABLED <-> BROWSER-PLUGINS VMWare unspecified 4 ActiveX clsid access (browser-plugins.rules)
 * 1:14350 <-> DISABLED <-> BROWSER-PLUGINS reconfig.PopulatedDi ActiveX clsid access (browser-plugins.rules)
 * 1:14352 <-> DISABLED <-> BROWSER-PLUGINS reconfig.PopulatedDi ActiveX function call access (browser-plugins.rules)
 * 1:14354 <-> DISABLED <-> BROWSER-PLUGINS Elevated.ElevMgr ActiveX clsid access (browser-plugins.rules)
 * 1:14356 <-> DISABLED <-> BROWSER-PLUGINS Elevated.ElevMgr ActiveX function call access (browser-plugins.rules)
 * 1:14358 <-> DISABLED <-> BROWSER-PLUGINS VMWare unspecified 5 ActiveX clsid access (browser-plugins.rules)
 * 1:14360 <-> DISABLED <-> BROWSER-PLUGINS HardwareCtl Class ActiveX clsid access (browser-plugins.rules)
 * 1:14362 <-> DISABLED <-> BROWSER-PLUGINS HardwareCtl Class ActiveX function call access (browser-plugins.rules)
 * 1:14364 <-> DISABLED <-> BROWSER-PLUGINS VMWare unspecified 6 ActiveX clsid access (browser-plugins.rules)
 * 1:14366 <-> DISABLED <-> BROWSER-PLUGINS VmdbQuery Class ActiveX clsid access (browser-plugins.rules)
 * 1:14368 <-> DISABLED <-> BROWSER-PLUGINS VmdbQuery Class ActiveX function call access (browser-plugins.rules)
 * 1:14370 <-> DISABLED <-> BROWSER-PLUGINS vmappPropObj2 Class ActiveX clsid access (browser-plugins.rules)
 * 1:14372 <-> DISABLED <-> BROWSER-PLUGINS vmappPropObj2 Class ActiveX function call access (browser-plugins.rules)
 * 1:14374 <-> DISABLED <-> BROWSER-PLUGINS VmappPoll Class ActiveX clsid access (browser-plugins.rules)
 * 1:14376 <-> DISABLED <-> BROWSER-PLUGINS VmappPoll Class ActiveX function call access (browser-plugins.rules)
 * 1:14378 <-> DISABLED <-> BROWSER-PLUGINS VMClient Class ActiveX clsid access (browser-plugins.rules)
 * 1:14380 <-> DISABLED <-> BROWSER-PLUGINS VMClient Class ActiveX function call access (browser-plugins.rules)
 * 1:14382 <-> DISABLED <-> BROWSER-PLUGINS Pq2vcom.Pq2v ActiveX clsid access (browser-plugins.rules)
 * 1:14384 <-> DISABLED <-> BROWSER-PLUGINS Pq2vcom.Pq2v ActiveX function call access (browser-plugins.rules)
 * 1:14386 <-> DISABLED <-> BROWSER-PLUGINS VmdbSchema Class ActiveX clsid access (browser-plugins.rules)
 * 1:14388 <-> DISABLED <-> BROWSER-PLUGINS VmdbSchema Class ActiveX function call access (browser-plugins.rules)
 * 1:14394 <-> DISABLED <-> BROWSER-PLUGINS VixCOM.VixLib ActiveX clsid access (browser-plugins.rules)
 * 1:14396 <-> DISABLED <-> BROWSER-PLUGINS VixCOM.VixLib ActiveX function call access (browser-plugins.rules)
 * 1:14398 <-> DISABLED <-> BROWSER-PLUGINS vmappsdk.CuiObj ActiveX clsid access (browser-plugins.rules)
 * 1:14400 <-> DISABLED <-> BROWSER-PLUGINS vmappsdk.CuiObj ActiveX function call access (browser-plugins.rules)
 * 1:14402 <-> DISABLED <-> BROWSER-PLUGINS RemoteBrowseDlg Class ActiveX clsid access (browser-plugins.rules)
 * 1:14404 <-> DISABLED <-> BROWSER-PLUGINS RemoteBrowseDlg Class ActiveX function call access (browser-plugins.rules)
 * 1:14406 <-> DISABLED <-> BROWSER-PLUGINS RegVmsCtl Class ActiveX clsid access (browser-plugins.rules)
 * 1:14408 <-> DISABLED <-> BROWSER-PLUGINS RegVmsCtl Class ActiveX function call access (browser-plugins.rules)
 * 1:14410 <-> DISABLED <-> BROWSER-PLUGINS VmdbEnumTags Class ActiveX clsid access (browser-plugins.rules)
 * 1:14412 <-> DISABLED <-> BROWSER-PLUGINS VmdbEnumTags Class ActiveX function call access (browser-plugins.rules)
 * 1:14414 <-> DISABLED <-> BROWSER-PLUGINS VMWare unspecified 7 ActiveX clsid access (browser-plugins.rules)
 * 1:14420 <-> DISABLED <-> BROWSER-PLUGINS VmdbDatabase Class ActiveX clsid access (browser-plugins.rules)
 * 1:14422 <-> DISABLED <-> BROWSER-PLUGINS VmdbDatabase Class ActiveX function call access (browser-plugins.rules)
 * 1:14424 <-> DISABLED <-> BROWSER-PLUGINS VMAppSdkUtil Class ActiveX clsid access (browser-plugins.rules)
 * 1:14426 <-> DISABLED <-> BROWSER-PLUGINS VMAppSdkUtil Class ActiveX function call access (browser-plugins.rules)
 * 1:14428 <-> DISABLED <-> BROWSER-PLUGINS VMWare unspecified 8 ActiveX clsid access (browser-plugins.rules)
 * 1:14430 <-> DISABLED <-> BROWSER-PLUGINS VMEnumStrings Class ActiveX clsid access (browser-plugins.rules)
 * 1:14432 <-> DISABLED <-> BROWSER-PLUGINS VMEnumStrings Class ActiveX function call access (browser-plugins.rules)
 * 1:14434 <-> DISABLED <-> BROWSER-PLUGINS VMWare unspecified 9 ActiveX clsid access (browser-plugins.rules)
 * 1:14436 <-> DISABLED <-> BROWSER-PLUGINS VMClientHost Class ActiveX clsid access (browser-plugins.rules)
 * 1:14438 <-> DISABLED <-> BROWSER-PLUGINS VMClientHost Class ActiveX function call access (browser-plugins.rules)
 * 1:14440 <-> DISABLED <-> BROWSER-PLUGINS VMWare unspecified 10 ActiveX clsid access (browser-plugins.rules)
 * 1:14442 <-> DISABLED <-> BROWSER-PLUGINS VMWare unspecified 11 ActiveX clsid access (browser-plugins.rules)
 * 1:14444 <-> DISABLED <-> BROWSER-PLUGINS VMWare unspecified 12 ActiveX clsid access (browser-plugins.rules)
 * 1:14446 <-> DISABLED <-> BROWSER-PLUGINS VMWare unspecified 13 ActiveX clsid access (browser-plugins.rules)
 * 1:14448 <-> DISABLED <-> BROWSER-PLUGINS reconfig.SystemReconfigur ActiveX clsid access (browser-plugins.rules)
 * 1:14450 <-> DISABLED <-> BROWSER-PLUGINS reconfig.SystemReconfigur ActiveX function call access (browser-plugins.rules)
 * 1:14452 <-> DISABLED <-> BROWSER-PLUGINS vmhwcfg.NwzCompleted ActiveX clsid access (browser-plugins.rules)
 * 1:14454 <-> DISABLED <-> BROWSER-PLUGINS vmhwcfg.NwzCompleted ActiveX function call access (browser-plugins.rules)
 * 1:14456 <-> DISABLED <-> BROWSER-PLUGINS MksCompatCtl Class ActiveX clsid access (browser-plugins.rules)
 * 1:14458 <-> DISABLED <-> BROWSER-PLUGINS MksCompatCtl Class ActiveX function call access (browser-plugins.rules)
 * 1:1446 <-> DISABLED <-> SERVER-MAIL vrfy root (server-mail.rules)
 * 1:14460 <-> DISABLED <-> BROWSER-PLUGINS VMWare unspecified 14 ActiveX clsid access (browser-plugins.rules)
 * 1:14466 <-> DISABLED <-> BROWSER-PLUGINS VMWare unspecified 15 ActiveX clsid access (browser-plugins.rules)
 * 1:14468 <-> DISABLED <-> BROWSER-PLUGINS Elevated.HostDeviceInfos ActiveX clsid access (browser-plugins.rules)
 * 1:14470 <-> DISABLED <-> BROWSER-PLUGINS Elevated.HostDeviceInfos ActiveX function call access (browser-plugins.rules)
 * 1:14472 <-> DISABLED <-> BROWSER-PLUGINS VMWare unspecified 16 ActiveX clsid access (browser-plugins.rules)
 * 1:14474 <-> DISABLED <-> BROWSER-PLUGINS VMWare unspecified 17 ActiveX clsid access (browser-plugins.rules)
 * 1:14476 <-> DISABLED <-> BROWSER-PLUGINS reconfig.GuestInfo ActiveX clsid access (browser-plugins.rules)
 * 1:14478 <-> DISABLED <-> BROWSER-PLUGINS reconfig.GuestInfo ActiveX function call access (browser-plugins.rules)
 * 1:14480 <-> DISABLED <-> BROWSER-PLUGINS VmappPropFrame Class ActiveX clsid access (browser-plugins.rules)
 * 1:14482 <-> DISABLED <-> BROWSER-PLUGINS VmappPropFrame Class ActiveX function call access (browser-plugins.rules)
 * 1:14484 <-> DISABLED <-> BROWSER-PLUGINS VhdCvtCom.VhdConverter ActiveX clsid access (browser-plugins.rules)
 * 1:14486 <-> DISABLED <-> BROWSER-PLUGINS VhdCvtCom.VhdConverter ActiveX function call access (browser-plugins.rules)
 * 1:14488 <-> DISABLED <-> BROWSER-PLUGINS VMSwitchCtl Class ActiveX clsid access (browser-plugins.rules)
 * 1:14490 <-> DISABLED <-> BROWSER-PLUGINS VMSwitchCtl Class ActiveX function call access (browser-plugins.rules)
 * 1:14492 <-> DISABLED <-> BROWSER-PLUGINS VMWare unspecified 18 ActiveX clsid access (browser-plugins.rules)
 * 1:14494 <-> DISABLED <-> BROWSER-PLUGINS VmdbUtil Class ActiveX clsid access (browser-plugins.rules)
 * 1:14496 <-> DISABLED <-> BROWSER-PLUGINS VmdbUtil Class ActiveX function call access (browser-plugins.rules)
 * 1:14498 <-> DISABLED <-> BROWSER-PLUGINS VMWare unspecified 19 ActiveX clsid access (browser-plugins.rules)
 * 1:14500 <-> DISABLED <-> BROWSER-PLUGINS VMwareVpcCvt.VpcC ActiveX clsid access (browser-plugins.rules)
 * 1:14502 <-> DISABLED <-> BROWSER-PLUGINS VMwareVpcCvt.VpcC ActiveX function call access (browser-plugins.rules)
 * 1:14504 <-> DISABLED <-> BROWSER-PLUGINS VmdbCnxUtil Class ActiveX clsid access (browser-plugins.rules)
 * 1:14506 <-> DISABLED <-> BROWSER-PLUGINS VmdbCnxUtil Class ActiveX function call access (browser-plugins.rules)
 * 1:14508 <-> DISABLED <-> BROWSER-PLUGINS Vmc2vmx.CoVPCDrive ActiveX clsid access (browser-plugins.rules)
 * 1:14510 <-> DISABLED <-> BROWSER-PLUGINS Vmc2vmx.CoVPCDrive ActiveX function call access (browser-plugins.rules)
 * 1:14512 <-> DISABLED <-> BROWSER-PLUGINS VMWare unspecified 20 ActiveX clsid access (browser-plugins.rules)
 * 1:14514 <-> DISABLED <-> BROWSER-PLUGINS VMClientVM Class ActiveX clsid access (browser-plugins.rules)
 * 1:14516 <-> DISABLED <-> BROWSER-PLUGINS VMClientVM Class ActiveX function call access (browser-plugins.rules)
 * 1:14518 <-> DISABLED <-> BROWSER-PLUGINS VMWare unspecified 21 ActiveX clsid access (browser-plugins.rules)
 * 1:14520 <-> DISABLED <-> BROWSER-PLUGINS Elevated.VMXCreator ActiveX clsid access (browser-plugins.rules)
 * 1:14522 <-> DISABLED <-> BROWSER-PLUGINS Elevated.VMXCreator ActiveX function call access (browser-plugins.rules)
 * 1:14524 <-> DISABLED <-> BROWSER-PLUGINS VMWare unspecified 22 ActiveX clsid access (browser-plugins.rules)
 * 1:14526 <-> DISABLED <-> BROWSER-PLUGINS HotfixWz Class ActiveX clsid access (browser-plugins.rules)
 * 1:14528 <-> DISABLED <-> BROWSER-PLUGINS HotfixWz Class ActiveX function call access (browser-plugins.rules)
 * 1:14530 <-> DISABLED <-> BROWSER-PLUGINS VmdbUpdates Class ActiveX clsid access (browser-plugins.rules)
 * 1:14532 <-> DISABLED <-> BROWSER-PLUGINS VmdbUpdates Class ActiveX function call access (browser-plugins.rules)
 * 1:14534 <-> DISABLED <-> BROWSER-PLUGINS VMListCtl Class ActiveX clsid access (browser-plugins.rules)
 * 1:14536 <-> DISABLED <-> BROWSER-PLUGINS VMListCtl Class ActiveX function call access (browser-plugins.rules)
 * 1:14538 <-> DISABLED <-> BROWSER-PLUGINS CheckedListViewWnd Class ActiveX clsid access (browser-plugins.rules)
 * 1:14540 <-> DISABLED <-> BROWSER-PLUGINS CheckedListViewWnd Class ActiveX function call access (browser-plugins.rules)
 * 1:14542 <-> DISABLED <-> BROWSER-PLUGINS VMWare unspecified 23 ActiveX clsid access (browser-plugins.rules)
 * 1:14544 <-> DISABLED <-> BROWSER-PLUGINS VmdbTreeCtl Class ActiveX clsid access (browser-plugins.rules)
 * 1:14546 <-> DISABLED <-> BROWSER-PLUGINS VmdbTreeCtl Class ActiveX function call access (browser-plugins.rules)
 * 1:14548 <-> DISABLED <-> BROWSER-PLUGINS Nwz Class ActiveX clsid access (browser-plugins.rules)
 * 1:14550 <-> DISABLED <-> BROWSER-PLUGINS Nwz Class ActiveX function call access (browser-plugins.rules)
 * 1:14552 <-> DISABLED <-> BROWSER-PLUGINS Vmc2vmx.CoVPCDrives ActiveX clsid access (browser-plugins.rules)
 * 1:14554 <-> DISABLED <-> BROWSER-PLUGINS Vmc2vmx.CoVPCDrives ActiveX function call access (browser-plugins.rules)
 * 1:14556 <-> DISABLED <-> BROWSER-PLUGINS MksCtl Class ActiveX clsid access (browser-plugins.rules)
 * 1:14558 <-> DISABLED <-> BROWSER-PLUGINS MksCtl Class ActiveX function call access (browser-plugins.rules)
 * 1:14560 <-> DISABLED <-> BROWSER-PLUGINS VmappPropPath Class ActiveX clsid access (browser-plugins.rules)
 * 1:14562 <-> DISABLED <-> BROWSER-PLUGINS VmappPropPath Class ActiveX function call access (browser-plugins.rules)
 * 1:14564 <-> DISABLED <-> BROWSER-PLUGINS VMWare unspecified 24 ActiveX clsid access (browser-plugins.rules)
 * 1:14566 <-> DISABLED <-> BROWSER-PLUGINS PolicyCtl Class ActiveX clsid access (browser-plugins.rules)
 * 1:14568 <-> DISABLED <-> BROWSER-PLUGINS PolicyCtl Class ActiveX function call access (browser-plugins.rules)
 * 1:14570 <-> DISABLED <-> BROWSER-PLUGINS VmdbParseError Class ActiveX clsid access (browser-plugins.rules)
 * 1:14572 <-> DISABLED <-> BROWSER-PLUGINS VmdbParseError Class ActiveX function call access (browser-plugins.rules)
 * 1:14574 <-> DISABLED <-> BROWSER-PLUGINS NavigationCtl Class ActiveX clsid access (browser-plugins.rules)
 * 1:14576 <-> DISABLED <-> BROWSER-PLUGINS NavigationCtl Class ActiveX function call access (browser-plugins.rules)
 * 1:14578 <-> DISABLED <-> BROWSER-PLUGINS VMList Class ActiveX clsid access (browser-plugins.rules)
 * 1:14580 <-> DISABLED <-> BROWSER-PLUGINS VMList Class ActiveX function call access (browser-plugins.rules)
 * 1:14582 <-> DISABLED <-> BROWSER-PLUGINS VMWare unspecified 25 ActiveX clsid access (browser-plugins.rules)
 * 1:14584 <-> DISABLED <-> BROWSER-PLUGINS VMWare unspecified 26 ActiveX clsid access (browser-plugins.rules)
 * 1:14586 <-> DISABLED <-> BROWSER-PLUGINS CurrentVMCtl Class ActiveX clsid access (browser-plugins.rules)
 * 1:14588 <-> DISABLED <-> BROWSER-PLUGINS CurrentVMCtl Class ActiveX function call access (browser-plugins.rules)
 * 1:14590 <-> DISABLED <-> BROWSER-PLUGINS VhdCvtCom.DiskLibHelper ActiveX clsid access (browser-plugins.rules)
 * 1:14592 <-> DISABLED <-> BROWSER-PLUGINS VhdCvtCom.DiskLibHelper ActiveX function call access (browser-plugins.rules)
 * 1:14594 <-> DISABLED <-> BROWSER-PLUGINS Peachtree Accounting 2004 ActiveX clsid access (browser-plugins.rules)
 * 1:14596 <-> DISABLED <-> BROWSER-PLUGINS ComponentOne VSFlexGrid ActiveX clsid access (browser-plugins.rules)
 * 1:14598 <-> DISABLED <-> BROWSER-PLUGINS ComponentOne VSFlexGrid ActiveX function call access (browser-plugins.rules)
 * 1:14603 <-> DISABLED <-> BROWSER-PLUGINS Data Dynamics ActiveReport ARViewer2 ActiveX clsid access (browser-plugins.rules)
 * 1:14605 <-> DISABLED <-> BROWSER-PLUGINS Data Dynamics ActiveReport ARViewer2 ActiveX function call access (browser-plugins.rules)
 * 1:14610 <-> ENABLED <-> SERVER-WEBAPP Joomla invalid token administrative password reset attempt (server-webapp.rules)
 * 1:14611 <-> ENABLED <-> BROWSER-PLUGINS VMWare VMCtl Class ActiveX clsid access (browser-plugins.rules)
 * 1:14613 <-> DISABLED <-> BROWSER-PLUGINS VMWare VMCtl Class ActiveX function call access (browser-plugins.rules)
 * 1:14631 <-> DISABLED <-> BROWSER-PLUGINS SystemRequirementsLab ActiveX clsid access (browser-plugins.rules)
 * 1:14633 <-> DISABLED <-> BROWSER-PLUGINS PhotoStockPlus ActiveX clsid access (browser-plugins.rules)
 * 1:14635 <-> DISABLED <-> BROWSER-PLUGINS Microsoft RSClientPrint ActiveX clsid access (browser-plugins.rules)
 * 1:14637 <-> DISABLED <-> BROWSER-PLUGINS Microsoft PicturePusher ActiveX clsid access (browser-plugins.rules)
 * 1:14639 <-> DISABLED <-> BROWSER-PLUGINS Microsoft PicturePusher ActiveX function call access (browser-plugins.rules)
 * 1:14647 <-> ENABLED <-> OS-WINDOWS SMB Search Search filename size integer underflow attempt (os-windows.rules)
 * 1:14648 <-> ENABLED <-> OS-WINDOWS SMB Search unicode Search filename size integer underflow attempt (os-windows.rules)
 * 1:14649 <-> ENABLED <-> OS-WINDOWS SMB Search Search filename size integer underflow attempt (os-windows.rules)
 * 1:14650 <-> ENABLED <-> OS-WINDOWS SMB Search unicode Search filename size integer underflow attempt (os-windows.rules)
 * 1:14651 <-> ENABLED <-> OS-WINDOWS SMB Search andx Search filename size integer underflow attempt (os-windows.rules)
 * 1:14652 <-> ENABLED <-> OS-WINDOWS SMB Search unicode andx Search filename size integer underflow attempt (os-windows.rules)
 * 1:14653 <-> DISABLED <-> OS-WINDOWS SMB Search andx Search filename size integer underflow attempt (os-windows.rules)
 * 1:14654 <-> DISABLED <-> OS-WINDOWS SMB Search unicode andx Search filename size integer underflow attempt (os-windows.rules)
 * 1:14710 <-> DISABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP spoolss EnumJobs attempt (os-windows.rules)
 * 1:14725 <-> ENABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP mqqm QMGetRemoteQueueName overflow attempt (os-windows.rules)
 * 1:14726 <-> ENABLED <-> OS-WINDOWS DCERPC NCADG-IP-UDP mqqm QMGetRemoteQueueName overflow attempt (os-windows.rules)
 * 1:14737 <-> ENABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP host-integration bind attempt (os-windows.rules)
 * 1:14744 <-> DISABLED <-> BROWSER-PLUGINS Hummingbird HostExplorer ActiveX clsid access (browser-plugins.rules)
 * 1:14746 <-> DISABLED <-> BROWSER-PLUGINS Autodesk DWF Viewer ActiveX clsid access (browser-plugins.rules)
 * 1:14748 <-> ENABLED <-> BROWSER-PLUGINS Autodesk LiveUpdate ActiveX clsid access (browser-plugins.rules)
 * 1:14750 <-> DISABLED <-> BROWSER-PLUGINS Autodesk LiveUpdate ActiveX function call access (browser-plugins.rules)
 * 1:14752 <-> DISABLED <-> BROWSER-PLUGINS Novell ZENworks Desktop Management ActiveX clsid access (browser-plugins.rules)
 * 1:14754 <-> DISABLED <-> BROWSER-PLUGINS Novell ZENworks Desktop Management ActiveX function call access (browser-plugins.rules)
 * 1:14756 <-> ENABLED <-> BROWSER-PLUGINS Microsoft SQL Server 2000 Client Components ActiveX clsid access (browser-plugins.rules)
 * 1:14758 <-> DISABLED <-> BROWSER-PLUGINS Microsoft SQL Server 2000 Client Components ActiveX function call access (browser-plugins.rules)
 * 1:14760 <-> DISABLED <-> BROWSER-PLUGINS iseemedia LPViewer ActiveX clsid access (browser-plugins.rules)
 * 1:14762 <-> DISABLED <-> BROWSER-PLUGINS iseemedia LPViewer ActiveX function call access (browser-plugins.rules)
 * 1:14764 <-> ENABLED <-> BROWSER-PLUGINS Macrovision InstallShield Update Service Agent ActiveX clsid access (browser-plugins.rules)
 * 1:14765 <-> ENABLED <-> BROWSER-PLUGINS Macrovision InstallShield Update Service Agent ActiveX function call (browser-plugins.rules)
 * 1:14768 <-> ENABLED <-> SERVER-OTHER Symantec Veritas Storage Scheduler Service NULL Session auth bypass attempt (server-other.rules)
 * 1:14774 <-> DISABLED <-> SERVER-OTHER HP OpenView Network Node Manger connectedNodes command injection attempt (server-other.rules)
 * 1:14775 <-> DISABLED <-> SERVER-OTHER HP OpenView Network Node Manger cdpnode command injection attempt (server-other.rules)
 * 1:14776 <-> DISABLED <-> SERVER-OTHER HP OpenView Network Node Manager freeIPaddrs command injection attempt (server-other.rules)
 * 1:14778 <-> DISABLED <-> BROWSER-PLUGINS Dart Communications PowerTCP FTP ActiveX clsid access (browser-plugins.rules)
 * 1:14780 <-> DISABLED <-> BROWSER-PLUGINS Dart Communications PowerTCP FTP ActiveX function call access (browser-plugins.rules)
 * 1:14782 <-> ENABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP srvsvc NetrpPathCanonicalize path canonicalization stack overflow attempt (os-windows.rules)
 * 1:14783 <-> ENABLED <-> OS-WINDOWS DCERPC NCADG-IP-UDP srvsvc NetrpPathCanonicalize path canonicalization stack overflow attempt (os-windows.rules)
 * 1:1489 <-> DISABLED <-> SERVER-WEBAPP /~nobody access (server-webapp.rules)
 * 1:14896 <-> ENABLED <-> OS-WINDOWS SMB v4 srvsvc NetrpPathCononicalize unicode path cononicalization stack overflow attempt (os-windows.rules)
 * 1:14897 <-> DISABLED <-> BROWSER-PLUGINS HP Software Update RulesEngine.dll ActiveX function call access (browser-plugins.rules)
 * 1:1490 <-> DISABLED <-> SERVER-WEBAPP Phorum /support/common.php attempt (server-webapp.rules)
 * 1:1491 <-> DISABLED <-> SERVER-WEBAPP Phorum /support/common.php access (server-webapp.rules)
 * 1:1492 <-> DISABLED <-> SERVER-WEBAPP RBS ISP /newuser  directory traversal attempt (server-webapp.rules)
 * 1:1493 <-> DISABLED <-> SERVER-WEBAPP RBS ISP /newuser access (server-webapp.rules)
 * 1:14989 <-> DISABLED <-> SERVER-WEBAPP Novell eDirectory SOAP Accept Language header overflow attempt (server-webapp.rules)
 * 1:1499 <-> DISABLED <-> SERVER-WEBAPP SiteScope Service access (server-webapp.rules)
 * 1:14990 <-> DISABLED <-> SERVER-WEBAPP Novell eDirectory SOAP Accept Charset header overflow attempt (server-webapp.rules)
 * 1:14992 <-> ENABLED <-> SERVER-WEBAPP Openwsman HTTP basic authentication buffer overflow attempt (server-webapp.rules)
 * 1:14993 <-> DISABLED <-> BROWSER-PLUGINS Visagesoft eXPert PDF Viewer ActiveX clsid access (browser-plugins.rules)
 * 1:14995 <-> DISABLED <-> BROWSER-PLUGINS Visagesoft eXPert PDF Viewer ActiveX function call access (browser-plugins.rules)
 * 1:14997 <-> DISABLED <-> BROWSER-PLUGINS DjVu MSOffice Converter ActiveX clsid access (browser-plugins.rules)
 * 1:14999 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Debug Diagnostic Tool ActiveX clsid access (browser-plugins.rules)
 * 1:1500 <-> DISABLED <-> SERVER-WEBAPP ExAir access (server-webapp.rules)
 * 1:15001 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Debug Diagnostic Tool ActiveX function call access (browser-plugins.rules)
 * 1:15003 <-> DISABLED <-> BROWSER-PLUGINS Chilkat Crypt 2 ActiveX clsid access (browser-plugins.rules)
 * 1:15005 <-> DISABLED <-> BROWSER-PLUGINS Chilkat Crypt 2 ActiveX function call access (browser-plugins.rules)
 * 1:15007 <-> DISABLED <-> BROWSER-PLUGINS NOS Microsystems / Adobe getPlus Download Manager ActiveX clsid access (browser-plugins.rules)
 * 1:15015 <-> ENABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP wkssvc NetrUseAdd/NetrUseGetInfo/NetrUseDel overflow attempt (os-windows.rules)
 * 1:15069 <-> DISABLED <-> BROWSER-PLUGINS SAP AG SAPgui mdrmsap ActiveX clsid access (browser-plugins.rules)
 * 1:15081 <-> DISABLED <-> FILE-OTHER Oracle Java Web Start xml encoding buffer overflow attempt (file-other.rules)
 * 1:15084 <-> ENABLED <-> BROWSER-PLUGINS Microsoft Windows Common Controls Animation Object ActiveX clsid access (browser-plugins.rules)
 * 1:15086 <-> ENABLED <-> BROWSER-PLUGINS Microsoft Windows Common Controls Animation Object ActiveX function call access (browser-plugins.rules)
 * 1:15088 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Visual Basic Charts ActiveX clsid access (browser-plugins.rules)
 * 1:15090 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Visual Basic Charts ActiveX function call access (browser-plugins.rules)
 * 1:15092 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Visual Basic DataGrid ActiveX clsid access (browser-plugins.rules)
 * 1:15094 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Visual Basic DataGrid ActiveX function call access (browser-plugins.rules)
 * 1:15096 <-> ENABLED <-> BROWSER-PLUGINS Microsoft Windows Visual Basic FlexGrid ActiveX clsid access (browser-plugins.rules)
 * 1:15098 <-> ENABLED <-> BROWSER-PLUGINS Microsoft Windows Visual Basic FlexGrid ActiveX function call access (browser-plugins.rules)
 * 1:15100 <-> ENABLED <-> BROWSER-PLUGINS Microsoft Windows Visual Basic Hierarchical FlexGrid ActiveX clsid access (browser-plugins.rules)
 * 1:15102 <-> ENABLED <-> BROWSER-PLUGINS Microsoft Windows Visual Basic Hierarchical FlexGrid ActiveX function call access (browser-plugins.rules)
 * 1:15109 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Shell.Explorer 1 ActiveX clsid access (browser-plugins.rules)
 * 1:15112 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Shell.Explorer 2 ActiveX function call access (browser-plugins.rules)
 * 1:15122 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Shell.Explorer 2 ActiveX clsid access (browser-plugins.rules)
 * 1:15127 <-> DISABLED <-> OS-WINDOWS SMB sp_replwritetovarbin vulnerable function WriteAndX andx attempt (os-windows.rules)
 * 1:15128 <-> DISABLED <-> OS-WINDOWS SMB sp_replwritetovarbin vulnerable function WriteAndX attempt (os-windows.rules)
 * 1:15129 <-> DISABLED <-> OS-WINDOWS SMB sp_replwritetovarbin vulnerable function WriteAndX unicode andx attempt (os-windows.rules)
 * 1:15130 <-> DISABLED <-> OS-WINDOWS SMB sp_replwritetovarbin vulnerable function WriteAndX unicode attempt (os-windows.rules)
 * 1:15131 <-> DISABLED <-> OS-WINDOWS SMB sp_replwritetovarbin vulnerable function andx attempt (os-windows.rules)
 * 1:15132 <-> DISABLED <-> OS-WINDOWS SMB sp_replwritetovarbin vulnerable function attempt (os-windows.rules)
 * 1:15133 <-> DISABLED <-> OS-WINDOWS SMB sp_replwritetovarbin vulnerable function unicode andx attempt (os-windows.rules)
 * 1:15134 <-> DISABLED <-> OS-WINDOWS SMB sp_replwritetovarbin vulnerable function unicode attempt (os-windows.rules)
 * 1:15135 <-> DISABLED <-> OS-WINDOWS SMB sp_replwritetovarbin vulnerable function WriteAndX andx attempt (os-windows.rules)
 * 1:15136 <-> DISABLED <-> OS-WINDOWS SMB sp_replwritetovarbin vulnerable function WriteAndX attempt (os-windows.rules)
 * 1:15137 <-> DISABLED <-> OS-WINDOWS SMB sp_replwritetovarbin vulnerable function WriteAndX unicode andx attempt (os-windows.rules)
 * 1:15138 <-> DISABLED <-> OS-WINDOWS SMB sp_replwritetovarbin vulnerable function WriteAndX unicode attempt (os-windows.rules)
 * 1:15139 <-> DISABLED <-> OS-WINDOWS SMB sp_replwritetovarbin vulnerable function andx attempt (os-windows.rules)
 * 1:15140 <-> DISABLED <-> OS-WINDOWS SMB sp_replwritetovarbin vulnerable function attempt (os-windows.rules)
 * 1:15141 <-> DISABLED <-> OS-WINDOWS SMB sp_replwritetovarbin vulnerable function unicode andx attempt (os-windows.rules)
 * 1:15142 <-> DISABLED <-> OS-WINDOWS SMB sp_replwritetovarbin vulnerable function unicode attempt (os-windows.rules)
 * 1:15143 <-> DISABLED <-> SERVER-MSSQL sp_replwritetovarbin unicode vulnerable function attempt (server-mssql.rules)
 * 1:15144 <-> DISABLED <-> SERVER-MSSQL sp_replwritetovarbin vulnerable function attempt (server-mssql.rules)
 * 1:15150 <-> ENABLED <-> PUA-OTHER Jive Software Openfire Jabber Server login Authentication bypass attempt (pua-other.rules)
 * 1:15151 <-> ENABLED <-> PUA-OTHER Jive Software Openfire Jabber Server logout Authentication bypass attempt (pua-other.rules)
 * 1:15152 <-> ENABLED <-> PUA-OTHER Jive Software Openfire Jabber Server setup-index Authentication bypass attempt (pua-other.rules)
 * 1:15153 <-> ENABLED <-> PUA-OTHER Jive Software Openfire Jabber Server setup Authentication bypass attempt (pua-other.rules)
 * 1:15154 <-> ENABLED <-> PUA-OTHER Jive Software Openfire Jabber Server gif Authentication bypass attempt (pua-other.rules)
 * 1:15155 <-> ENABLED <-> PUA-OTHER Jive Software Openfire Jabber Server png Authentication bypass attempt (pua-other.rules)
 * 1:15156 <-> ENABLED <-> PUA-OTHER Jive Software Openfire Jabber Server serverdown Authentication bypass attempt (pua-other.rules)
 * 1:15159 <-> DISABLED <-> BROWSER-PLUGINS Evans FTP ActiveX clsid access (browser-plugins.rules)
 * 1:15161 <-> DISABLED <-> BROWSER-PLUGINS Evans FTP ActiveX function call access (browser-plugins.rules)
 * 1:15173 <-> DISABLED <-> BROWSER-PLUGINS Phoenician Casino ActiveX clsid access (browser-plugins.rules)
 * 1:15175 <-> DISABLED <-> BROWSER-PLUGINS Phoenician Casino ActiveX function call access (browser-plugins.rules)
 * 1:15177 <-> DISABLED <-> BROWSER-PLUGINS Trend Micro HouseCall ActiveX clsid access (browser-plugins.rules)
 * 1:15179 <-> DISABLED <-> BROWSER-PLUGINS Trend Micro HouseCall ActiveX function call access (browser-plugins.rules)
 * 1:1518 <-> DISABLED <-> SERVER-WEBAPP nstelemetry.adp access (server-webapp.rules)
 * 1:15181 <-> DISABLED <-> BROWSER-PLUGINS SaschArt SasCam Webcam Server ActiveX clsid access (browser-plugins.rules)
 * 1:15186 <-> DISABLED <-> SERVER-OTHER Multiple vendors CUPS HPGL filter remote code execution attempt (server-other.rules)
 * 1:15188 <-> DISABLED <-> SERVER-OTHER Multiple vendors CUPS HPGL filter remote code execution attempt (server-other.rules)
 * 1:1519 <-> DISABLED <-> SERVER-WEBAPP apache ?M=D directory list attempt (server-webapp.rules)
 * 1:15190 <-> ENABLED <-> SERVER-WEBAPP Youngzsoft CCProxy CONNECT Request buffer overflow attempt (server-webapp.rules)
 * 1:15192 <-> DISABLED <-> BROWSER-PLUGINS SizerOne ActiveX clsid access (browser-plugins.rules)
 * 1:15194 <-> DISABLED <-> BROWSER-PLUGINS SizerOne ActiveX function call access (browser-plugins.rules)
 * 1:15196 <-> DISABLED <-> OS-WINDOWS SMB NT Trans NT CREATE unicode param_count underflow attempt (os-windows.rules)
 * 1:15197 <-> DISABLED <-> OS-WINDOWS SMB NT Trans NT CREATE param_count underflow attempt (os-windows.rules)
 * 1:15198 <-> DISABLED <-> OS-WINDOWS SMB NT Trans NT CREATE unicode param_count underflow attempt (os-windows.rules)
 * 1:15199 <-> DISABLED <-> OS-WINDOWS SMB NT Trans NT CREATE param_count underflow attempt (os-windows.rules)
 * 1:1520 <-> DISABLED <-> SERVER-WEBAPP server-info access (server-webapp.rules)
 * 1:15200 <-> DISABLED <-> OS-WINDOWS SMB NT Trans NT CREATE unicode andx param_count underflow attempt (os-windows.rules)
 * 1:15201 <-> DISABLED <-> OS-WINDOWS SMB NT Trans NT CREATE andx param_count underflow attempt (os-windows.rules)
 * 1:15202 <-> DISABLED <-> OS-WINDOWS SMB NT Trans NT CREATE unicode andx param_count underflow attempt (os-windows.rules)
 * 1:15203 <-> DISABLED <-> OS-WINDOWS SMB NT Trans NT CREATE andx param_count underflow attempt (os-windows.rules)
 * 1:15204 <-> DISABLED <-> OS-WINDOWS SMB NT Trans NT CREATE unicode max_param_count underflow attempt (os-windows.rules)
 * 1:15205 <-> DISABLED <-> OS-WINDOWS SMB NT Trans NT CREATE unicode max_param_count underflow attempt (os-windows.rules)
 * 1:15206 <-> DISABLED <-> OS-WINDOWS SMB NT Trans NT CREATE max_param_count underflow attempt (os-windows.rules)
 * 1:15207 <-> DISABLED <-> OS-WINDOWS SMB NT Trans NT CREATE max_param_count underflow attempt (os-windows.rules)
 * 1:15208 <-> DISABLED <-> OS-WINDOWS SMB NT Trans NT CREATE unicode andx max_param_count underflow attempt (os-windows.rules)
 * 1:15209 <-> DISABLED <-> OS-WINDOWS SMB NT Trans NT CREATE unicode andx max_param_count underflow attempt (os-windows.rules)
 * 1:1521 <-> DISABLED <-> SERVER-WEBAPP server-status access (server-webapp.rules)
 * 1:15210 <-> DISABLED <-> OS-WINDOWS SMB NT Trans NT CREATE andx max_param_count underflow attempt (os-windows.rules)
 * 1:15211 <-> DISABLED <-> OS-WINDOWS SMB NT Trans NT CREATE andx max_param_count underflow attempt (os-windows.rules)
 * 1:15212 <-> DISABLED <-> OS-WINDOWS SMB Trans2 OPEN2 max_param_count underflow attempt (os-windows.rules)
 * 1:15213 <-> DISABLED <-> OS-WINDOWS SMB Trans2 OPEN2 unicode max_param_count underflow attempt (os-windows.rules)
 * 1:15214 <-> DISABLED <-> OS-WINDOWS SMB Trans2 OPEN2 max_param_count underflow attempt (os-windows.rules)
 * 1:15215 <-> DISABLED <-> OS-WINDOWS SMB Trans2 OPEN2 unicode max_param_count underflow attempt (os-windows.rules)
 * 1:15216 <-> DISABLED <-> OS-WINDOWS SMB Trans2 OPEN2 andx max_param_count underflow attempt (os-windows.rules)
 * 1:15217 <-> DISABLED <-> OS-WINDOWS SMB Trans2 OPEN2 unicode andx max_param_count underflow attempt (os-windows.rules)
 * 1:15218 <-> DISABLED <-> OS-WINDOWS SMB Trans2 OPEN2 andx max_param_count underflow attempt (os-windows.rules)
 * 1:15219 <-> DISABLED <-> OS-WINDOWS SMB Trans2 OPEN2 unicode andx max_param_count underflow attempt (os-windows.rules)
 * 1:1522 <-> DISABLED <-> SERVER-WEBAPP ans.pl attempt (server-webapp.rules)
 * 1:15220 <-> DISABLED <-> OS-WINDOWS SMB Trans2 OPEN2 unicode param_count underflow attempt (os-windows.rules)
 * 1:15221 <-> DISABLED <-> OS-WINDOWS SMB Trans2 OPEN2 param_count underflow attempt (os-windows.rules)
 * 1:15222 <-> DISABLED <-> OS-WINDOWS SMB Trans2 OPEN2 param_count underflow attempt (os-windows.rules)
 * 1:15223 <-> DISABLED <-> OS-WINDOWS SMB Trans2 OPEN2 unicode param_count underflow attempt (os-windows.rules)
 * 1:15224 <-> DISABLED <-> OS-WINDOWS SMB Trans2 OPEN2 unicode andx param_count underflow attempt (os-windows.rules)
 * 1:15225 <-> DISABLED <-> OS-WINDOWS SMB Trans2 OPEN2 andx param_count underflow attempt (os-windows.rules)
 * 1:15226 <-> DISABLED <-> OS-WINDOWS SMB Trans2 OPEN2 andx param_count underflow attempt (os-windows.rules)
 * 1:15227 <-> DISABLED <-> OS-WINDOWS SMB Trans2 OPEN2 unicode andx param_count underflow attempt (os-windows.rules)
 * 1:15228 <-> DISABLED <-> BROWSER-PLUGINS Ciansoft PDFBuilderX ActiveX clsid access (browser-plugins.rules)
 * 1:1523 <-> DISABLED <-> SERVER-WEBAPP ans.pl access (server-webapp.rules)
 * 1:15230 <-> ENABLED <-> BROWSER-PLUGINS Microsoft Office Viewer 2 ActiveX clsid access (browser-plugins.rules)
 * 1:15232 <-> DISABLED <-> BROWSER-PLUGINS Easy Grid ActiveX clsid access (browser-plugins.rules)
 * 1:15234 <-> DISABLED <-> BROWSER-PLUGINS Easy Grid ActiveX function call access (browser-plugins.rules)
 * 1:1524 <-> DISABLED <-> SERVER-WEBAPP Axis Storpoint CD attempt (server-webapp.rules)
 * 1:15243 <-> DISABLED <-> BROWSER-PLUGINS AXIS Camera ActiveX clsid access (browser-plugins.rules)
 * 1:15245 <-> DISABLED <-> BROWSER-PLUGINS AXIS Camera ActiveX function call access (browser-plugins.rules)
 * 1:15247 <-> DISABLED <-> BROWSER-PLUGINS JamDTA ActiveX clsid access (browser-plugins.rules)
 * 1:15249 <-> DISABLED <-> BROWSER-PLUGINS SmartVMD ActiveX clsid access (browser-plugins.rules)
 * 1:1525 <-> DISABLED <-> SERVER-WEBAPP Axis Storpoint CD access (server-webapp.rules)
 * 1:15251 <-> DISABLED <-> BROWSER-PLUGINS MetaProducts MetaTreeX ActiveX clsid access (browser-plugins.rules)
 * 1:15253 <-> DISABLED <-> BROWSER-PLUGINS MetaProducts MetaTreeX ActiveX function call access (browser-plugins.rules)
 * 1:1526 <-> DISABLED <-> SERVER-WEBAPP basilix sendmail.inc access (server-webapp.rules)
 * 1:15266 <-> DISABLED <-> BROWSER-PLUGINS MW6 Technologies Barcode ActiveX clsid access (browser-plugins.rules)
 * 1:15268 <-> DISABLED <-> BROWSER-PLUGINS MW6 Technologies Barcode ActiveX function call access (browser-plugins.rules)
 * 1:1527 <-> DISABLED <-> SERVER-WEBAPP basilix mysql.class access (server-webapp.rules)
 * 1:15270 <-> DISABLED <-> BROWSER-PLUGINS MW6 Technologies PDF417 ActiveX clsid access (browser-plugins.rules)
 * 1:15272 <-> DISABLED <-> BROWSER-PLUGINS MW6 Technologies PDF417 ActiveX function call access (browser-plugins.rules)
 * 1:15274 <-> DISABLED <-> BROWSER-PLUGINS MW6 Technologies DataMatrix ActiveX clsid access (browser-plugins.rules)
 * 1:15276 <-> DISABLED <-> BROWSER-PLUGINS MW6 Technologies DataMatrix ActiveX function call access (browser-plugins.rules)
 * 1:15278 <-> DISABLED <-> BROWSER-PLUGINS MW6 Technologies Aztec ActiveX clsid access (browser-plugins.rules)
 * 1:1528 <-> DISABLED <-> SERVER-WEBAPP BBoard access (server-webapp.rules)
 * 1:15280 <-> DISABLED <-> BROWSER-PLUGINS MW6 Technologies Aztec ActiveX function call access (browser-plugins.rules)
 * 1:15282 <-> DISABLED <-> BROWSER-PLUGINS FlexCell Grid ActiveX clsid access (browser-plugins.rules)
 * 1:15284 <-> DISABLED <-> BROWSER-PLUGINS NCTAudioGrabber2 ActiveX clsid access (browser-plugins.rules)
 * 1:15286 <-> DISABLED <-> BROWSER-PLUGINS NCTAudioGrabber2 ActiveX function call access (browser-plugins.rules)
 * 1:15288 <-> DISABLED <-> BROWSER-PLUGINS NCTAudioInformation2 ActiveX clsid access (browser-plugins.rules)
 * 1:15290 <-> DISABLED <-> BROWSER-PLUGINS NCTAudioInformation2 ActiveX function call access (browser-plugins.rules)
 * 1:15307 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Animation Control ActiveX clsid access (browser-plugins.rules)
 * 1:15309 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Animation Control ActiveX function call access (browser-plugins.rules)
 * 1:15311 <-> ENABLED <-> BROWSER-PLUGINS Research In Motion AxLoader ActiveX clsid access (browser-plugins.rules)
 * 1:15313 <-> DISABLED <-> BROWSER-PLUGINS Research In Motion AxLoader ActiveX function call access (browser-plugins.rules)
 * 1:15315 <-> DISABLED <-> BROWSER-PLUGINS Akamai DownloadManager ActiveX clsid access (browser-plugins.rules)
 * 1:15317 <-> DISABLED <-> BROWSER-PLUGINS Akamai DownloadManager ActiveX function call access (browser-plugins.rules)
 * 1:15330 <-> DISABLED <-> BROWSER-PLUGINS Nokia Phoenix Service 1 ActiveX clsid access (browser-plugins.rules)
 * 1:15332 <-> DISABLED <-> BROWSER-PLUGINS Nokia Phoenix Service 2 ActiveX clsid access (browser-plugins.rules)
 * 1:15334 <-> DISABLED <-> BROWSER-PLUGINS GeoVision LiveX 7000 ActiveX clsid access (browser-plugins.rules)
 * 1:15336 <-> DISABLED <-> BROWSER-PLUGINS GeoVision LiveX 7000 ActiveX function call access (browser-plugins.rules)
 * 1:15338 <-> DISABLED <-> BROWSER-PLUGINS GeoVision LiveX 8120 ActiveX clsid access (browser-plugins.rules)
 * 1:15340 <-> DISABLED <-> BROWSER-PLUGINS GeoVision LiveX 8120 ActiveX function call access (browser-plugins.rules)
 * 1:15342 <-> DISABLED <-> BROWSER-PLUGINS GeoVision LiveX 8200 ActiveX clsid access (browser-plugins.rules)
 * 1:15344 <-> DISABLED <-> BROWSER-PLUGINS GeoVision LiveX 8200 ActiveX function call access (browser-plugins.rules)
 * 1:15346 <-> DISABLED <-> BROWSER-PLUGINS Synactis ALL In-The-Box ActiveX clsid access (browser-plugins.rules)
 * 1:15348 <-> DISABLED <-> BROWSER-PLUGINS Synactis ALL In-The-Box ActiveX function call access (browser-plugins.rules)
 * 1:15350 <-> DISABLED <-> BROWSER-PLUGINS Web on Windows ActiveX clsid access (browser-plugins.rules)
 * 1:15352 <-> DISABLED <-> BROWSER-PLUGINS Web on Windows ActiveX function call access (browser-plugins.rules)
 * 1:15368 <-> DISABLED <-> BROWSER-PLUGINS FathFTP ActiveX clsid access (browser-plugins.rules)
 * 1:15370 <-> DISABLED <-> BROWSER-PLUGINS FathFTP ActiveX function call access (browser-plugins.rules)
 * 1:15372 <-> DISABLED <-> BROWSER-PLUGINS iDefense COMRaider ActiveX clsid access (browser-plugins.rules)
 * 1:15374 <-> DISABLED <-> BROWSER-PLUGINS iDefense COMRaider ActiveX function call access (browser-plugins.rules)
 * 1:15376 <-> DISABLED <-> BROWSER-PLUGINS Sopcast SopCore ActiveX clsid access (browser-plugins.rules)
 * 1:15378 <-> DISABLED <-> BROWSER-PLUGINS Sopcast SopCore ActiveX function call access (browser-plugins.rules)
 * 1:1538 <-> DISABLED <-> NNTP AUTHINFO USER overflow attempt (nntp.rules)
 * 1:15380 <-> DISABLED <-> BROWSER-PLUGINS HP Virtual Rooms v7 ActiveX clsid access (browser-plugins.rules)
 * 1:15387 <-> DISABLED <-> OS-WINDOWS udp WINS WPAD registration attempt (os-windows.rules)
 * 1:15424 <-> DISABLED <-> SERVER-WEBAPP phpBB mod shoutbox sql injection attempt (server-webapp.rules)
 * 1:15425 <-> DISABLED <-> SERVER-WEBAPP phpBB mod tag board sql injection attempt (server-webapp.rules)
 * 1:15432 <-> DISABLED <-> SERVER-WEBAPP wordpress cat parameter arbitrary file execution attempt (server-webapp.rules)
 * 1:15434 <-> ENABLED <-> SERVER-WEBAPP HP OpenView Network Node Manager OvOSLocale parameter buffer overflow attempt (server-webapp.rules)
 * 1:1544 <-> DISABLED <-> SERVER-WEBAPP Cisco Catalyst command execution attempt (server-webapp.rules)
 * 1:15446 <-> DISABLED <-> SERVER-WEBAPP Novell eDirectory management console Accept-Language buffer overflow attempt (server-webapp.rules)
 * 1:1546 <-> DISABLED <-> SERVER-WEBAPP Cisco /%% DOS attempt (server-webapp.rules)
 * 1:15477 <-> DISABLED <-> SERVER-WEBAPP Oracle BEA WebLogic overlong JESSIONID buffer overflow attempt (server-webapp.rules)
 * 1:15485 <-> ENABLED <-> SERVER-MAIL IBM Lotus Notes DOC attachment viewer buffer overflow (server-mail.rules)
 * 1:15488 <-> ENABLED <-> SERVER-ORACLE Oracle Database Application Express Component APEX password hash disclosure attempt (server-oracle.rules)
 * 1:15489 <-> ENABLED <-> PUA-OTHER Cerulean Studios Trillian image filename handling XML tag overflow attempt (pua-other.rules)
 * 1:1549 <-> DISABLED <-> SERVER-MAIL HELO overflow attempt (server-mail.rules)
 * 1:15490 <-> ENABLED <-> OS-LINUX Linux SCTP malformed forward-tsn chunk arbitrary code execution attempt (os-linux.rules)
 * 1:15491 <-> DISABLED <-> SERVER-WEBAPP Subversion 1.0.2 dated-rev-report buffer overflow attempt (server-webapp.rules)
 * 1:1550 <-> DISABLED <-> SERVER-MAIL ETRN overflow attempt (server-mail.rules)
 * 1:1551 <-> DISABLED <-> SERVER-WEBAPP /CVS/Entries access (server-webapp.rules)
 * 1:15512 <-> ENABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP rpcss2_RemoteGetClassObject attempt (os-windows.rules)
 * 1:15513 <-> ENABLED <-> OS-WINDOWS DCERPC NCADG-IP-UDP rpcss2_RemoteGetClassObject attempt (os-windows.rules)
 * 1:1552 <-> DISABLED <-> SERVER-WEBAPP cvsweb version access (server-webapp.rules)
 * 1:15543 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Communications Control v6 ActiveX clsid access (browser-plugins.rules)
 * 1:15545 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Communications Control v6 ActiveX function call access (browser-plugins.rules)
 * 1:15547 <-> DISABLED <-> BROWSER-PLUGINS eBay Picture Uploads control 1 ActiveX clsid access (browser-plugins.rules)
 * 1:15549 <-> DISABLED <-> BROWSER-PLUGINS eBay Picture Uploads control 1 ActiveX function call access (browser-plugins.rules)
 * 1:15551 <-> DISABLED <-> BROWSER-PLUGINS eBay Picture Uploads control 2 ActiveX clsid access (browser-plugins.rules)
 * 1:15557 <-> DISABLED <-> BROWSER-PLUGINS SAP AG SAPgui EnjoySAP ActiveX clsid access (browser-plugins.rules)
 * 1:15574 <-> DISABLED <-> SERVER-MAIL MAIL FROM command overflow attempt (server-mail.rules)
 * 1:1558 <-> DISABLED <-> SERVER-WEBAPP Delegate whois overflow attempt (server-webapp.rules)
 * 1:15588 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 1 ActiveX clsid access (browser-plugins.rules)
 * 1:1559 <-> DISABLED <-> SERVER-WEBAPP /doc/packages access (server-webapp.rules)
 * 1:15590 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 10 ActiveX clsid access (browser-plugins.rules)
 * 1:15592 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 11 ActiveX clsid access (browser-plugins.rules)
 * 1:15594 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 12 ActiveX clsid access (browser-plugins.rules)
 * 1:15596 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 13 ActiveX clsid access (browser-plugins.rules)
 * 1:15598 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 14 ActiveX clsid access (browser-plugins.rules)
 * 1:1560 <-> DISABLED <-> SERVER-WEBAPP /doc/ access (server-webapp.rules)
 * 1:15600 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 15 ActiveX clsid access (browser-plugins.rules)
 * 1:15602 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 16 ActiveX clsid access (browser-plugins.rules)
 * 1:15604 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 17 ActiveX clsid access (browser-plugins.rules)
 * 1:15606 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 18 ActiveX clsid access (browser-plugins.rules)
 * 1:15608 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 19 ActiveX clsid access (browser-plugins.rules)
 * 1:15610 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 2 ActiveX clsid access (browser-plugins.rules)
 * 1:15612 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 20 ActiveX clsid access (browser-plugins.rules)
 * 1:15614 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 21 ActiveX clsid access (browser-plugins.rules)
 * 1:15616 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 22 ActiveX clsid access (browser-plugins.rules)
 * 1:15618 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 23 ActiveX clsid access (browser-plugins.rules)
 * 1:15620 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 24 ActiveX clsid access (browser-plugins.rules)
 * 1:15622 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 25 ActiveX clsid access (browser-plugins.rules)
 * 1:15624 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 26 ActiveX clsid access (browser-plugins.rules)
 * 1:15626 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 27 ActiveX clsid access (browser-plugins.rules)
 * 1:15628 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 28 ActiveX clsid access (browser-plugins.rules)
 * 1:1563 <-> DISABLED <-> SERVER-WEBAPP login.htm attempt (server-webapp.rules)
 * 1:15630 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 29 ActiveX clsid access (browser-plugins.rules)
 * 1:15632 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 3 ActiveX clsid access (browser-plugins.rules)
 * 1:15634 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 30 ActiveX clsid access (browser-plugins.rules)
 * 1:15636 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 31 ActiveX clsid access (browser-plugins.rules)
 * 1:15638 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 32 ActiveX clsid access (browser-plugins.rules)
 * 1:1564 <-> DISABLED <-> SERVER-WEBAPP login.htm access (server-webapp.rules)
 * 1:15640 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 33 ActiveX clsid access (browser-plugins.rules)
 * 1:15642 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 34 ActiveX clsid access (browser-plugins.rules)
 * 1:15644 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 35 ActiveX clsid access (browser-plugins.rules)
 * 1:15646 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 36 ActiveX clsid access (browser-plugins.rules)
 * 1:15648 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 37 ActiveX clsid access (browser-plugins.rules)
 * 1:15650 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 38 ActiveX clsid access (browser-plugins.rules)
 * 1:15652 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 39 ActiveX clsid access (browser-plugins.rules)
 * 1:15654 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 4 ActiveX clsid access (browser-plugins.rules)
 * 1:15656 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 40 ActiveX clsid access (browser-plugins.rules)
 * 1:15658 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 41 ActiveX clsid access (browser-plugins.rules)
 * 1:15660 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 42 ActiveX clsid access (browser-plugins.rules)
 * 1:15662 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 43 ActiveX clsid access (browser-plugins.rules)
 * 1:15664 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 44 ActiveX clsid access (browser-plugins.rules)
 * 1:15666 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 45 ActiveX clsid access (browser-plugins.rules)
 * 1:15668 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 5 ActiveX clsid access (browser-plugins.rules)
 * 1:15670 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 6 ActiveX clsid access (browser-plugins.rules)
 * 1:15671 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 6 ActiveX function call (browser-plugins.rules)
 * 1:15672 <-> ENABLED <-> BROWSER-PLUGINS Microsoft Video 7 ActiveX clsid access (browser-plugins.rules)
 * 1:15674 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 8 ActiveX clsid access (browser-plugins.rules)
 * 1:15676 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 9 ActiveX clsid access (browser-plugins.rules)
 * 1:15678 <-> ENABLED <-> BROWSER-PLUGINS Microsoft DirectShow ActiveX exploit via JavaScript (browser-plugins.rules)
 * 1:15679 <-> DISABLED <-> BROWSER-PLUGINS Microsoft DirectShow ActiveX exploit via JavaScript - unicode encoding (browser-plugins.rules)
 * 1:15680 <-> ENABLED <-> OS-WINDOWS Microsoft DirectShow QuickTime file atom size parsing heap corruption attempt (os-windows.rules)
 * 1:15685 <-> ENABLED <-> BROWSER-PLUGINS Microsoft Office Web Components 10 Spreadsheet ActiveX clsid access (browser-plugins.rules)
 * 1:15687 <-> ENABLED <-> BROWSER-PLUGINS Microsoft Office Web Components 10 Spreadsheet ActiveX function call access (browser-plugins.rules)
 * 1:15689 <-> ENABLED <-> BROWSER-PLUGINS Microsoft Office Web Components 11 Spreadsheet ActiveX clsid access (browser-plugins.rules)
 * 1:15691 <-> ENABLED <-> BROWSER-PLUGINS Microsoft Office Web Components 11 Spreadsheet ActiveX function call access (browser-plugins.rules)
 * 1:15694 <-> ENABLED <-> FILE-OTHER Microsoft Windows Embedded Open Type Font malformed name table integer overflow attempt (file-other.rules)
 * 1:15711 <-> ENABLED <-> PUA-OTHER mIRC PRIVMSG message processing overflow attempt (pua-other.rules)
 * 1:15722 <-> ENABLED <-> SERVER-ORACLE Oracle database server Workspace Manager multiple SQL injection attempt (server-oracle.rules)
 * 1:15726 <-> ENABLED <-> SERVER-WEBAPP HP OpenView Network Node Manager URI rping stack buffer overflow attempt (server-webapp.rules)
 * 1:1575 <-> DISABLED <-> SERVER-WEBAPP Domino mab.nsf access (server-webapp.rules)
 * 1:1576 <-> DISABLED <-> SERVER-WEBAPP Domino cersvr.nsf access (server-webapp.rules)
 * 1:1577 <-> DISABLED <-> SERVER-WEBAPP Domino setup.nsf access (server-webapp.rules)
 * 1:1578 <-> DISABLED <-> SERVER-WEBAPP Domino statrep.nsf access (server-webapp.rules)
 * 1:1579 <-> DISABLED <-> SERVER-WEBAPP Domino webadmin.nsf access (server-webapp.rules)
 * 1:1580 <-> DISABLED <-> SERVER-WEBAPP Domino events4.nsf access (server-webapp.rules)
 * 1:1581 <-> DISABLED <-> SERVER-WEBAPP Domino ntsync4.nsf access (server-webapp.rules)
 * 1:1582 <-> DISABLED <-> SERVER-WEBAPP Domino collect4.nsf access (server-webapp.rules)
 * 1:1583 <-> DISABLED <-> SERVER-WEBAPP Domino mailw46.nsf access (server-webapp.rules)
 * 1:1584 <-> DISABLED <-> SERVER-WEBAPP Domino bookmark.nsf access (server-webapp.rules)
 * 1:1585 <-> DISABLED <-> SERVER-WEBAPP Domino agentrunner.nsf access (server-webapp.rules)
 * 1:15850 <-> DISABLED <-> OS-WINDOWS Remote Desktop orderType remote code execution attempt (os-windows.rules)
 * 1:15852 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Office Web Components Datasource ActiveX clsid access (browser-plugins.rules)
 * 1:15855 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Office Spreadsheet 10.0 ActiveX function call access (browser-plugins.rules)
 * 1:15858 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Office Web Components Spreadsheet ActiveX clsid access (browser-plugins.rules)
 * 1:1586 <-> DISABLED <-> SERVER-WEBAPP Domino mail.box access (server-webapp.rules)
 * 1:15860 <-> ENABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP wkssvc NetrGetJoinInformation attempt (os-windows.rules)
 * 1:15861 <-> ENABLED <-> BROWSER-PLUGINS Microsoft Windows Remote Desktop Client ActiveX clsid access (browser-plugins.rules)
 * 1:15863 <-> ENABLED <-> BROWSER-PLUGINS Microsoft Windows Remote Desktop Client ActiveX function call access (browser-plugins.rules)
 * 1:1587 <-> DISABLED <-> SERVER-WEBAPP cgitest.exe access (server-webapp.rules)
 * 1:15874 <-> DISABLED <-> SQL union select - possible sql injection attempt - POST parameter (sql.rules)
 * 1:15878 <-> DISABLED <-> BROWSER-PLUGINS AcerCtrls.APlunch ActiveX clsid access (browser-plugins.rules)
 * 1:1588 <-> DISABLED <-> SERVER-WEBAPP SalesLogix Eviewer access (server-webapp.rules)
 * 1:1589 <-> DISABLED <-> SERVER-WEBAPP musicat empower attempt (server-webapp.rules)
 * 1:15894 <-> DISABLED <-> OS-WINDOWS Microsoft Color Management Module remote code execution attempt (os-windows.rules)
 * 1:15906 <-> DISABLED <-> OS-LINUX Linux Kernel DCCP Protocol Handler dccp_setsockopt_change integer overflow attempt (os-linux.rules)
 * 1:15907 <-> DISABLED <-> OS-LINUX Linux Kernel DCCP Protocol Handler dccp_setsockopt_change integer overflow attempt (os-linux.rules)
 * 1:15908 <-> DISABLED <-> SERVER-WEBAPP Trend Micro OfficeScan multiple CGI modules HTTP form processing buffer overflow attempt (server-webapp.rules)
 * 1:15924 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DHTML Editing ActiveX function call access (browser-plugins.rules)
 * 1:15926 <-> DISABLED <-> BROWSER-PLUGINS PPStream PPSMediaList ActiveX clsid access (browser-plugins.rules)
 * 1:15928 <-> DISABLED <-> BROWSER-PLUGINS PPStream PPSMediaList ActiveX function call access (browser-plugins.rules)
 * 1:15942 <-> DISABLED <-> SERVER-OTHER CA Multiple Products Console Server login credentials handling overflow attempt (server-other.rules)
 * 1:15943 <-> DISABLED <-> SERVER-OTHER CA Multiple Products Console Server login credentials handling overflow attempt (server-other.rules)
 * 1:15953 <-> DISABLED <-> SERVER-WEBAPP Ipswitch IMail Calendaring arbitrary file read attempt (server-webapp.rules)
 * 1:15954 <-> DISABLED <-> SERVER-MAIL SpamAssassin malformed email header DoS attempt (server-mail.rules)
 * 1:15958 <-> DISABLED <-> SERVER-WEBAPP Novell ZENworks Remote Management overflow attempt (server-webapp.rules)
 * 1:15965 <-> DISABLED <-> OS-WINDOWS Microsoft Explorer long share name buffer overflow attempt (os-windows.rules)
 * 1:15978 <-> DISABLED <-> SERVER-WEBAPP Macromedia JRun 4 mod_jrun buffer overflow attempt (server-webapp.rules)
 * 1:15982 <-> DISABLED <-> SERVER-WEBAPP Ipswitch WhatsUp Gold DOS Device HTTP request denial of service attempt (server-webapp.rules)
 * 1:15990 <-> DISABLED <-> SERVER-WEBAPP Multiple Vendor server file disclosure attempt (server-webapp.rules)
 * 1:15998 <-> DISABLED <-> SERVER-OTHER HP OpenView Client Configuration Manager Radia Notify Daemon code execution attempt (server-other.rules)
 * 1:16006 <-> DISABLED <-> FILE-MULTIMEDIA Apple Quicktime color table id memory corruption attempt (file-multimedia.rules)
 * 1:16008 <-> ENABLED <-> OS-WINDOWS Multiple Products excessive HTTP 304 Not Modified responses exploit attempt (os-windows.rules)
 * 1:16016 <-> DISABLED <-> OS-WINDOWS Microsoft client for netware overflow attempt (os-windows.rules)
 * 1:16018 <-> DISABLED <-> SERVER-OTHER HP OpenView network node manager buffer overflow (server-other.rules)
 * 1:16028 <-> DISABLED <-> SERVER-WEBAPP Novell Groupwise Messenger parameters invalid memory access attempt (server-webapp.rules)
 * 1:1603 <-> DISABLED <-> SERVER-WEBAPP DELETE attempt (server-webapp.rules)
 * 1:16039 <-> ENABLED <-> SERVER-OTHER EMC Dantz Retrospect Backup Agent denial of service attempt (server-other.rules)
 * 1:1604 <-> DISABLED <-> SERVER-WEBAPP iChat directory traversal attempt (server-webapp.rules)
 * 1:16056 <-> DISABLED <-> SERVER-WEBAPP Symantec Scan Engine authentication bypass attempt (server-webapp.rules)
 * 1:16068 <-> DISABLED <-> BROWSER-PLUGINS Yahoo Music Jukebox ActiveX exploit (browser-plugins.rules)
 * 1:16073 <-> ENABLED <-> OS-WINDOWS MS-SQL convert function unicode overflow (os-windows.rules)
 * 1:16087 <-> DISABLED <-> FILE-OTHER Multiple vendor AV gateway virus detection bypass attempt (file-other.rules)
 * 1:16090 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Core XML core services XMLHTTP control open method code execution attempt (browser-plugins.rules)
 * 1:1612 <-> DISABLED <-> SERVER-WEBAPP ftp.pl attempt (server-webapp.rules)
 * 1:16125 <-> DISABLED <-> MALWARE-OTHER Keylogger spyyahoo v2.2 runtime detection (malware-other.rules)
 * 1:16129 <-> DISABLED <-> MALWARE-OTHER Keylogger kamyab Keylogger v.3 runtime detection (malware-other.rules)
 * 1:1613 <-> DISABLED <-> SERVER-WEBAPP handler attempt (server-webapp.rules)
 * 1:16130 <-> DISABLED <-> MALWARE-OTHER Keylogger lord spy pro 1.4 runtime detection (malware-other.rules)
 * 1:16137 <-> DISABLED <-> MALWARE-OTHER Keylogger cheat monitor runtime detection (malware-other.rules)
 * 1:1614 <-> DISABLED <-> SERVER-WEBAPP Novell Groupwise gwweb.exe attempt (server-webapp.rules)
 * 1:1615 <-> DISABLED <-> SERVER-WEBAPP htgrep attempt (server-webapp.rules)
 * 1:16159 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Office Excel Add-in for SQL Analysis Services 1 ActiveX clsid access (browser-plugins.rules)
 * 1:16161 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Office Excel Add-in for SQL Analysis Services 2 ActiveX clsid access (browser-plugins.rules)
 * 1:16163 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Office Excel Add-in for SQL Analysis Services 3 ActiveX clsid access (browser-plugins.rules)
 * 1:16165 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Office Excel Add-in for SQL Analysis Services 4 ActiveX clsid access (browser-plugins.rules)
 * 1:16167 <-> DISABLED <-> OS-WINDOWS Microsoft Windows LSASS integer wrap denial of service attempt (os-windows.rules)
 * 1:16168 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMBv2 integer overflow denial of service attempt (os-windows.rules)
 * 1:16194 <-> ENABLED <-> SERVER-WEBAPP Novell eDirectory HTTP request content-length heap buffer overflow attempt (server-webapp.rules)
 * 1:16195 <-> ENABLED <-> SERVER-WEBAPP Novell eDirectory HTTP request content-length heap buffer overflow attempt (server-webapp.rules)
 * 1:16199 <-> DISABLED <-> SERVER-MAIL SpamAssassin long message header denial of service attempt (server-mail.rules)
 * 1:16201 <-> DISABLED <-> SERVER-MAIL Ipswitch Collaboration Suite SMTP format string exploit attempt (server-mail.rules)
 * 1:16204 <-> ENABLED <-> SERVER-OTHER HP OpenView Network Node Manager ovlaunch host field overflow attempt (server-other.rules)
 * 1:16207 <-> DISABLED <-> SERVER-WEBAPP MIT Kerberos V% KAdminD klog_vsyslog server overflow attempt (server-webapp.rules)
 * 1:16217 <-> DISABLED <-> SERVER-OTHER HP OpenView Network Node Manager ovalarmsrv opcode 45 integer overflow (server-other.rules)
 * 1:16218 <-> DISABLED <-> SERVER-WEBAPP Content-Length request offset smuggling attempt (server-webapp.rules)
 * 1:16221 <-> DISABLED <-> OS-WINDOWS Microsoft ISA and Forefront Threat Management Web Proxy TCP Listener denial of service attempt (os-windows.rules)
 * 1:16238 <-> ENABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP llsrpc2 LlsrLicenseRequestW overflow attempt (os-windows.rules)
 * 1:16239 <-> ENABLED <-> OS-WINDOWS DCERPC NCADG-IP-UDP llsrpc2 LlsrLicenseRequestW overflow attempt (os-windows.rules)
 * 1:16283 <-> DISABLED <-> SERVER-WEBAPP Borland StarTeam Multicast Service buffer overflow attempt (server-webapp.rules)
 * 1:16287 <-> ENABLED <-> OS-WINDOWS SMB Negotiate Protocol response DoS attempt (os-windows.rules)
 * 1:16288 <-> ENABLED <-> FILE-OTHER Oracle Java Runtime AWT setDiffICM stack buffer overflow attempt (file-other.rules)
 * 1:16305 <-> DISABLED <-> BROWSER-PLUGINS Symantec Altiris Deployment Solution ActiveX clsid access (browser-plugins.rules)
 * 1:16307 <-> DISABLED <-> BROWSER-PLUGINS Symantec Altiris Deployment Solution ActiveX function call access (browser-plugins.rules)
 * 1:16340 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Media Player DHTML Editing ActiveX clsid access (browser-plugins.rules)
 * 1:16352 <-> ENABLED <-> OS-LINUX Linux Kernel NFSD Subsystem overflow attempt (os-linux.rules)
 * 1:1636 <-> DISABLED <-> SERVER-OTHER Xtramail Username overflow attempt (server-other.rules)
 * 1:16371 <-> DISABLED <-> BROWSER-PLUGINS NOS Microsystems Adobe atl_getcom ActiveX clsid access (browser-plugins.rules)
 * 1:16379 <-> DISABLED <-> BROWSER-PLUGINS SAP AG SAPgui sapirrfc ActiveX clsid access (browser-plugins.rules)
 * 1:16386 <-> DISABLED <-> BROWSER-PLUGINS AcroPDF.PDF ActiveX clsid access (browser-plugins.rules)
 * 1:16388 <-> DISABLED <-> BROWSER-PLUGINS AcroPDF.PDF ActiveX function call access (browser-plugins.rules)
 * 1:16392 <-> ENABLED <-> SERVER-WEBAPP Oracle Java System Web Server 7.0u7 authorization digest heap overflow (server-webapp.rules)
 * 1:16397 <-> DISABLED <-> OS-WINDOWS SMB andx invalid server name share access (os-windows.rules)
 * 1:16398 <-> DISABLED <-> OS-WINDOWS SMB invalid server name share access (os-windows.rules)
 * 1:16399 <-> DISABLED <-> OS-WINDOWS SMB unicode andx invalid server name share access (os-windows.rules)
 * 1:16400 <-> DISABLED <-> OS-WINDOWS SMB unicode invalid server name share access (os-windows.rules)
 * 1:16401 <-> DISABLED <-> OS-WINDOWS SMB andx invalid server name share access (os-windows.rules)
 * 1:16402 <-> DISABLED <-> OS-WINDOWS SMB invalid server name share access (os-windows.rules)
 * 1:16403 <-> DISABLED <-> OS-WINDOWS SMB unicode andx invalid server name share access (os-windows.rules)
 * 1:16404 <-> DISABLED <-> OS-WINDOWS SMB unicode invalid server name share access (os-windows.rules)
 * 1:16417 <-> ENABLED <-> OS-WINDOWS SMB Negotiate Protocol Response overflow attempt (os-windows.rules)
 * 1:16419 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Data Analyzer 3.5 ActiveX clsid access (browser-plugins.rules)
 * 1:16424 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Script Host Shell Object ActiveX clsid access (browser-plugins.rules)
 * 1:16426 <-> DISABLED <-> SERVER-WEBAPP Oracle Java System Web Server 7.0 WebDAV format string exploit attempt - PROPFIND method (server-webapp.rules)
 * 1:16427 <-> DISABLED <-> SERVER-WEBAPP Oracle Java System Web Server 7.0 WebDAV format string exploit attempt - LOCK method (server-webapp.rules)
 * 1:16429 <-> ENABLED <-> SERVER-WEBAPP Novell iManager eDirectory plugin schema buffer overflow attempt - GET request (server-webapp.rules)
 * 1:16430 <-> ENABLED <-> SERVER-WEBAPP Novell iManager eDirectory plugin schema buffer overflow attempt - POST request (server-webapp.rules)
 * 1:16432 <-> DISABLED <-> BROWSER-PLUGINS Trend Micro Web Deployment ActiveX clsid access (browser-plugins.rules)
 * 1:16454 <-> ENABLED <-> OS-WINDOWS SMB Negotiate Protocol response DoS attempt - empty SMB 2 (os-windows.rules)
 * 1:16455 <-> DISABLED <-> MALWARE-OTHER Keylogger egyspy keylogger 1.13 runtime detection (malware-other.rules)
 * 1:16496 <-> ENABLED <-> MALWARE-CNC Win.Trojan.hacktool variant outbound connection (malware-cnc.rules)
 * 1:16510 <-> ENABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Tabular Control ActiveX overflow by CLSID (browser-plugins.rules)
 * 1:16511 <-> ENABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Tabular Control ActiveX overflow by ProgID (browser-plugins.rules)
 * 1:16514 <-> ENABLED <-> PUA-OTHER Trillian AIM XML tag handling heap buffer overflow attempt (pua-other.rules)
 * 1:16537 <-> ENABLED <-> BROWSER-PLUGINS Microsoft Windows Media Player ActiveX unknow compression algorithm use arbitrary code execution attempt (browser-plugins.rules)
 * 1:16539 <-> ENABLED <-> OS-WINDOWS SMBv1 BytesNeeded ring0 buffer overflow attempt (os-windows.rules)
 * 1:16540 <-> DISABLED <-> OS-WINDOWS SMB2 client NetBufferList NULL entry remote code execution attempt (os-windows.rules)
 * 1:16541 <-> ENABLED <-> OS-WINDOWS Microsoft Windows Media Service stack overflow attempt (os-windows.rules)
 * 1:16554 <-> DISABLED <-> FILE-PDF Adobe Acrobat and Acrobat Reader javascript getIcon method buffer overflow attempt (file-pdf.rules)
 * 1:16555 <-> ENABLED <-> SERVER-WEBAPP HP Openview Network Node Manager OvAcceptLang overflow attempt (server-webapp.rules)
 * 1:16565 <-> DISABLED <-> BROWSER-PLUGINS Ultra Shareware Office ActiveX clsid access (browser-plugins.rules)
 * 1:16566 <-> DISABLED <-> BROWSER-PLUGINS Tumbleweed SecureTransport ActiveX clsid access (browser-plugins.rules)
 * 1:16568 <-> DISABLED <-> BROWSER-PLUGINS Altnet Download Manager ADM4 ActiveX clsid access (browser-plugins.rules)
 * 1:16569 <-> DISABLED <-> BROWSER-PLUGINS EnjoySAP kweditcontrol ActiveX clsid access (browser-plugins.rules)
 * 1:16571 <-> DISABLED <-> BROWSER-PLUGINS EnjoySAP kweditcontrol ActiveX function call access (browser-plugins.rules)
 * 1:16573 <-> DISABLED <-> BROWSER-PLUGINS obfuscated ActiveX object instantiation via unescape (browser-plugins.rules)
 * 1:16574 <-> DISABLED <-> BROWSER-PLUGINS obfuscated ActiveX object instantiation via fromCharCode (browser-plugins.rules)
 * 1:16575 <-> DISABLED <-> BROWSER-PLUGINS RKD Software BarCode ActiveX buffer overflow attempt (browser-plugins.rules)
 * 1:16579 <-> DISABLED <-> PUA-OTHER mIRC IRC URL buffer overflow attempt (pua-other.rules)
 * 1:16580 <-> DISABLED <-> BROWSER-PLUGINS NCTAudioFile2 ActiveX clsid access via object tag (browser-plugins.rules)
 * 1:16581 <-> DISABLED <-> BROWSER-PLUGINS Persits Software XUpload ActiveX clsid unsafe function access attempt (browser-plugins.rules)
 * 1:16588 <-> ENABLED <-> BROWSER-PLUGINS iseemedia LPViewer ActiveX exploit attempt (browser-plugins.rules)
 * 1:16589 <-> ENABLED <-> BROWSER-PLUGINS iseemedia LPViewer ActiveX buffer overflows attempt (browser-plugins.rules)
 * 1:16590 <-> DISABLED <-> BROWSER-PLUGINS Oracle EasyMail Objects ActiveX exploit attempt (browser-plugins.rules)
 * 1:16591 <-> DISABLED <-> BROWSER-PLUGINS Oracle EasyMail Objects ActiveX exploit attempt (browser-plugins.rules)
 * 1:16599 <-> ENABLED <-> BROWSER-PLUGINS AtHocGov IWSAlerts ActiveX control buffer overflow attempt (browser-plugins.rules)
 * 1:16602 <-> DISABLED <-> BROWSER-PLUGINS Microsoft DirectShow 3 ActiveX exploit via JavaScript (browser-plugins.rules)
 * 1:16604 <-> ENABLED <-> SERVER-WEBAPP HP OpenView Network Node Manager ovalarm.exe Accept-Language buffer overflow attempt (server-webapp.rules)
 * 1:16607 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer RAM Download Handler ActiveX exploit attempt (browser-plugins.rules)
 * 1:16608 <-> DISABLED <-> BROWSER-PLUGINS HP Mercury Quality Center SPIDERLib ActiveX buffer overflow attempt (browser-plugins.rules)
 * 1:16609 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer ActiveX Import playlist name buffer overflow attempt (browser-plugins.rules)
 * 1:16610 <-> DISABLED <-> BROWSER-PLUGINS IBM Access Support ActiveX GetXMLValue method buffer overflow attempt (browser-plugins.rules)
 * 1:1662 <-> DISABLED <-> SERVER-WEBAPP /~ftp access (server-webapp.rules)
 * 1:1663 <-> DISABLED <-> SERVER-WEBAPP *%20.pl access (server-webapp.rules)
 * 1:16635 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer 8 Developer Tool ActiveX clsid access (browser-plugins.rules)
 * 1:16636 <-> DISABLED <-> OS-WINDOWS Microsoft Windows .NET framework XMLDsig data tampering attempt  (os-windows.rules)
 * 1:1664 <-> DISABLED <-> SERVER-WEBAPP mkplog.exe access (server-webapp.rules)
 * 1:1667 <-> DISABLED <-> SERVER-WEBAPP cross site scripting HTML Image tag set to javascript attempt (server-webapp.rules)
 * 1:16671 <-> DISABLED <-> BROWSER-PLUGINS IBM Lotus Domino Web Access ActiveX exploit attempt (browser-plugins.rules)
 * 1:16672 <-> ENABLED <-> BROWSER-PLUGINS Symantec Backup Exec ActiveX control buffer overflow attempt (browser-plugins.rules)
 * 1:16674 <-> ENABLED <-> SERVER-WEBAPP HP OpenView CGI parameter buffer overflow attempt (server-webapp.rules)
 * 1:16675 <-> DISABLED <-> BROWSER-PLUGINS CA BrightStor ListCtrl ActiveX exploit attempt (browser-plugins.rules)
 * 1:16678 <-> DISABLED <-> SERVER-WEBAPP Tandberg VCS local file disclosure attempt (server-webapp.rules)
 * 1:16681 <-> DISABLED <-> SERVER-WEBAPP Basic Authorization string overflow attempt (server-webapp.rules)
 * 1:16682 <-> DISABLED <-> SERVER-WEBAPP Oracle ONE Web Server JSP source code disclosure attempt (server-webapp.rules)
 * 1:16687 <-> DISABLED <-> BROWSER-PLUGINS Juniper Networks SSL-VPN Client JuniperSetup ActiveX control buffer overflow attempt (browser-plugins.rules)
 * 1:1670 <-> DISABLED <-> SERVER-WEBAPP /home/ftp access (server-webapp.rules)
 * 1:16704 <-> ENABLED <-> BROWSER-PLUGINS CA eTrust PestPatrol 'ppctl.dll' ActiveX Initialize method overflow attempt (browser-plugins.rules)
 * 1:1671 <-> DISABLED <-> SERVER-WEBAPP /home/www access (server-webapp.rules)
 * 1:16711 <-> DISABLED <-> BROWSER-PLUGINS E-Book Systems FlipViewer FlipViewerX.dll activex clsid access ActiveX clsid access (browser-plugins.rules)
 * 1:16712 <-> ENABLED <-> SERVER-WEBAPP HP OpenView Network Node Manager ovwebsnmpsrv.exe OVwSelection buffer overflow attempt - GET (server-webapp.rules)
 * 1:16713 <-> ENABLED <-> SERVER-WEBAPP HP OpenView Network Node Manager ovwebsnmpsrv.exe OVwSelection buffer overflow attempt - POST (server-webapp.rules)
 * 1:16714 <-> ENABLED <-> BROWSER-PLUGINS SoftArtisans XFile FileManager ActiveX Control buffer overflow attempt (browser-plugins.rules)
 * 1:16715 <-> ENABLED <-> BROWSER-PLUGINS SaschArt SasCam Webcam Server ActiveX control exploit attempt (browser-plugins.rules)
 * 1:16724 <-> DISABLED <-> OS-LINUX Linux kernel sctp_process_unk_param SCTPChunkInit buffer overflow attempt (os-linux.rules)
 * 1:16725 <-> DISABLED <-> BROWSER-PLUGINS ActivePDF WebGrabber APWebGrb.ocx GetStatus method overflow attempt (browser-plugins.rules)
 * 1:16729 <-> ENABLED <-> BROWSER-PLUGINS McAfee Remediation client ActiveX control buffer overflow attempt (browser-plugins.rules)
 * 1:16740 <-> ENABLED <-> BROWSER-PLUGINS Microsoft Works WkImgSrv.dll ActiveX control code execution attempt (browser-plugins.rules)
 * 1:16741 <-> ENABLED <-> BROWSER-PLUGINS Microsoft Works WkImgSrv.dll ActiveX control exploit attempt (browser-plugins.rules)
 * 1:16745 <-> ENABLED <-> BROWSER-PLUGINS DjVu ActiveX control ImageURL property overflow attempt (browser-plugins.rules)
 * 1:16746 <-> ENABLED <-> BROWSER-PLUGINS IBM Access Support ActiveX clsid access (browser-plugins.rules)
 * 1:16748 <-> DISABLED <-> BROWSER-PLUGINS IBM Access Support ActiveX function call access (browser-plugins.rules)
 * 1:16767 <-> DISABLED <-> BROWSER-PLUGINS AwingSoft Web3D Player ActiveX clsid access (browser-plugins.rules)
 * 1:16769 <-> DISABLED <-> BROWSER-PLUGINS AwingSoft Web3D Player ActiveX function call access (browser-plugins.rules)
 * 1:16771 <-> ENABLED <-> BROWSER-PLUGINS AwingSoft Web3D Player WindsPlayerIE.View.1 ActiveX SceneURL method overflow attempt (browser-plugins.rules)
 * 1:16772 <-> DISABLED <-> BROWSER-PLUGINS EMC Captiva QuickScan Pro ActiveX clsid access (browser-plugins.rules)
 * 1:16774 <-> DISABLED <-> BROWSER-PLUGINS EMC Captiva QuickScan Pro ActiveX function call access (browser-plugins.rules)
 * 1:16776 <-> ENABLED <-> BROWSER-PLUGINS KeyWorks KeyHelp 'keyhelp.ocx' ActiveX control multiple method overflow attempt (browser-plugins.rules)
 * 1:16779 <-> DISABLED <-> BROWSER-PLUGINS EasyMail IMAP4 ActiveX clsid access (browser-plugins.rules)
 * 1:16781 <-> DISABLED <-> BROWSER-PLUGINS EasyMail IMAP4 ActiveX function call access (browser-plugins.rules)
 * 1:16783 <-> DISABLED <-> BROWSER-PLUGINS Autodesk iDrop ActiveX clsid access (browser-plugins.rules)
 * 1:16784 <-> DISABLED <-> BROWSER-PLUGINS Autodesk iDrop ActiveX function call access (browser-plugins.rules)
 * 1:16789 <-> ENABLED <-> BROWSER-PLUGINS Chilkat Crypt 2 ActiveX WriteFile method arbitrary file overwrite attempt - 1 (browser-plugins.rules)
 * 1:16790 <-> ENABLED <-> BROWSER-PLUGINS Chilkat Crypt 2 ActiveX WriteFile method arbitrary file overwrite attempt - 2 (browser-plugins.rules)
 * 1:16791 <-> DISABLED <-> BROWSER-PLUGINS SAP AG SAPgui EAI WebViewer3D ActiveX clsid access (browser-plugins.rules)
 * 1:16793 <-> DISABLED <-> BROWSER-PLUGINS SAP AG SAPgui EAI WebViewer3D ActiveX function call access (browser-plugins.rules)
 * 1:16802 <-> DISABLED <-> BROWSER-PLUGINS WinDVD IASystemInfo.dll ActiveX clsid access (browser-plugins.rules)
 * 1:17037 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Office Access multiple control instantiation memory corruption attempt (browser-plugins.rules)
 * 1:17042 <-> ENABLED <-> FILE-OTHER Microsoft LNK shortcut arbitary dll load attempt (file-other.rules)
 * 1:17049 <-> DISABLED <-> SERVER-WEBAPP Oracle Secure Backup Administration Server authentication bypass attempt via POST (server-webapp.rules)
 * 1:17050 <-> DISABLED <-> SERVER-WEBAPP Oracle Secure Backup Administration Server authentication bypass attempt (server-webapp.rules)
 * 1:17051 <-> DISABLED <-> BROWSER-PLUGINS Symantec AppStream Client LaunchObj ActiveX clsid access (browser-plugins.rules)
 * 1:17052 <-> DISABLED <-> BROWSER-PLUGINS Symantec AppStream Client LaunchObj ActiveX clsid unicode access (browser-plugins.rules)
 * 1:17053 <-> DISABLED <-> BROWSER-PLUGINS Symantec AppStream Client LaunchObj ActiveX function call access (browser-plugins.rules)
 * 1:17054 <-> DISABLED <-> BROWSER-PLUGINS Symantec AppStream Client LaunchObj ActiveX function call unicode access (browser-plugins.rules)
 * 1:17055 <-> ENABLED <-> SERVER-ORACLE Oracle Database DBMS TNS Listener denial of service attempt (server-oracle.rules)
 * 1:17060 <-> ENABLED <-> BROWSER-PLUGINS Roxio CinePlayer SonicDVDDashVRNav.dll ActiveX control buffer overflow attempt (browser-plugins.rules)
 * 1:17061 <-> DISABLED <-> BROWSER-PLUGINS Symantec Norton Personal Firewall 2004 ActiveX clsid access (browser-plugins.rules)
 * 1:17063 <-> DISABLED <-> BROWSER-PLUGINS Logitech Video Call 1 ActiveX clsid access (browser-plugins.rules)
 * 1:17065 <-> DISABLED <-> BROWSER-PLUGINS Logitech Video Call 2 ActiveX clsid access (browser-plugins.rules)
 * 1:17067 <-> DISABLED <-> BROWSER-PLUGINS Logitech Video Call 3 ActiveX clsid access (browser-plugins.rules)
 * 1:17069 <-> DISABLED <-> BROWSER-PLUGINS Logitech Video Call 4 ActiveX clsid access (browser-plugins.rules)
 * 1:17071 <-> DISABLED <-> BROWSER-PLUGINS Logitech Video Call 5 ActiveX clsid access (browser-plugins.rules)
 * 1:17073 <-> DISABLED <-> BROWSER-PLUGINS Ask Toolbar AskJeevesToolBar.SettingsPlugin ActiveX clsid access (browser-plugins.rules)
 * 1:17075 <-> DISABLED <-> BROWSER-PLUGINS Ask Toolbar AskJeevesToolBar.SettingsPlugin ActiveX function call access (browser-plugins.rules)
 * 1:17077 <-> DISABLED <-> BROWSER-PLUGINS Ask Toolbar AskJeevesToolBar.SettingsPlugin.1 ActiveX control buffer overflow attempt (browser-plugins.rules)
 * 1:17078 <-> DISABLED <-> BROWSER-PLUGINS GOM Player GomWeb ActiveX clsid access (browser-plugins.rules)
 * 1:17080 <-> DISABLED <-> BROWSER-PLUGINS GOM Player GomWeb ActiveX function call access (browser-plugins.rules)
 * 1:17082 <-> DISABLED <-> BROWSER-PLUGINS SonicWALL SSL-VPN NeLaunchCtrl ActiveX clsid access (browser-plugins.rules)
 * 1:17084 <-> DISABLED <-> BROWSER-PLUGINS Creative Software AutoUpdate Engine ActiveX clsid access (browser-plugins.rules)
 * 1:17086 <-> ENABLED <-> BROWSER-PLUGINS Creative Software AutoUpdate Engine CTSUEng.ocx ActiveX control buffer overflow attempt (browser-plugins.rules)
 * 1:17087 <-> DISABLED <-> BROWSER-PLUGINS VeryDOC PDF Viewer ActiveX clsid access (browser-plugins.rules)
 * 1:17089 <-> DISABLED <-> BROWSER-PLUGINS VeryDOC PDF Viewer ActiveX function call access (browser-plugins.rules)
 * 1:17091 <-> ENABLED <-> BROWSER-PLUGINS VeryDOC PDF Viewer ActiveX control OpenPDF buffer overflow attempt (browser-plugins.rules)
 * 1:17092 <-> ENABLED <-> BROWSER-PLUGINS Symantec Altirix Deployment Solution AeXNSPkgDLLib.dll ActiveX clsid access (browser-plugins.rules)
 * 1:17094 <-> ENABLED <-> BROWSER-PLUGINS Symantec Altirix Deployment Solution AeXNSPkgDLLib.dll ActiveX function call access (browser-plugins.rules)
 * 1:17096 <-> DISABLED <-> BROWSER-PLUGINS AOL WinAmpX ActiveX clsid access (browser-plugins.rules)
 * 1:17098 <-> ENABLED <-> BROWSER-PLUGINS AOL IWinAmpActiveX class ConvertFile buffer overflow attempt (browser-plugins.rules)
 * 1:17099 <-> DISABLED <-> BROWSER-PLUGINS CommuniCrypt Mail ANSMTP.dll/AOSMTP.dll ActiveX clsid access (browser-plugins.rules)
 * 1:17101 <-> DISABLED <-> BROWSER-PLUGINS CommuniCrypt Mail ANSMTP.dll/AOSMTP.dll ActiveX function call access (browser-plugins.rules)
 * 1:17103 <-> DISABLED <-> SERVER-IIS IIS 5.1 alternate data stream authentication bypass attempt (server-iis.rules)
 * 1:17109 <-> DISABLED <-> SERVER-ORACLE Oracle Java Web Console logging functionality format string exploit attempt (server-oracle.rules)
 * 1:17112 <-> DISABLED <-> OS-WINDOWS DCERPC rpcss2 _RemoteGetClassObject attempt (os-windows.rules)
 * 1:17125 <-> DISABLED <-> OS-WINDOWS SMB Trans2 MaxDataCount overflow attempt (os-windows.rules)
 * 1:17137 <-> ENABLED <-> SERVER-WEBAPP HP Intelligent Management Center information disclosure attempt (server-webapp.rules)
 * 1:17140 <-> ENABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:17147 <-> DISABLED <-> FILE-IMAGE Adobe Photoshop CS4 ABR file processing buffer overflow attempt (file-image.rules)
 * 1:17157 <-> ENABLED <-> SERVER-WEBAPP HP Intelligent Management Center database credentials information disclosure attempt - 1 (server-webapp.rules)
 * 1:17158 <-> ENABLED <-> SERVER-WEBAPP HP Intelligent Management Center database credentials information disclosure attempt - 2 (server-webapp.rules)
 * 1:17159 <-> ENABLED <-> SERVER-WEBAPP HP Intelligent Management Center database credentials information disclosure attempt - 3 (server-webapp.rules)
 * 1:17160 <-> DISABLED <-> BROWSER-PLUGINS Liquid XML Studio LtXmlComHelp8.dll ActiveX OpenFile buffer overflow attempt (browser-plugins.rules)
 * 1:17161 <-> DISABLED <-> BROWSER-PLUGINS Liquid XML Studio ActiveX clsid access (browser-plugins.rules)
 * 1:17163 <-> DISABLED <-> BROWSER-PLUGINS Liquid XML Studio ActiveX function call access (browser-plugins.rules)
 * 1:17167 <-> DISABLED <-> BROWSER-PLUGINS Oracle Siebel Option Pack 1 ActiveX clsid access (browser-plugins.rules)
 * 1:17169 <-> DISABLED <-> BROWSER-PLUGINS Oracle Siebel Option Pack 2 ActiveX clsid access (browser-plugins.rules)
 * 1:17171 <-> DISABLED <-> BROWSER-PLUGINS Oracle Siebel Option Pack 3 ActiveX clsid access (browser-plugins.rules)
 * 1:17173 <-> DISABLED <-> BROWSER-PLUGINS Oracle Siebel Option Pack 4 ActiveX clsid access (browser-plugins.rules)
 * 1:17175 <-> DISABLED <-> BROWSER-PLUGINS Oracle Siebel Option Pack 5 ActiveX clsid access (browser-plugins.rules)
 * 1:17177 <-> DISABLED <-> BROWSER-PLUGINS Oracle Siebel Option Pack 6 ActiveX clsid access (browser-plugins.rules)
 * 1:17226 <-> DISABLED <-> BROWSER-PLUGINS AXIS Camera ActiveX initialization via script (browser-plugins.rules)
 * 1:17249 <-> ENABLED <-> OS-WINDOWS Microsoft Windows LSASS integer overflow attempt (os-windows.rules)
 * 1:17266 <-> DISABLED <-> FILE-OTHER Multiple vendor malformed ZIP archive Antivirus detection bypass attempt (file-other.rules)
 * 1:17267 <-> DISABLED <-> FILE-OTHER Multiple vendor malformed ZIP archive Antivirus detection bypass attempt (file-other.rules)
 * 1:17275 <-> DISABLED <-> SERVER-MAIL Symantec Brightmail AntiSpam nested Zip handling denial of service attempt (server-mail.rules)
 * 1:17279 <-> DISABLED <-> SERVER-WEBAPP Ipswitch WhatsUp Small Business directory traversal attempt (server-webapp.rules)
 * 1:17280 <-> DISABLED <-> SERVER-WEBAPP Ipswitch WhatsUp Small Business directory traversal attempt (server-webapp.rules)
 * 1:17281 <-> DISABLED <-> FILE-OTHER Panda Antivirus ZOO archive decompression buffer overflow attempt (file-other.rules)
 * 1:17282 <-> DISABLED <-> SERVER-OTHER Panda Antivirus ZOO archive decompression buffer overflow attempt (server-other.rules)
 * 1:17286 <-> DISABLED <-> FILE-OTHER Microsoft Visual Basic for Applications document properties overflow attempt (file-other.rules)
 * 1:17287 <-> DISABLED <-> SERVER-WEBAPP Cisco IOS HTTP service HTML injection attempt (server-webapp.rules)
 * 1:17294 <-> DISABLED <-> OS-WINDOWS Microsoft Windows NAT Helper DNS query denial of service attempt (os-windows.rules)
 * 1:17295 <-> ENABLED <-> SERVER-WEBAPP Trend Micro OfficeScan Console authentication buffer overflow attempt (server-webapp.rules)
 * 1:17298 <-> DISABLED <-> SERVER-OTHER IBM Tivoli Monitoring Express Universal Agent Buffer Overflow (server-other.rules)
 * 1:17302 <-> DISABLED <-> OS-LINUX Linux kernel SCTP Unknown Chunk Types denial of service attempt (os-linux.rules)
 * 1:17306 <-> ENABLED <-> OS-WINDOWS Microsoft Malware Protection Engine file processing denial of service attempt (os-windows.rules)
 * 1:17317 <-> DISABLED <-> SERVER-OTHER OpenSSH sshd Identical Blocks DOS attempt (server-other.rules)
 * 1:17332 <-> DISABLED <-> SERVER-MAIL Content-Disposition attachment (server-mail.rules)
 * 1:17333 <-> DISABLED <-> SERVER-MAIL Lotus Notes Attachment Viewer UUE file buffer overflow attempt (server-mail.rules)
 * 1:17334 <-> DISABLED <-> FILE-FLASH RealNetworks RealPlayer SWF Flash File buffer overflow attempt (file-flash.rules)
 * 1:17357 <-> ENABLED <-> PUA-OTHER AOL GAIM AIM-ICQ Protocol Handling buffer overflow attempt (pua-other.rules)
 * 1:1736 <-> DISABLED <-> SERVER-WEBAPP squirrel mail spell-check arbitrary command attempt (server-webapp.rules)
 * 1:1737 <-> DISABLED <-> SERVER-WEBAPP squirrel mail theme arbitrary command attempt (server-webapp.rules)
 * 1:17370 <-> DISABLED <-> SERVER-WEBAPP Squid authentication headers handling denial of service attempt (server-webapp.rules)
 * 1:17371 <-> DISABLED <-> SERVER-WEBAPP Squid authentication headers handling denial of service attempt (server-webapp.rules)
 * 1:17376 <-> ENABLED <-> SERVER-WEBAPP IBM Lotus Expeditor cai URI handler command execution attempt (server-webapp.rules)
 * 1:1738 <-> DISABLED <-> SERVER-WEBAPP global.inc access (server-webapp.rules)
 * 1:1739 <-> DISABLED <-> SERVER-WEBAPP DNSTools administrator authentication bypass attempt (server-webapp.rules)
 * 1:1740 <-> DISABLED <-> SERVER-WEBAPP DNSTools authentication bypass attempt (server-webapp.rules)
 * 1:1741 <-> DISABLED <-> SERVER-WEBAPP DNSTools access (server-webapp.rules)
 * 1:17410 <-> DISABLED <-> OS-WINDOWS Generic HyperLink buffer overflow attempt (os-windows.rules)
 * 1:1742 <-> DISABLED <-> SERVER-WEBAPP Blahz-DNS dostuff.php modify user attempt (server-webapp.rules)
 * 1:17420 <-> DISABLED <-> SERVER-WEBAPP Citrix Program Neighborhood Agent Arbitrary Shortcut Creation attempt (server-webapp.rules)
 * 1:17423 <-> DISABLED <-> SERVER-WEBAPP Citrix Program Neighborhood Agent Buffer Overflow attempt (server-webapp.rules)
 * 1:17425 <-> ENABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer ActiveX Import playlist name buffer overflow attempt (browser-plugins.rules)
 * 1:17427 <-> DISABLED <-> SERVER-ORACLE Oracle database DBMS_Scheduler privilege escalation attempt (server-oracle.rules)
 * 1:1743 <-> DISABLED <-> SERVER-WEBAPP Blahz-DNS dostuff.php access (server-webapp.rules)
 * 1:17432 <-> DISABLED <-> SERVER-WEBAPP Squid Gopher protocol handling buffer overflow attempt (server-webapp.rules)
 * 1:17435 <-> DISABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP umpnpmgr PNP_GetDeviceList attempt (os-windows.rules)
 * 1:17436 <-> ENABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP umpnpmgr PNP_GetDeviceListSize attempt (os-windows.rules)
 * 1:17437 <-> DISABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP umpnpmgr PNP_GetDeviceList attempt (os-windows.rules)
 * 1:17438 <-> ENABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP umpnpmgr PNP_GetDeviceListSize attempt (os-windows.rules)
 * 1:1744 <-> DISABLED <-> SERVER-WEBAPP SecureSite authentication bypass attempt (server-webapp.rules)
 * 1:17447 <-> DISABLED <-> SERVER-WEBAPP 407 Proxy Authentication Required (server-webapp.rules)
 * 1:17449 <-> DISABLED <-> SERVER-WEBAPP Novell ZENworks patch management SQL injection attempt (server-webapp.rules)
 * 1:1745 <-> DISABLED <-> SERVER-WEBAPP Messagerie supp_membre.php access (server-webapp.rules)
 * 1:17450 <-> DISABLED <-> SERVER-WEBAPP CommuniGate Systems CommuniGate Pro LDAP Server buffer overflow attempt (server-webapp.rules)
 * 1:17464 <-> DISABLED <-> BROWSER-PLUGINS AOL Radio AmpX ActiveX clsid access (browser-plugins.rules)
 * 1:17466 <-> DISABLED <-> BROWSER-PLUGINS IBM Lotus Domino Web Access 7 ActiveX exploit attempt (browser-plugins.rules)
 * 1:17486 <-> DISABLED <-> SERVER-WEBAPP Trend Micro Control Manager Chunked overflow attempt (server-webapp.rules)
 * 1:17521 <-> DISABLED <-> SERVER-OTHER GoodTech SSH Server SFTP Processing Buffer Overflow (server-other.rules)
 * 1:17530 <-> ENABLED <-> SERVER-OTHER HP OpenView Storage Data Protector Stack Buffer Overflow (server-other.rules)
 * 1:17534 <-> DISABLED <-> SERVER-OTHER IPP Application Content (server-other.rules)
 * 1:17535 <-> ENABLED <-> SERVER-OTHER Apple CUPS Text to PostScript Filter Integer Overflow attempt (server-other.rules)
 * 1:17536 <-> DISABLED <-> SERVER-WEBAPP Free Download Manager Remote Control Server HTTP Auth Header buffer overflow attempt (server-webapp.rules)
 * 1:17545 <-> ENABLED <-> BROWSER-PLUGINS Lotus Domino Web Access ActiveX Controls buffer overflow attempt (browser-plugins.rules)
 * 1:17551 <-> DISABLED <-> PUA-OTHER Microsoft MSN Messenger and Windows Live Messenger Code Execution attempt (pua-other.rules)
 * 1:17555 <-> ENABLED <-> BROWSER-PLUGINS Macrovision InstallShield Update Service ActiveX exploit attempt (browser-plugins.rules)
 * 1:17557 <-> DISABLED <-> BROWSER-PLUGINS Novell iPrint ActiveX operation parameter overflow (browser-plugins.rules)
 * 1:17562 <-> ENABLED <-> FILE-OTHER Oracle Java Runtime Environment Pack200 Decompression Integer Overflow attempt (file-other.rules)
 * 1:1757 <-> DISABLED <-> SERVER-WEBAPP b2 arbitrary command execution attempt (server-webapp.rules)
 * 1:17571 <-> ENABLED <-> BROWSER-PLUGINS obfuscated instantiation of ActiveX object - likely malicious (browser-plugins.rules)
 * 1:17575 <-> DISABLED <-> BROWSER-PLUGINS SizerOne 2 ActiveX clsid access (browser-plugins.rules)
 * 1:17582 <-> DISABLED <-> BROWSER-PLUGINS Symantec Norton AntiVirus CcErrDisp ActiveX function call access (browser-plugins.rules)
 * 1:17586 <-> DISABLED <-> FILE-OTHER Oracle Java Web Start malicious parameter value (file-other.rules)
 * 1:17587 <-> DISABLED <-> BROWSER-PLUGINS Adobe Multiple Product AcroPDF.PDF ActiveX exploit attempt (browser-plugins.rules)
 * 1:17588 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Install Engine ActiveX clsid access (browser-plugins.rules)
 * 1:17592 <-> DISABLED <-> BROWSER-PLUGINS Microsoft MyInfo.dll ActiveX clsid access (browser-plugins.rules)
 * 1:17593 <-> ENABLED <-> BROWSER-PLUGINS Microsoft msdxm.ocx ActiveX clsid access (browser-plugins.rules)
 * 1:17594 <-> ENABLED <-> BROWSER-PLUGINS Microsoft creator.dll 1 ActiveX clsid access (browser-plugins.rules)
 * 1:17595 <-> ENABLED <-> BROWSER-PLUGINS Microsoft creator.dll 2 ActiveX clsid access (browser-plugins.rules)
 * 1:17596 <-> ENABLED <-> BROWSER-PLUGINS Microsoft ciodm.dll ActiveX clsid access (browser-plugins.rules)
 * 1:17597 <-> ENABLED <-> SERVER-WEBAPP TikiWiki jhot.php script file upload attempt (server-webapp.rules)
 * 1:17609 <-> ENABLED <-> SERVER-WEBAPP Oracle Java Web Server Webdav Stack Buffer Overflow attempt (server-webapp.rules)
 * 1:17614 <-> ENABLED <-> BROWSER-PLUGINS SAP GUI SAPBExCommonResources ActiveX clsid access (browser-plugins.rules)
 * 1:17616 <-> ENABLED <-> BROWSER-PLUGINS SAP GUI SAPBExCommonResources ActiveX function call access (browser-plugins.rules)
 * 1:17631 <-> ENABLED <-> FILE-OTHER Oracle Java Web Start JNLP java-vm-args buffer overflow attempt (file-other.rules)
 * 1:17651 <-> DISABLED <-> FILE-OTHER Multiple AV vendor invalid archive checksum bypass attempt (file-other.rules)
 * 1:17654 <-> ENABLED <-> BROWSER-PLUGINS Facebook Photo Uploader ActiveX exploit attempt (browser-plugins.rules)
 * 1:1766 <-> DISABLED <-> SERVER-WEBAPP search.dll directory listing attempt (server-webapp.rules)
 * 1:17669 <-> ENABLED <-> SERVER-ORACLE Oracle Application Server 10g OPMN service format string vulnerability exploit attempt (server-oracle.rules)
 * 1:1767 <-> DISABLED <-> SERVER-WEBAPP search.dll access (server-webapp.rules)
 * 1:17670 <-> DISABLED <-> BROWSER-PLUGINS BigAnt Office Manager ActiveX clsid access (browser-plugins.rules)
 * 1:17672 <-> DISABLED <-> BROWSER-PLUGINS BigAnt Office Manager ActiveX function call access (browser-plugins.rules)
 * 1:17674 <-> DISABLED <-> BROWSER-PLUGINS Skype Extras Manager ActiveX clsid access (browser-plugins.rules)
 * 1:17676 <-> DISABLED <-> BROWSER-PLUGINS Skype Extras Manager ActiveX function call access (browser-plugins.rules)
 * 1:1769 <-> DISABLED <-> SERVER-WEBAPP .DS_Store access (server-webapp.rules)
 * 1:17698 <-> DISABLED <-> SERVER-MAIL RealNetworks RealPlayer wav chunk string overflow attempt in email (server-mail.rules)
 * 1:1770 <-> DISABLED <-> SERVER-WEBAPP .FBCIndex access (server-webapp.rules)
 * 1:17701 <-> ENABLED <-> BROWSER-PLUGINS Office Viewer ActiveX arbitrary command execution attempt (browser-plugins.rules)
 * 1:17704 <-> DISABLED <-> FILE-OTHER McAfee LHA file parsing buffer overflow attempt (file-other.rules)
 * 1:17706 <-> DISABLED <-> SERVER-OTHER Veritas NetBackup java user interface service format string attack attempt (server-other.rules)
 * 1:17712 <-> DISABLED <-> OS-WINDOWS TFTP PUT Microsoft RIS filename overwrite attempt (os-windows.rules)
 * 1:17716 <-> DISABLED <-> SERVER-MAIL IBM Lotus Notes DOC attachment viewer buffer overflow (server-mail.rules)
 * 1:17718 <-> DISABLED <-> SERVER-ORACLE Oracle MDSYS drop table trigger injection attempt (server-oracle.rules)
 * 1:17723 <-> ENABLED <-> OS-WINDOWS possible SMB replay attempt - overlapping encryption keys detected (os-windows.rules)
 * 1:17724 <-> DISABLED <-> OS-WINDOWS malicious ASP file upload attempt (os-windows.rules)
 * 1:1773 <-> DISABLED <-> SERVER-WEBAPP php.exe access (server-webapp.rules)
 * 1:17736 <-> DISABLED <-> SERVER-MAIL McAfee LHA Type-2 file handling overflow attempt (server-mail.rules)
 * 1:17737 <-> DISABLED <-> SERVER-MAIL Microsoft collaboration data objects buffer overflow attempt (server-mail.rules)
 * 1:1774 <-> DISABLED <-> SERVER-WEBAPP bb_smilies.php access (server-webapp.rules)
 * 1:17746 <-> DISABLED <-> OS-WINDOWS SMB client TRANS response Find_First2 filename overflow attempt (os-windows.rules)
 * 1:17772 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Scriptlet Component ActiveX clsid access (browser-plugins.rules)
 * 1:17777 <-> DISABLED <-> SERVER-MAIL IBM Lotus Notes WPD attachment handling buffer overflow (server-mail.rules)
 * 1:17780 <-> DISABLED <-> OS-WINDOWS CBO CBL CBM buffer overflow attempt (os-windows.rules)
 * 1:1792 <-> DISABLED <-> NNTP return code buffer overflow attempt (nntp.rules)
 * 1:1807 <-> DISABLED <-> SERVER-WEBAPP Chunked-Encoding transfer attempt (server-webapp.rules)
 * 1:18072 <-> DISABLED <-> OS-WINDOWS Microsoft Forefront UAG external redirect attempt (os-windows.rules)
 * 1:18073 <-> DISABLED <-> OS-WINDOWS Microsoft Forefront UAG arbitrary embedded scripting attempt (os-windows.rules)
 * 1:1808 <-> DISABLED <-> SERVER-WEBAPP apache chunked encoding memory corruption exploit attempt (server-webapp.rules)
 * 1:18097 <-> DISABLED <-> BROWSER-PLUGINS VMWare Remote Console Plug-In ActiveX clsid access (browser-plugins.rules)
 * 1:1810 <-> DISABLED <-> SERVER-OTHER successful gobbles ssh exploit GOBBLE (server-other.rules)
 * 1:1811 <-> DISABLED <-> SERVER-OTHER successful gobbles ssh exploit uname (server-other.rules)
 * 1:1814 <-> DISABLED <-> SERVER-WEBAPP CISCO VoIP DOS ATTEMPT (server-webapp.rules)
 * 1:1815 <-> DISABLED <-> SERVER-WEBAPP directory.php arbitrary command attempt (server-webapp.rules)
 * 1:1816 <-> DISABLED <-> SERVER-WEBAPP directory.php access (server-webapp.rules)
 * 1:18181 <-> DISABLED <-> PROTOCOL-FTP ProFTPd 1.3.3c backdoor activity (protocol-ftp.rules)
 * 1:18182 <-> DISABLED <-> PROTOCOL-FTP ProFTPd 1.3.3c backdoor help access attempt (protocol-ftp.rules)
 * 1:1819 <-> DISABLED <-> SERVER-OTHER Alcatel PABX 4400 connection attempt (server-other.rules)
 * 1:18195 <-> DISABLED <-> OS-WINDOWS SMB Negotiate Protocol response DoS attempt (os-windows.rules)
 * 1:18197 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer COleSite ActiveX memory corruption attempt (browser-plugins.rules)
 * 1:18198 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer COleSite ActiveX memory corruption attempt (browser-plugins.rules)
 * 1:18199 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer COleSite ActiveX memory corruption attempt (browser-plugins.rules)
 * 1:1820 <-> DISABLED <-> SERVER-WEBAPP IBM Net.Commerce orderdspc.d2w access (server-webapp.rules)
 * 1:18211 <-> ENABLED <-> OS-WINDOWS Microsoft Movie Maker hhctrl.ocx dll-load exploit attempt (os-windows.rules)
 * 1:18215 <-> DISABLED <-> OS-WINDOWS NETAPI RPC interface reboot attempt (os-windows.rules)
 * 1:18241 <-> ENABLED <-> BROWSER-PLUGINS Microsoft Windows WMI Administrator Tools Object Viewer ActiveX clsid access (browser-plugins.rules)
 * 1:18242 <-> ENABLED <-> BROWSER-PLUGINS Microsoft Windows WMI Administrator Tools Object Viewer ActiveX function call access (browser-plugins.rules)
 * 1:18244 <-> ENABLED <-> FILE-OTHER Oracle Java browser plugin docbase overflow attempt (file-other.rules)
 * 1:18245 <-> ENABLED <-> BROWSER-PLUGINS Oracle Java browser plugin docbase overflow attempt (browser-plugins.rules)
 * 1:1826 <-> DISABLED <-> SERVER-WEBAPP WEB-INF access (server-webapp.rules)
 * 1:18266 <-> ENABLED <-> OS-WINDOWS DCERPC NCADG-IP-UDP rpcss2_RemoteGetClassObject attempt (os-windows.rules)
 * 1:18267 <-> ENABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP rpcss2_RemoteGetClassObject attempt (os-windows.rules)
 * 1:1828 <-> DISABLED <-> SERVER-WEBAPP iPlanet Search directory traversal attempt (server-webapp.rules)
 * 1:18291 <-> ENABLED <-> SERVER-OTHER Arkeia Network Backup Client Buffer Overflow Type 77 Attempt (server-other.rules)
 * 1:18292 <-> ENABLED <-> SERVER-OTHER Arkeia Network Backup Client Buffer Overflow Type 84 Attempt (server-other.rules)
 * 1:1831 <-> DISABLED <-> SERVER-WEBAPP jigsaw dos attempt (server-webapp.rules)
 * 1:18311 <-> ENABLED <-> SERVER-WEBAPP Novell iManager getMultiPartParameters unauthorized file upload attempt (server-webapp.rules)
 * 1:18315 <-> DISABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP wkssvc NetrValidateName2 overflow attempt (os-windows.rules)
 * 1:18319 <-> DISABLED <-> NETBIOS Samba DCERPC NCACN-IP-TCP lsarpc LsarLookupSids lsa_io_trans_name heap overflow attempt (netbios.rules)
 * 1:18321 <-> DISABLED <-> BROWSER-PLUGINS SonicWall Aventail EPInterrogator ActiveX clsid access (browser-plugins.rules)
 * 1:18322 <-> DISABLED <-> BROWSER-PLUGINS SonicWall Aventail EPInterrogator ActiveX function call access (browser-plugins.rules)
 * 1:18323 <-> DISABLED <-> BROWSER-PLUGINS SonicWall Aventail EPInstaller ActiveX clsid access (browser-plugins.rules)
 * 1:18324 <-> DISABLED <-> BROWSER-PLUGINS SonicWall Aventail EPInstaller ActiveX function call access (browser-plugins.rules)
 * 1:18325 <-> DISABLED <-> BROWSER-PLUGINS Image Viewer CP Gold 6 ActiveX clsid access (browser-plugins.rules)
 * 1:18329 <-> ENABLED <-> BROWSER-PLUGINS Microsoft Windows WMI Administrator Tools Object Viewer ActiveX function call access (browser-plugins.rules)
 * 1:18333 <-> DISABLED <-> SERVER-WEBAPP phpBook date command execution attempt (server-webapp.rules)
 * 1:18334 <-> DISABLED <-> SERVER-WEBAPP phpBook mail command execution attempt (server-webapp.rules)
 * 1:1834 <-> DISABLED <-> SERVER-WEBAPP PHP-Wiki cross site scripting attempt (server-webapp.rules)
 * 1:1835 <-> DISABLED <-> SERVER-WEBAPP Macromedia SiteSpring cross site scripting attempt (server-webapp.rules)
 * 1:1839 <-> DISABLED <-> SERVER-WEBAPP mailman cross site scripting attempt (server-webapp.rules)
 * 1:18396 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Hypervisor OS-WINDOWS vfd download attempt (os-windows.rules)
 * 1:18397 <-> DISABLED <-> SERVER-OTHER HP DDMI Agent spoofing - command execution (server-other.rules)
 * 1:1840 <-> DISABLED <-> FILE-OTHER Oracle Javascript document.domain attempt (file-other.rules)
 * 1:18408 <-> ENABLED <-> OS-WINDOWS Microsoft Windows WMI tracing api integer truncation attempt (os-windows.rules)
 * 1:1841 <-> DISABLED <-> FILE-OTHER Oracle Javascript URL host spoofing attempt (file-other.rules)
 * 1:18413 <-> ENABLED <-> OS-WINDOWS Microsoft Windows WMI tracing api integer truncation attempt (os-windows.rules)
 * 1:18426 <-> DISABLED <-> FILE-OTHER Adobe Acrobat Reader plugin sqlite.dll dll-load exploit attempt (file-other.rules)
 * 1:18433 <-> DISABLED <-> FILE-OTHER Adobe Acrobat Reader d3dref9.dll dll-load exploit attempt (file-other.rules)
 * 1:18434 <-> DISABLED <-> FILE-OTHER Adobe Acrobat Reader plugin ace.dll dll-load exploit attempt (file-other.rules)
 * 1:18435 <-> DISABLED <-> FILE-OTHER Adobe Acrobat Reader plugin agm.dll dll-load exploit attempt (file-other.rules)
 * 1:18436 <-> DISABLED <-> FILE-OTHER Adobe Acrobat Reader plugin bibutils.dll dll-load exploit attempt (file-other.rules)
 * 1:18437 <-> DISABLED <-> FILE-OTHER Adobe Acrobat Reader plugin cooltype.dll dll-load exploit attempt (file-other.rules)
 * 1:18438 <-> DISABLED <-> FILE-OTHER Adobe Acrobat Reader plugin cryptocme2.dll dll-load exploit attempt (file-other.rules)
 * 1:18447 <-> ENABLED <-> FILE-FLASH Adobe OpenAction crafted URI action thru Firefox attempt (file-flash.rules)
 * 1:18460 <-> ENABLED <-> SERVER-WEBAPP Symantec Alert Management System pin number buffer overflow attempt (server-webapp.rules)
 * 1:18465 <-> DISABLED <-> SERVER-WEBAPP FreePBX recording interface file upload code execution attempt (server-webapp.rules)
 * 1:18466 <-> DISABLED <-> SERVER-WEBAPP raSMP User-Agent XSS injection attempt (server-webapp.rules)
 * 1:18467 <-> DISABLED <-> SERVER-WEBAPP raSMP User-Agent XSS injection attempt (server-webapp.rules)
 * 1:1847 <-> DISABLED <-> SERVER-WEBAPP webalizer access (server-webapp.rules)
 * 1:18470 <-> DISABLED <-> SERVER-WEBAPP Java floating point number denial of service - via URI (server-webapp.rules)
 * 1:18471 <-> DISABLED <-> SERVER-WEBAPP Java floating point number denial of service - via POST (server-webapp.rules)
 * 1:18475 <-> DISABLED <-> SERVER-WEBAPP HP Openview OvWebHelp.exe buffer overflow (server-webapp.rules)
 * 1:18476 <-> DISABLED <-> SERVER-MAIL IBM Lotus Notes DOC attachment viewer buffer overflow (server-mail.rules)
 * 1:18477 <-> DISABLED <-> SERVER-MAIL Lotus Notes MIF viewer statement data overflow 2 (server-mail.rules)
 * 1:18478 <-> DISABLED <-> SERVER-WEBAPP miniBB rss.php premodDir remote file include attempt (server-webapp.rules)
 * 1:18479 <-> DISABLED <-> SERVER-WEBAPP miniBB rss.php pathToFiles remote file include attempt (server-webapp.rules)
 * 1:1848 <-> DISABLED <-> SERVER-WEBAPP webcart-lite access (server-webapp.rules)
 * 1:18480 <-> DISABLED <-> SERVER-WEBAPP HP openview network node manager ovlogin.exe buffer overflow - userid parameter (server-webapp.rules)
 * 1:18481 <-> DISABLED <-> SERVER-WEBAPP HP openview network node manager ovlogin.exe buffer overflow - password parameter (server-webapp.rules)
 * 1:18489 <-> DISABLED <-> FILE-OTHER Adobe Photoshop wintab32.dll dll-load exploit attempt (file-other.rules)
 * 1:1849 <-> DISABLED <-> SERVER-WEBAPP webfind.exe access (server-webapp.rules)
 * 1:18490 <-> DISABLED <-> BROWSER-PLUGINS Whale Client Components ActiveX clsid access (browser-plugins.rules)
 * 1:18491 <-> DISABLED <-> BROWSER-PLUGINS Whale Client Components ActiveX ProgID access (browser-plugins.rules)
 * 1:18494 <-> DISABLED <-> OS-WINDOWS Microsoft product .dll dll-load exploit attempt (os-windows.rules)
 * 1:18500 <-> DISABLED <-> OS-WINDOWS Microsoft Groove mso.dll dll-load exploit attempt (os-windows.rules)
 * 1:1851 <-> DISABLED <-> SERVER-WEBAPP active.log access (server-webapp.rules)
 * 1:1852 <-> DISABLED <-> SERVER-WEBAPP robots.txt access (server-webapp.rules)
 * 1:18530 <-> ENABLED <-> FILE-OTHER Adobe Premier Pro ibfs32.dll dll-load exploit attempt (file-other.rules)
 * 1:18532 <-> DISABLED <-> OS-WINDOWS Multiple Vendors iacenc.dll dll-load exploit attempt (os-windows.rules)
 * 1:18542 <-> ENABLED <-> BROWSER-PLUGINS Microsoft Windows Media Player ActiveX unknow compression algorithm use arbitrary code execution attempt (browser-plugins.rules)
 * 1:18555 <-> DISABLED <-> SERVER-OTHER VERITAS NetBackup java authentication service format string exploit attempt (server-other.rules)
 * 1:18556 <-> DISABLED <-> SERVER-WEBAPP Symantec IM manager IMAdminReportTrendFormRun.asp sql injection attempt (server-webapp.rules)
 * 1:18559 <-> ENABLED <-> SERVER-WEBAPP HP OpenView Performance Insight Server backdoor account code execution attempt (server-webapp.rules)
 * 1:18560 <-> ENABLED <-> SERVER-WEBAPP HP OpenView Performance Insight Server backdoor account code execution attempt (server-webapp.rules)
 * 1:1857 <-> DISABLED <-> SERVER-WEBAPP robot.txt access (server-webapp.rules)
 * 1:18574 <-> DISABLED <-> SERVER-MAIL RCPT TO overflow (server-mail.rules)
 * 1:18578 <-> ENABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer RMOC3260.DLL cdda URI overflow attempt (browser-plugins.rules)
 * 1:18579 <-> ENABLED <-> SERVER-WEBAPP HP OpenView Network Node Manager OpenView5 CGI buffer overflow attempt (server-webapp.rules)
 * 1:1858 <-> DISABLED <-> SERVER-WEBAPP CISCO PIX Firewall Manager directory traversal attempt (server-webapp.rules)
 * 1:18586 <-> DISABLED <-> SERVER-WEBAPP Visuplay CMS news_article.php unspecified SQL injection attempt  (server-webapp.rules)
 * 1:18587 <-> ENABLED <-> SERVER-OTHER HP OpenView Storage Data Protector Stack Buffer Overflow (server-other.rules)
 * 1:1859 <-> DISABLED <-> SERVER-WEBAPP Oracle JavaServer default password login attempt (server-webapp.rules)
 * 1:18590 <-> DISABLED <-> OS-WINDOWS Outlook Express WAB file parsing buffer overflow attempt (os-windows.rules)
 * 1:18592 <-> DISABLED <-> BROWSER-PLUGINS Yahoo Music Jukebox ActiveX exploit (browser-plugins.rules)
 * 1:18594 <-> DISABLED <-> BROWSER-PLUGINS Trend Micro Web Deployment ActiveX clsid access (browser-plugins.rules)
 * 1:18595 <-> DISABLED <-> BROWSER-PLUGINS Trend Micro Web Deployment ActiveX clsid access (browser-plugins.rules)
 * 1:18598 <-> DISABLED <-> SERVER-OTHER GoodTech SSH Server SFTP Processing Buffer Overflow (server-other.rules)
 * 1:1860 <-> DISABLED <-> SERVER-WEBAPP Linksys router default password login attempt (server-webapp.rules)
 * 1:18601 <-> ENABLED <-> BROWSER-PLUGINS Microsoft Common Controls Animation Object ActiveX clsid access (browser-plugins.rules)
 * 1:18603 <-> DISABLED <-> SERVER-MAIL IBM Lotus Notes Applix Graphics Parsing Buffer Overflow (server-mail.rules)
 * 1:1861 <-> DISABLED <-> SERVER-WEBAPP Linksys router default username and password login attempt (server-webapp.rules)
 * 1:18611 <-> DISABLED <-> SERVER-WEBAPP Oracle Java Web Server Webdav Stack Buffer Overflow attempt (server-webapp.rules)
 * 1:18612 <-> DISABLED <-> SERVER-WEBAPP Oracle Java Web Server Webdav Stack Buffer Overflow attempt (server-webapp.rules)
 * 1:18613 <-> ENABLED <-> SERVER-WEBAPP Oracle Java Web Server Webdav Stack Buffer Overflow attempt (server-webapp.rules)
 * 1:18624 <-> ENABLED <-> OS-WINDOWS Microsoft Windows .NET framework optimizer escalation attempt (os-windows.rules)
 * 1:18625 <-> DISABLED <-> OS-WINDOWS Microsoft Foundation Class applications mfc40.dll dll-load exploit attempt (os-windows.rules)
 * 1:18626 <-> DISABLED <-> OS-WINDOWS Microsoft Foundation Class applications mfc42.dll dll-load exploit attempt (os-windows.rules)
 * 1:18627 <-> DISABLED <-> OS-WINDOWS Microsoft Foundation Class applications mfc80.dll dll-load exploit attempt (os-windows.rules)
 * 1:18628 <-> DISABLED <-> OS-WINDOWS Microsoft Foundation Class applications mfc90.dll dll-load exploit attempt (os-windows.rules)
 * 1:18629 <-> DISABLED <-> OS-WINDOWS Microsoft Foundation Class applications mfc100.dll dll-load exploit attempt (os-windows.rules)
 * 1:18668 <-> ENABLED <-> BROWSER-PLUGINS Microsoft Windows Messenger ActiveX clsid access (browser-plugins.rules)
 * 1:18678 <-> DISABLED <-> SERVER-WEBAPP osCommerce categories.php Arbitrary File Upload And Code Execution (server-webapp.rules)
 * 1:1871 <-> DISABLED <-> SERVER-WEBAPP Oracle XSQLConfig.xml access (server-webapp.rules)
 * 1:1872 <-> DISABLED <-> SERVER-WEBAPP Oracle Dynamic Monitoring Services dms access (server-webapp.rules)
 * 1:1873 <-> DISABLED <-> SERVER-WEBAPP globals.jsa access (server-webapp.rules)
 * 1:1874 <-> DISABLED <-> SERVER-WEBAPP Oracle Java Process Manager access (server-webapp.rules)
 * 1:18741 <-> DISABLED <-> BROWSER-PLUGINS CrystalReports EnterpriseControls ActiveX clsid access (browser-plugins.rules)
 * 1:18742 <-> DISABLED <-> SERVER-WEBAPP IBM WebSphere Expect header cross-site scripting (server-webapp.rules)
 * 1:18743 <-> DISABLED <-> SERVER-WEBAPP VLC player web interface format string attack (server-webapp.rules)
 * 1:18745 <-> ENABLED <-> SERVER-WEBAPP HP Power Manager formExportDataLogs buffer overflow attempt (server-webapp.rules)
 * 1:18751 <-> DISABLED <-> SERVER-WEBAPP Samba SWAT HTTP Authentication overflow attempt (server-webapp.rules)
 * 1:18759 <-> ENABLED <-> SERVER-WEBAPP HP OpenView Network Node Manager ovwebsnmpsrv.exe displayWidth buffer overflow attempt - POST (server-webapp.rules)
 * 1:18760 <-> ENABLED <-> SERVER-WEBAPP HP OpenView Network Node Manager ovwebsnmpsrv.exe displayWidth buffer overflow attempt - GET (server-webapp.rules)
 * 1:18765 <-> ENABLED <-> SERVER-MAIL Majordomo2 smtp directory traversal attempt (server-mail.rules)
 * 1:18768 <-> ENABLED <-> SERVER-MAIL Novell GroupWise internet agent RRULE parsing buffer overflow attempt (server-mail.rules)
 * 1:18792 <-> ENABLED <-> SERVER-WEBAPP Novell ZENworks Configuration Management UploadServlet code execution attempt (server-webapp.rules)
 * 1:18793 <-> ENABLED <-> SERVER-WEBAPP Novell ZENworks Configuration Management UploadServlet code execution attempt (server-webapp.rules)
 * 1:18794 <-> ENABLED <-> SERVER-WEBAPP RedHat JBoss Enterprise Application Platform JMX authentication bypass attempt (server-webapp.rules)
 * 1:18795 <-> ENABLED <-> SERVER-WEBAPP HP OpenView Network Node Manager ovet_demandpoll.exe format string execution attempt (server-webapp.rules)
 * 1:18796 <-> DISABLED <-> SERVER-WEBAPP Novell iManager ClassName handling overflow attempt (server-webapp.rules)
 * 1:18797 <-> ENABLED <-> SERVER-WEBAPP Oracle Secure Backup Administration property_box.php other variable command execution attempt (server-webapp.rules)
 * 1:1880 <-> DISABLED <-> SERVER-WEBAPP oracle web application server access (server-webapp.rules)
 * 1:18802 <-> ENABLED <-> SERVER-WEBAPP HP Power Manager formExportDataLogs directory traversal attempt (server-webapp.rules)
 * 1:18803 <-> DISABLED <-> SERVER-WEBAPP Oracle Java Runtime CMM readMabCurveData buffer overflow attempt (server-webapp.rules)
 * 1:18804 <-> DISABLED <-> SERVER-WEBAPP OpenLDAP Modrdn utf-8 string code execution attempt (server-webapp.rules)
 * 1:18808 <-> DISABLED <-> SERVER-MAIL Ipswitch IMail Server List Mailer Reply-To address buffer overflow attempt (server-mail.rules)
 * 1:1881 <-> DISABLED <-> SERVER-WEBAPP bad HTTP/1.1 request, Potentially worm attack (server-webapp.rules)
 * 1:1887 <-> DISABLED <-> SERVER-OTHER OpenSSL Worm traffic (server-other.rules)
 * 1:18902 <-> DISABLED <-> SERVER-WEBAPP Novell Teaming ajaxUploadImageFile remote code execution attempt (server-webapp.rules)
 * 1:18904 <-> DISABLED <-> BROWSER-PLUGINS KingView ActiveX clsid access (browser-plugins.rules)
 * 1:18905 <-> ENABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18906 <-> ENABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18907 <-> ENABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18908 <-> ENABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18909 <-> ENABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18910 <-> ENABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18911 <-> ENABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18912 <-> ENABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18913 <-> ENABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18914 <-> ENABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18915 <-> ENABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18916 <-> ENABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18917 <-> ENABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18918 <-> ENABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18919 <-> ENABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18920 <-> ENABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18921 <-> ENABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18922 <-> ENABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18923 <-> ENABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18924 <-> ENABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18925 <-> ENABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18930 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Network Node Manager nnmRptConfig.exe Template format string code execution attempt (server-webapp.rules)
 * 1:18932 <-> ENABLED <-> SERVER-WEBAPP Jboss default configuration unauthorized application add attempt (server-webapp.rules)
 * 1:1894 <-> DISABLED <-> INDICATOR-SHELLCODE kadmind buffer overflow attempt (indicator-shellcode.rules)
 * 1:1895 <-> DISABLED <-> INDICATOR-SHELLCODE kadmind buffer overflow attempt (indicator-shellcode.rules)
 * 1:18959 <-> DISABLED <-> SERVER-WEBAPP VMware SpringSource Spring Framework class.classloader remote code execution attempt (server-webapp.rules)
 * 1:1896 <-> DISABLED <-> INDICATOR-SHELLCODE kadmind buffer overflow attempt (indicator-shellcode.rules)
 * 1:1897 <-> DISABLED <-> INDICATOR-SHELLCODE kadmind buffer overflow attempt (indicator-shellcode.rules)
 * 1:18974 <-> DISABLED <-> BROWSER-PLUGINS SAP Crystal Reports PrintControl.dll ActiveX clsid access (browser-plugins.rules)
 * 1:18975 <-> DISABLED <-> BROWSER-PLUGINS SAP Crystal Reports PrintControl.dll ActiveX function call access (browser-plugins.rules)
 * 1:1898 <-> DISABLED <-> INDICATOR-SHELLCODE kadmind buffer overflow attempt (indicator-shellcode.rules)
 * 1:1899 <-> DISABLED <-> INDICATOR-SHELLCODE kadmind buffer overflow attempt (indicator-shellcode.rules)
 * 1:18993 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Network Node Manager server name exploit attempt (server-webapp.rules)
 * 1:18997 <-> DISABLED <-> OS-LINUX Linux kernel sctp_rcv_ootb invalid chunk length DoS attempt (os-linux.rules)
 * 1:18998 <-> DISABLED <-> SERVER-WEBAPP HP OpenView NNM ovwebsnmpsrv.exe command line argument buffer overflow attempt (server-webapp.rules)
 * 1:18999 <-> DISABLED <-> SERVER-WEBAPP HP OpenView NNM webappmon.exe buffer overflow attempt (server-webapp.rules)
 * 1:19085 <-> DISABLED <-> BROWSER-PLUGINS LEADTOOLS Raster Twain LtocxTwainu.dll ActiveX clsid access (browser-plugins.rules)
 * 1:19086 <-> DISABLED <-> BROWSER-PLUGINS LEADTOOLS Raster Twain LtocxTwainu.dll ActiveX function call (browser-plugins.rules)
 * 1:19100 <-> DISABLED <-> FILE-OTHER Oracle Java Soundbank resource name overflow attempt (file-other.rules)
 * 1:19101 <-> DISABLED <-> SERVER-ORACLE Oracle Java Web Server Admin Server denial of service attempt (server-oracle.rules)
 * 1:19102 <-> DISABLED <-> BROWSER-PLUGINS Symantec CLIProxy.dll ActiveX clsid access (browser-plugins.rules)
 * 1:19103 <-> DISABLED <-> BROWSER-PLUGINS Symantec CLIProxy.dll ActiveX function call access (browser-plugins.rules)
 * 1:19104 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector Cell Manager heap overflow attempt (server-other.rules)
 * 1:19106 <-> DISABLED <-> MALWARE-OTHER Keylogger Ardamax keylogger runtime detection - http (malware-other.rules)
 * 1:19108 <-> DISABLED <-> BROWSER-PLUGINS SonicWall Aventail EPInstaller ActiveX clsid access (browser-plugins.rules)
 * 1:19109 <-> DISABLED <-> BROWSER-PLUGINS SonicWall Aventail EPInstaller ActiveX function call access (browser-plugins.rules)
 * 1:19110 <-> ENABLED <-> SERVER-WEBAPP IBM Rational Quality Manager and Test Lab Manager policy bypass attempt (server-webapp.rules)
 * 1:19137 <-> ENABLED <-> SERVER-WEBAPP HP OpenView NNM getnnmdata.exe CGI ICount parameter buffer overflow attempt (server-webapp.rules)
 * 1:19138 <-> ENABLED <-> SERVER-WEBAPP HP OpenView NNM getnnmdata.exe CGI hostname parameter buffer overflow attempt (server-webapp.rules)
 * 1:19139 <-> ENABLED <-> SERVER-WEBAPP HP OpenView NNM getnnmdata.exe CGI MaxAge parameter buffer overflow attempt (server-webapp.rules)
 * 1:19140 <-> ENABLED <-> SERVER-WEBAPP HP OpenView NNM snmpviewer.exe CGI parameter buffer overflow attempt (server-webapp.rules)
 * 1:19142 <-> DISABLED <-> SERVER-WEBAPP Symantec IM Manager IMAdminScheduleReport.asp SQL injection attempt (server-webapp.rules)
 * 1:19151 <-> DISABLED <-> BROWSER-PLUGINS Trend Micro HouseCall ActiveX clsid access (browser-plugins.rules)
 * 1:19152 <-> DISABLED <-> BROWSER-PLUGINS Trend Micro HouseCall ActiveX function call access (browser-plugins.rules)
 * 1:19155 <-> ENABLED <-> SERVER-WEBAPP HP Data Protector Media Operations SignInName Parameter overflow attempt (server-webapp.rules)
 * 1:19168 <-> ENABLED <-> SERVER-WEBAPP Oracle GoldenGate Veridata Server soap request overflow attempt (server-webapp.rules)
 * 1:19176 <-> DISABLED <-> SERVER-WEBAPP cookiejacking attempt (server-webapp.rules)
 * 1:19177 <-> DISABLED <-> SERVER-WEBAPP cookiejacking attempt (server-webapp.rules)
 * 1:19189 <-> DISABLED <-> OS-WINDOWS SMB-DS Trans2 Distributed File System response PathConsumed integer overflow attempt (os-windows.rules)
 * 1:19191 <-> DISABLED <-> OS-WINDOWS SMB2 zero length write attempt (os-windows.rules)
 * 1:19193 <-> DISABLED <-> BROWSER-PLUGINS Oracle Document Capture ActiveX clsid access (browser-plugins.rules)
 * 1:19194 <-> DISABLED <-> BROWSER-PLUGINS Oracle Document Capture ActiveX function call access (browser-plugins.rules)
 * 1:19195 <-> DISABLED <-> BROWSER-PLUGINS Oracle Document Capture ActiveX function call access (browser-plugins.rules)
 * 1:19197 <-> DISABLED <-> BROWSER-PLUGINS CA Internet Security Suite XMLSecDB ActiveX clsid access (browser-plugins.rules)
 * 1:19198 <-> DISABLED <-> BROWSER-PLUGINS CA Internet Security Suite XMLSecDB ActiveX function call access (browser-plugins.rules)
 * 1:19199 <-> DISABLED <-> OS-WINDOWS Smb2Create_Finalize malformed EndOfFile field exploit attempt (os-windows.rules)
 * 1:19209 <-> ENABLED <-> SERVER-WEBAPP Symantec Alert Management System modem string buffer overflow attempt (server-webapp.rules)
 * 1:19221 <-> DISABLED <-> OS-WINDOWS SMB-DS Trans2 Distributed File System response PathConsumed integer overflow attempt (os-windows.rules)
 * 1:19228 <-> DISABLED <-> SERVER-WEBAPP Oracle Secure Backup Administration preauth variable command injection attempt (server-webapp.rules)
 * 1:19290 <-> ENABLED <-> FILE-OTHER Microsoft LNK shortcut arbitary dll load attempt (file-other.rules)
 * 1:19304 <-> DISABLED <-> BROWSER-PLUGINS Oracle EasyMail ActiveX clsid access (browser-plugins.rules)
 * 1:19305 <-> DISABLED <-> BROWSER-PLUGINS Oracle EasyMail ActiveX function call access (browser-plugins.rules)
 * 1:19314 <-> DISABLED <-> OS-WINDOWS Groove GroovePerfmon.dll dll-load exploit attempt (os-windows.rules)
 * 1:19318 <-> DISABLED <-> MALWARE-OTHER LOIC UDP default U dun goofed attack (malware-other.rules)
 * 1:19319 <-> DISABLED <-> MALWARE-OTHER LOIC TDP default U dun goofed attack (malware-other.rules)
 * 1:19324 <-> DISABLED <-> MALWARE-OTHER Keylogger WL-Keylogger inbound connection (malware-other.rules)
 * 1:19325 <-> DISABLED <-> MALWARE-OTHER Keylogger WL-Keylogger outbound connection (malware-other.rules)
 * 1:19392 <-> DISABLED <-> MALWARE-OTHER Keylogger Monitor.win32.perflogger (malware-other.rules)
 * 1:19393 <-> DISABLED <-> MALWARE-OTHER Keylogger Monitor.win32.perflogger (malware-other.rules)
 * 1:1943 <-> DISABLED <-> SERVER-WEBAPP /Carello/add.exe access (server-webapp.rules)
 * 1:1944 <-> DISABLED <-> SERVER-WEBAPP /ecscripts/ecware.exe access (server-webapp.rules)
 * 1:19441 <-> ENABLED <-> SERVER-WEBAPP Oracle Virtual Server Agent command injection attempt (server-webapp.rules)
 * 1:1946 <-> DISABLED <-> SERVER-WEBAPP answerbook2 admin attempt (server-webapp.rules)
 * 1:19464 <-> DISABLED <-> OS-WINDOWS Microsoft CSRSS integer overflow attempt (os-windows.rules)
 * 1:19465 <-> DISABLED <-> OS-WINDOWS Visio mfc71 dll-load exploit attempt (os-windows.rules)
 * 1:19467 <-> DISABLED <-> OS-WINDOWS Microsoft CSRSS NULL Fontface pointer attempt (os-windows.rules)
 * 1:19468 <-> DISABLED <-> OS-WINDOWS Microsoft stale data code execution attempt (os-windows.rules)
 * 1:19469 <-> DISABLED <-> OS-WINDOWS Microsoft invalid message kernel-mode memory disclosure attempt (os-windows.rules)
 * 1:1947 <-> DISABLED <-> SERVER-WEBAPP answerbook2 arbitrary command execution attempt (server-webapp.rules)
 * 1:19553 <-> ENABLED <-> SERVER-WEBAPP phpMyAdmin session_to_unset session variable injection attempt (server-webapp.rules)
 * 1:19558 <-> DISABLED <-> SERVER-WEBAPP JBoss expression language actionOutcome remote code execution (server-webapp.rules)
 * 1:19561 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer ieframe.dll ActiveX clsid access (browser-plugins.rules)
 * 1:19562 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealGames InstallerDlg.dll ActiveX clsid access (browser-plugins.rules)
 * 1:19563 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealGames InstallerDlg.dll ActiveX function call access (browser-plugins.rules)
 * 1:19564 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealGames InstallerDlg.dll ActiveX clsid access (browser-plugins.rules)
 * 1:19565 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealGames InstallerDlg.dll ActiveX function call access (browser-plugins.rules)
 * 1:19603 <-> DISABLED <-> FILE-OTHER Oracle Java Runtime Environment .hotspotrc file load exploit attempt (file-other.rules)
 * 1:19604 <-> DISABLED <-> FILE-OTHER Oracle Java Runtime Environment .hotspot_compiler file load exploit attempt (file-other.rules)
 * 1:19610 <-> DISABLED <-> BROWSER-PLUGINS ShockwaveFlash.ShockwaveFlash ActiveX function call access (browser-plugins.rules)
 * 1:19617 <-> DISABLED <-> FILE-OTHER Adobe Audition assist.dll dll-load exploit attempt (file-other.rules)
 * 1:19618 <-> DISABLED <-> FILE-OTHER Adobe multiple products dwmapi.dll dll-load exploit attempt (file-other.rules)
 * 1:19645 <-> DISABLED <-> SERVER-WEBAPP cross-site scripting attempt via form data attempt (server-webapp.rules)
 * 1:19650 <-> DISABLED <-> BROWSER-PLUGINS Cisco AnyConnect ActiveX clsid access (browser-plugins.rules)
 * 1:19651 <-> DISABLED <-> BROWSER-PLUGINS Cisco AnyConnect ActiveX function call access (browser-plugins.rules)
 * 1:19653 <-> ENABLED <-> SERVER-WEBAPP Wordpress timthumb.php theme remote file include attack attempt (server-webapp.rules)
 * 1:1967 <-> DISABLED <-> SERVER-WEBAPP phpbb quick-reply.php arbitrary command attempt (server-webapp.rules)
 * 1:19673 <-> DISABLED <-> OS-WINDOWS Microsoft Data Access Components bidlab.dll dll-load exploit attempt (os-windows.rules)
 * 1:19677 <-> DISABLED <-> OS-WINDOWS Microsoft Windows DNS NAPTR remote unauthenticated code execution vulnerability attempt (os-windows.rules)
 * 1:1968 <-> DISABLED <-> SERVER-WEBAPP phpbb quick-reply.php access (server-webapp.rules)
 * 1:19684 <-> DISABLED <-> FILE-OTHER Adobe CFF font storage memory corruption attempt (file-other.rules)
 * 1:1969 <-> DISABLED <-> SERVER-WEBAPP ion-p access (server-webapp.rules)
 * 1:19741 <-> DISABLED <-> MALWARE-OTHER PWS.Win32.Scofted keylogger runtime detection (malware-other.rules)
 * 1:1977 <-> DISABLED <-> SERVER-WEBAPP xp_regwrite attempt (server-webapp.rules)
 * 1:19779 <-> ENABLED <-> SERVER-WEBAPP sqlmap SQL injection scan attempt (server-webapp.rules)
 * 1:1978 <-> DISABLED <-> SERVER-WEBAPP xp_regdeletekey attempt (server-webapp.rules)
 * 1:1979 <-> DISABLED <-> SERVER-WEBAPP perl post attempt (server-webapp.rules)
 * 1:19813 <-> DISABLED <-> SERVER-WEBAPP Novell File Reporter Agent XMLK parsing stack bugger overflow attempt (server-webapp.rules)
 * 1:19826 <-> ENABLED <-> SERVER-WEBAPP HP Power Manager remote code execution attempt (server-webapp.rules)
 * 1:19869 <-> DISABLED <-> MALWARE-TOOLS Anonymous PHP RefRef DoS tool (malware-tools.rules)
 * 1:1987 <-> DISABLED <-> SERVER-OTHER xfs overflow attempt (server-other.rules)
 * 1:19870 <-> DISABLED <-> MALWARE-TOOLS Anonymous Perl RefRef DoS tool (malware-tools.rules)
 * 1:19893 <-> ENABLED <-> BROWSER-PLUGINS Microsoft Windows Tabular Control ActiveX overflow by CLSID / param tag (browser-plugins.rules)
 * 1:19899 <-> DISABLED <-> MALWARE-OTHER Tong Keylogger outbound connectiooutbound connection (malware-other.rules)
 * 1:19900 <-> DISABLED <-> MALWARE-OTHER Tong Keylogger outbound connection (malware-other.rules)
 * 1:19901 <-> DISABLED <-> MALWARE-OTHER Tong Keylogger outbound connection (malware-other.rules)
 * 1:19909 <-> DISABLED <-> BROWSER-PLUGINS Cisco AnyConnect ActiveX clsid access (browser-plugins.rules)
 * 1:19925 <-> DISABLED <-> BROWSER-PLUGINS Novell iPrint ActiveX client browser plugin call-back-url buffer overflow attempt (browser-plugins.rules)
 * 1:19926 <-> ENABLED <-> FILE-OTHER Oracle Java Runtime AWT setDiffICM stack buffer overflow attempt (file-other.rules)
 * 1:19933 <-> DISABLED <-> SERVER-WEBAPP DirBuster brute forcing tool detected (server-webapp.rules)
 * 1:1997 <-> DISABLED <-> SERVER-WEBAPP read_body.php access attempt (server-webapp.rules)
 * 1:19972 <-> DISABLED <-> OS-WINDOWS SMB client TRANS response paramcount overflow attempt (os-windows.rules)
 * 1:1998 <-> DISABLED <-> SERVER-WEBAPP calendar.php access (server-webapp.rules)
 * 1:1999 <-> DISABLED <-> SERVER-WEBAPP edit_image.php access (server-webapp.rules)
 * 1:2000 <-> DISABLED <-> SERVER-WEBAPP readmsg.php access (server-webapp.rules)
 * 1:20013 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Network Node Manager webappmon.exe host header buffer overflow attempt (server-webapp.rules)
 * 1:2002 <-> DISABLED <-> SERVER-WEBAPP remote include path (server-webapp.rules)
 * 1:20044 <-> DISABLED <-> BROWSER-PLUGINS F-Secure Anti-Virus fsresh.dll clsid access (browser-plugins.rules)
 * 1:20054 <-> DISABLED <-> SERVER-OTHER HP OpenView Network Node Manager Denial of Service (server-other.rules)
 * 1:20071 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Visual Studio WMIScriptUtils.WMIObjectBroker2.1 ActiveX CLSID access (browser-plugins.rules)
 * 1:2008 <-> DISABLED <-> INDICATOR-COMPROMISE CVS invalid user authentication response (indicator-compromise.rules)
 * 1:2009 <-> DISABLED <-> INDICATOR-COMPROMISE CVS invalid repository response (indicator-compromise.rules)
 * 1:2010 <-> DISABLED <-> INDICATOR-COMPROMISE CVS double free exploit attempt response (indicator-compromise.rules)
 * 1:2011 <-> DISABLED <-> INDICATOR-COMPROMISE CVS invalid directory response (indicator-compromise.rules)
 * 1:2012 <-> DISABLED <-> INDICATOR-COMPROMISE CVS missing cvsroot response (indicator-compromise.rules)
 * 1:2013 <-> DISABLED <-> INDICATOR-COMPROMISE CVS invalid module response (indicator-compromise.rules)
 * 1:20134 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Storage Data Protector buffer overflow attempt (server-webapp.rules)
 * 1:20159 <-> DISABLED <-> SERVER-WEBAPP Oracle GlassFish Server authentication bypass attempt (server-webapp.rules)
 * 1:20160 <-> DISABLED <-> SERVER-WEBAPP Oracle GlassFish Server successful authentication bypass attempt (server-webapp.rules)
 * 1:20168 <-> DISABLED <-> BROWSER-PLUGINS ChemView SaveAsMolFile vulnerability ActiveX clsid access (browser-plugins.rules)
 * 1:20175 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Remote Desktop Client ActiveX clsid access (browser-plugins.rules)
 * 1:20177 <-> ENABLED <-> SERVER-WEBAPP HP OpenView NNM ovlogin.exe CGI Host parameter buffer overflow attempt (server-webapp.rules)
 * 1:20179 <-> ENABLED <-> SERVER-WEBAPP HP OpenView NNM ovlogin.exe CGI userid parameter buffer overflow attempt (server-webapp.rules)
 * 1:20180 <-> ENABLED <-> SERVER-WEBAPP HP OpenView NNM ovlogin.exe CGI passwd parameter buffer overflow attempt (server-webapp.rules)
 * 1:20204 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Taidoor outbound connection (malware-cnc.rules)
 * 1:20212 <-> DISABLED <-> OS-WINDOWS SSL CBC encryption mode weakness brute force attempt (os-windows.rules)
 * 1:20239 <-> DISABLED <-> FILE-OTHER Oracle Java GIF LZW minimum code size overflow attempt (file-other.rules)
 * 1:20240 <-> ENABLED <-> SERVER-WEBAPP HP OpenView NNM nnmRptConfig.exe CGI Host parameter buffer overflow attempt (server-webapp.rules)
 * 1:20241 <-> ENABLED <-> SERVER-WEBAPP HP OpenView NNM snmp.exe CGI Host parameter buffer overflow attempt (server-webapp.rules)
 * 1:20253 <-> DISABLED <-> OS-WINDOWS Microsoft products oleacc.dll dll-load exploit attempt (os-windows.rules)
 * 1:20255 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Silverlight inheritance restriction bypass (browser-plugins.rules)
 * 1:20256 <-> DISABLED <-> OS-WINDOWS Microsoft Forefront UAG http response splitting attempt (os-windows.rules)
 * 1:20257 <-> DISABLED <-> OS-WINDOWS Microsoft ForeFront UAG ExcelTable.asp XSS attempt (os-windows.rules)
 * 1:20258 <-> DISABLED <-> OS-WINDOWS Microsoft Forefront UAG javascript handler in URI XSS attempt (os-windows.rules)
 * 1:20271 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Host Integration Server SNA length dos attempt (os-windows.rules)
 * 1:20272 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Forefront UAG NLSessionS cookie overflow attempt (os-windows.rules)
 * 1:20285 <-> DISABLED <-> BROWSER-PLUGINS Black Ice Barcode SDK ActiveX clsid access (browser-plugins.rules)
 * 1:20286 <-> DISABLED <-> BROWSER-PLUGINS Black Ice Barcode SDK ActiveX function call access (browser-plugins.rules)
 * 1:20430 <-> ENABLED <-> FILE-OTHER Oracle Java Web Start BasicServiceImpl security policy bypass attempt (file-other.rules)
 * 1:20436 <-> DISABLED <-> MALWARE-TOOLS multiple SSLv3 Encrypted Handshake messages - THC-SSL tool, potential DoS (malware-tools.rules)
 * 1:20437 <-> DISABLED <-> MALWARE-TOOLS multiple TLSv1 Encrypted Handshake messages - THC-SSL tool, potential DoS (malware-tools.rules)
 * 1:20438 <-> DISABLED <-> MALWARE-TOOLS multiple TLSv1.1 Encrypted Handshake messages - THC-SSL tool, potential DoS (malware-tools.rules)
 * 1:20439 <-> DISABLED <-> MALWARE-TOOLS multiple TLSv1.2 Encrypted Handshake messages - THC-SSL tool, potential DoS (malware-tools.rules)
 * 1:20444 <-> ENABLED <-> FILE-OTHER Oracle Java browser plugin docbase overflow attempt (file-other.rules)
 * 1:20446 <-> DISABLED <-> SERVER-WEBAPP DiskPulseServer GetServerInfo request buffer overflow (server-webapp.rules)
 * 1:2047 <-> DISABLED <-> SERVER-OTHER rsyncd module list access (server-other.rules)
 * 1:2050 <-> DISABLED <-> SERVER-MSSQL version overflow attempt (server-mssql.rules)
 * 1:20530 <-> ENABLED <-> SERVER-WEBAPP HP OpenView Storage Data Protector directory traversal attempt (server-webapp.rules)
 * 1:20531 <-> ENABLED <-> SERVER-WEBAPP HP OpenView Storage Data Protector directory traversal attempt (server-webapp.rules)
 * 1:20532 <-> ENABLED <-> SERVER-WEBAPP HP OpenView Storage Data Protector get file buffer overflow attempt (server-webapp.rules)
 * 1:20533 <-> DISABLED <-> SERVER-WEBAPP php tiny shell upload attempt (server-webapp.rules)
 * 1:20536 <-> DISABLED <-> BROWSER-PLUGINS Moxa MediaDBPlayback.DLL ActiveX clsid access (browser-plugins.rules)
 * 1:20537 <-> DISABLED <-> BROWSER-PLUGINS Phobos.Playlist ActiveX clsid access (browser-plugins.rules)
 * 1:20538 <-> DISABLED <-> BROWSER-PLUGINS Phobos.Playlist ActiveX function call access (browser-plugins.rules)
 * 1:20552 <-> DISABLED <-> SERVER-MAIL Mercury Mail Transport System buffer overflow attempt (server-mail.rules)
 * 1:20554 <-> DISABLED <-> PUA-OTHER Microsoft MSN Messenger and Windows Live Messenger Code Execution attempt (pua-other.rules)
 * 1:2056 <-> DISABLED <-> SERVER-WEBAPP TRACE attempt (server-webapp.rules)
 * 1:2057 <-> DISABLED <-> SERVER-WEBAPP helpout.exe access (server-webapp.rules)
 * 1:20573 <-> DISABLED <-> BROWSER-PLUGINS Oracle AutoVueX Control ExportEdaBom ActiveX clsid access (browser-plugins.rules)
 * 1:20574 <-> DISABLED <-> BROWSER-PLUGINS Oracle AutoVueX Control ExportEdaBom ActiveX function call access (browser-plugins.rules)
 * 1:2058 <-> DISABLED <-> SERVER-WEBAPP MsmMask.exe attempt (server-webapp.rules)
 * 1:2059 <-> DISABLED <-> SERVER-WEBAPP MsmMask.exe access (server-webapp.rules)
 * 1:20591 <-> DISABLED <-> BROWSER-PLUGINS Flexera InstallShield ISGrid2.dll DoFindReplace heap buffer overlow ActiveX clsid access (browser-plugins.rules)
 * 1:20592 <-> DISABLED <-> BROWSER-PLUGINS Flexera InstallShield ISGrid2.dll DoFindReplace heap buffer overlow ActiveX function call access (browser-plugins.rules)
 * 1:2060 <-> DISABLED <-> SERVER-WEBAPP DB4Web access (server-webapp.rules)
 * 1:20615 <-> DISABLED <-> SERVER-WEBAPP Wordcircle SQL injection attempt (server-webapp.rules)
 * 1:20617 <-> DISABLED <-> SERVER-WEBAPP Sage SalesLogix admin authentication bypass attempt (server-webapp.rules)
 * 1:2062 <-> DISABLED <-> SERVER-WEBAPP iPlanet .perf access (server-webapp.rules)
 * 1:20623 <-> DISABLED <-> SERVER-WEBAPP Venom Board SQL injection attempt  (server-webapp.rules)
 * 1:20624 <-> DISABLED <-> SERVER-WEBAPP Venom Board SQL injection attempt (server-webapp.rules)
 * 1:20625 <-> DISABLED <-> SERVER-WEBAPP Venom Board SQL injection attempt (server-webapp.rules)
 * 1:20628 <-> DISABLED <-> SERVER-WEBAPP HP Data Protector FinishedCopy SQL Injection attempt (server-webapp.rules)
 * 1:20629 <-> DISABLED <-> SERVER-WEBAPP geoBlog SQL injection in viewcat.php cat parameter attempt (server-webapp.rules)
 * 1:2063 <-> DISABLED <-> SERVER-WEBAPP Demarc SQL injection attempt (server-webapp.rules)
 * 1:20631 <-> DISABLED <-> SERVER-WEBAPP Akarru remote file include in main_content.php bm_content (server-webapp.rules)
 * 1:20632 <-> DISABLED <-> SERVER-WEBAPP AnnoncesV remote file include in annonce.php page (server-webapp.rules)
 * 1:20633 <-> DISABLED <-> SERVER-WEBAPP Boite de News remote file include in inc.php url_index (server-webapp.rules)
 * 1:20635 <-> DISABLED <-> SERVER-WEBAPP HP Data Protector GetPolicies SQL Injection attempt (server-webapp.rules)
 * 1:20640 <-> DISABLED <-> SERVER-WEBAPP VEGO Web Forum SQL injection in login.php username attempt (server-webapp.rules)
 * 1:20641 <-> DISABLED <-> SERVER-WEBAPP TheWebForum SQL injection in login.php username attempt (server-webapp.rules)
 * 1:20642 <-> DISABLED <-> SERVER-WEBAPP TankLogger SQL injection in showInfo.php livestock_id attempt (server-webapp.rules)
 * 1:20643 <-> DISABLED <-> SERVER-WEBAPP ScozBook SQL injection in auth.php adminname attempt (server-webapp.rules)
 * 1:20644 <-> DISABLED <-> SERVER-WEBAPP Lizard Cart CMS SQL injection in detail.php id attempt (server-webapp.rules)
 * 1:20645 <-> DISABLED <-> SERVER-WEBAPP Lizard Cart CMS SQL injection in pages.php id attempt (server-webapp.rules)
 * 1:20646 <-> DISABLED <-> SERVER-WEBAPP Benders Calendar SQL injection in index.php this_day attempt (server-webapp.rules)
 * 1:20647 <-> DISABLED <-> SERVER-WEBAPP inTouch SQL injection in index.php user attempt (server-webapp.rules)
 * 1:20648 <-> DISABLED <-> SERVER-WEBAPP Bit 5 Blog SQL injection in processlogin.php username via (server-webapp.rules)
 * 1:20649 <-> DISABLED <-> SERVER-WEBAPP ADNForum SQL injection in index.php fid attempt (server-webapp.rules)
 * 1:2065 <-> DISABLED <-> SERVER-WEBAPP Lotus Notes .csp script source download attempt (server-webapp.rules)
 * 1:20650 <-> DISABLED <-> SERVER-WEBAPP MyNewsGroups remote file include in layersmenu.inc.php myng_root (server-webapp.rules)
 * 1:20651 <-> DISABLED <-> SERVER-WEBAPP Modernbill remote file include in config.php DIR (server-webapp.rules)
 * 1:20652 <-> DISABLED <-> SERVER-WEBAPP ME Download System remote file include in header.php Vb8878b936c2bd8ae0cab (server-webapp.rules)
 * 1:20654 <-> DISABLED <-> SERVER-WEBAPP GrapAgenda remote file include in index.php page (server-webapp.rules)
 * 1:20655 <-> DISABLED <-> PUA-OTHER Yahoo Messenger iframe injection status change attempt (pua-other.rules)
 * 1:20656 <-> DISABLED <-> SERVER-WEBAPP GestArtremote file include in aide.php3 aide (server-webapp.rules)
 * 1:20657 <-> DISABLED <-> SERVER-WEBAPP Free File Hosting remote file include in forgot_pass.php ad_body_temp (server-webapp.rules)
 * 1:2066 <-> DISABLED <-> SERVER-WEBAPP Lotus Notes .pl script source download attempt (server-webapp.rules)
 * 1:20663 <-> DISABLED <-> SERVER-WEBAPP Comet WebFileManager remote file include in CheckUpload.php Language (server-webapp.rules)
 * 1:20667 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Thunderbird / SeaMonkey Content-Type header buffer overflow attempt (browser-firefox.rules)
 * 1:2067 <-> DISABLED <-> SERVER-WEBAPP Lotus Notes .exe script source download attempt (server-webapp.rules)
 * 1:20674 <-> DISABLED <-> SERVER-WEBAPP Sourceforge Gallery search engine cross-site scripting attempt (server-webapp.rules)
 * 1:2068 <-> DISABLED <-> SERVER-WEBAPP BitKeeper arbitrary command attempt (server-webapp.rules)
 * 1:20680 <-> DISABLED <-> SERVER-WEBAPP Flashchat remote file include in aedating4CMS.php (server-webapp.rules)
 * 1:2069 <-> DISABLED <-> SERVER-WEBAPP chip.ini access (server-webapp.rules)
 * 1:2070 <-> DISABLED <-> SERVER-WEBAPP post32.exe arbitrary command attempt (server-webapp.rules)
 * 1:20704 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer #default#time behavior attack attempt (browser-plugins.rules)
 * 1:20705 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Time DATIME.DLL ActiveX clsid access (browser-plugins.rules)
 * 1:20706 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Time DATIME.DLL ActiveX clsid access (browser-plugins.rules)
 * 1:20707 <-> DISABLED <-> BROWSER-PLUGINS Dell IT Assistant ActiveX clsid access (browser-plugins.rules)
 * 1:20708 <-> DISABLED <-> BROWSER-PLUGINS HP Easy Printer Care Software ActiveX clsid access (browser-plugins.rules)
 * 1:20709 <-> DISABLED <-> BROWSER-PLUGINS HP Photo Creative ActiveX clsid access (browser-plugins.rules)
 * 1:2071 <-> DISABLED <-> SERVER-WEBAPP post32.exe access (server-webapp.rules)
 * 1:20710 <-> DISABLED <-> BROWSER-PLUGINS HP Photo Creative ActiveX clsid access (browser-plugins.rules)
 * 1:20711 <-> DISABLED <-> BROWSER-PLUGINS HP Photo Creative ActiveX clsid access (browser-plugins.rules)
 * 1:20712 <-> DISABLED <-> BROWSER-PLUGINS HP Photo Creative ActiveX clsid access (browser-plugins.rules)
 * 1:20713 <-> DISABLED <-> BROWSER-PLUGINS HP Photo Creative ActiveX clsid access (browser-plugins.rules)
 * 1:20714 <-> DISABLED <-> BROWSER-PLUGINS HP Photo Creative ActiveX clsid access (browser-plugins.rules)
 * 1:20715 <-> DISABLED <-> BROWSER-PLUGINS HP Photo Creative ActiveX clsid access (browser-plugins.rules)
 * 1:20716 <-> DISABLED <-> BROWSER-PLUGINS Yahoo!  CD Player ActiveX clsid access (browser-plugins.rules)
 * 1:2072 <-> DISABLED <-> SERVER-WEBAPP lyris.pl access (server-webapp.rules)
 * 1:20726 <-> DISABLED <-> SERVER-WEBAPP F-Secure web console username overflow attempt (server-webapp.rules)
 * 1:20728 <-> DISABLED <-> SERVER-WEBAPP WoW Roster remote file include with hslist.php and conf.php (server-webapp.rules)
 * 1:2073 <-> DISABLED <-> SERVER-WEBAPP globals.pl access (server-webapp.rules)
 * 1:20731 <-> DISABLED <-> SERVER-WEBAPP TSEP remote file include in colorswitch.php tsep_config[absPath] (server-webapp.rules)
 * 1:20732 <-> DISABLED <-> SERVER-WEBAPP Sabdrimer remote file include in advanced1.php pluginpath[0] (server-webapp.rules)
 * 1:2074 <-> DISABLED <-> SERVER-WEBAPP Mambo uploadimage.php upload php file attempt (server-webapp.rules)
 * 1:20740 <-> DISABLED <-> SERVER-WEBAPP Dell OpenManage server application field buffer overflow attempt (server-webapp.rules)
 * 1:2075 <-> DISABLED <-> SERVER-WEBAPP Mambo upload.php upload php file attempt (server-webapp.rules)
 * 1:2076 <-> DISABLED <-> SERVER-WEBAPP Mambo uploadimage.php access (server-webapp.rules)
 * 1:20761 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector buffer overflow attempt (server-other.rules)
 * 1:20764 <-> DISABLED <-> SERVER-WEBAPP SyBase MBusiness xml closing tag overflow attempt (server-webapp.rules)
 * 1:2077 <-> DISABLED <-> SERVER-WEBAPP Mambo upload.php access (server-webapp.rules)
 * 1:2078 <-> DISABLED <-> SERVER-WEBAPP phpBB privmsg.php access (server-webapp.rules)
 * 1:20815 <-> DISABLED <-> SERVER-WEBAPP Vmist Downstat remote file include in chart.php art (server-webapp.rules)
 * 1:20816 <-> DISABLED <-> SERVER-WEBAPP Vmist Downstat remote file include in admin.php art (server-webapp.rules)
 * 1:20817 <-> DISABLED <-> SERVER-WEBAPP Vmist Downstat remote file include in modes.php art (server-webapp.rules)
 * 1:20818 <-> DISABLED <-> SERVER-WEBAPP Vmist Downstat remote file include in stats.php art (server-webapp.rules)
 * 1:20819 <-> DISABLED <-> SERVER-WEBAPP ACal Calendar Project cookie based authentication bypass attempt (server-webapp.rules)
 * 1:20820 <-> DISABLED <-> FILE-OTHER Java JNLP parameter argument injection attempt (file-other.rules)
 * 1:20826 <-> DISABLED <-> SERVER-WEBAPP OABoard forum script remote file injection attempt (server-webapp.rules)
 * 1:20827 <-> ENABLED <-> SERVER-WEBAPP phpThumb fltr[] parameter remote command execution attempt (server-webapp.rules)
 * 1:20832 <-> DISABLED <-> SERVER-WEBAPP Symantec IM Manager administrator interface SQL injection attempt (server-webapp.rules)
 * 1:20834 <-> DISABLED <-> BROWSER-PLUGINS Novell ZENworks LaunchHelp.dll LaunchProcess Code Execution ActiveX clsid access (browser-plugins.rules)
 * 1:20835 <-> DISABLED <-> BROWSER-PLUGINS Novell ZENworks LaunchHelp.dll LaunchProcess Code Execution ActiveX function call access (browser-plugins.rules)
 * 1:20845 <-> DISABLED <-> SERVER-WEBAPP HP Network Node Manager cross site scripting attempt (server-webapp.rules)
 * 1:20846 <-> DISABLED <-> BROWSER-PLUGINS Oracle Hyperion strategic finance client SetDevNames heap buffer overflow ActiveX clsid access (browser-plugins.rules)
 * 1:20847 <-> DISABLED <-> BROWSER-PLUGINS Oracle Hyperion strategic finance client SetDevNames heap buffer overflow ActiveX function call access (browser-plugins.rules)
 * 1:20862 <-> DISABLED <-> SERVER-WEBAPP Jive Software Openfire logviewer.jsp XSS attempt (server-webapp.rules)
 * 1:20863 <-> DISABLED <-> SERVER-WEBAPP Jive Software Openfire log.jsp XSS attempt (server-webapp.rules)
 * 1:20864 <-> DISABLED <-> SERVER-WEBAPP Jive Software Openfire group-summary.jsp XSS attempt (server-webapp.rules)
 * 1:20865 <-> DISABLED <-> SERVER-WEBAPP Jive Software Openfire user-properties.jsp XSS attempt (server-webapp.rules)
 * 1:20866 <-> DISABLED <-> SERVER-WEBAPP Jive Software Openfire audit-policy.jsp XSS attempt (server-webapp.rules)
 * 1:20867 <-> DISABLED <-> SERVER-WEBAPP Jive Software Openfire server-properties.jsp XSS attempt (server-webapp.rules)
 * 1:20868 <-> DISABLED <-> SERVER-WEBAPP Jive Software Openfire muc-room-edit-form.jsp XSS attempt (server-webapp.rules)
 * 1:2087 <-> DISABLED <-> SERVER-MAIL From comment overflow attempt (server-mail.rules)
 * 1:20871 <-> DISABLED <-> SERVER-WEBAPP Worldweaver DX Studio Player shell.execute command execution attempt (server-webapp.rules)
 * 1:20872 <-> DISABLED <-> SERVER-WEBAPP Worldweaver DX Studio Player shell.execute command execution attempt (server-webapp.rules)
 * 1:20875 <-> DISABLED <-> BROWSER-PLUGINS ShockwaveFlash.ShockwaveFlash ActiveX clsid access (browser-plugins.rules)
 * 1:20901 <-> ENABLED <-> BROWSER-PLUGINS Microsoft Works WkImgSrv.dll ActiveX control exploit attempt (browser-plugins.rules)
 * 1:20949 <-> DISABLED <-> BROWSER-PLUGINS Autodesk iDrop ActiveX clsid access (browser-plugins.rules)
 * 1:20993 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector exec_cmd buffer overflow (server-other.rules)
 * 1:20994 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector exec_cmd buffer overflow (server-other.rules)
 * 1:2101 <-> DISABLED <-> OS-WINDOWS SMB Trans Max Param/Count OS-WINDOWS attempt (os-windows.rules)
 * 1:21022 <-> DISABLED <-> BROWSER-PLUGINS Viscom Software Image Viewer ActiveX clsid access (browser-plugins.rules)
 * 1:21023 <-> DISABLED <-> BROWSER-PLUGINS Viscom Software Image Viewer ActiveX function call access (browser-plugins.rules)
 * 1:21024 <-> DISABLED <-> BROWSER-PLUGINS McAfee Security as a Service ActiveX clsid access (browser-plugins.rules)
 * 1:21025 <-> DISABLED <-> BROWSER-PLUGINS McAfee Security as a Service ActiveX function call (browser-plugins.rules)
 * 1:21026 <-> DISABLED <-> BROWSER-PLUGINS McAfee Security as a Service ActiveX clsid access (browser-plugins.rules)
 * 1:21027 <-> DISABLED <-> BROWSER-PLUGINS McAfee Security as a Service ActiveX function call (browser-plugins.rules)
 * 1:21029 <-> DISABLED <-> BROWSER-PLUGINS Bennet-Tec TList saveData arbitrary file creation ActiveX clsid access (browser-plugins.rules)
 * 1:21030 <-> DISABLED <-> BROWSER-PLUGINS Bennet-Tec TList saveData arbitrary file creation ActiveX function call access (browser-plugins.rules)
 * 1:21031 <-> DISABLED <-> BROWSER-PLUGINS Bennet-Tec TList saveData arbitrary file creation ActiveX clsid access (browser-plugins.rules)
 * 1:21032 <-> DISABLED <-> BROWSER-PLUGINS Bennet-Tec TList saveData arbitrary file creation ActiveX function call access (browser-plugins.rules)
 * 1:21033 <-> DISABLED <-> BROWSER-PLUGINS Bennet-Tec TList saveData arbitrary file creation ActiveX clsid access (browser-plugins.rules)
 * 1:21034 <-> DISABLED <-> BROWSER-PLUGINS Bennet-Tec TList saveData arbitrary file creation ActiveX function call access (browser-plugins.rules)
 * 1:21051 <-> DISABLED <-> SERVER-WEBAPP Apple OSX software update command execution attempt (server-webapp.rules)
 * 1:21060 <-> DISABLED <-> SERVER-WEBAPP Symantec IM Manager Administrator console site injection attempt (server-webapp.rules)
 * 1:21063 <-> DISABLED <-> BROWSER-PLUGINS HP Easy Printer Care Software ActiveX clsid access (browser-plugins.rules)
 * 1:21064 <-> DISABLED <-> BROWSER-PLUGINS HP Easy Printer Care Software ActiveX function call access (browser-plugins.rules)
 * 1:21065 <-> DISABLED <-> SERVER-WEBAPP Symantec IM Manager Edituser cross site scripting attempt (server-webapp.rules)
 * 1:21066 <-> DISABLED <-> SERVER-WEBAPP Symantec IM Manager Systemdashboard cross site scripting attempt (server-webapp.rules)
 * 1:21067 <-> DISABLED <-> SERVER-WEBAPP Symantec IM Manager TOC_simple cross site scripting attempt (server-webapp.rules)
 * 1:21076 <-> DISABLED <-> BROWSER-PLUGINS HP Easy Printer Care Software ActiveX clsid access (browser-plugins.rules)
 * 1:21077 <-> DISABLED <-> BROWSER-PLUGINS HP Easy Printer Care Software ActiveX function call (browser-plugins.rules)
 * 1:21081 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer RDS.Dataspace ActiveX object code execution attempt (browser-plugins.rules)
 * 1:21094 <-> DISABLED <-> BROWSER-PLUGINS McAfee Remediation Agent ActiveX function call access (browser-plugins.rules)
 * 1:21104 <-> ENABLED <-> MALWARE-TOOLS slowhttptest DoS tool (malware-tools.rules)
 * 1:21232 <-> DISABLED <-> SERVER-OTHER Remote Desktop Protocol brute force attempt (server-other.rules)
 * 1:21233 <-> DISABLED <-> SERVER-WEBAPP Symantec Antivirus admin scan interface negative Content-Length attempt (server-webapp.rules)
 * 1:21234 <-> ENABLED <-> SERVER-WEBAPP MKCOL Webdav Stack Buffer Overflow attempt (server-webapp.rules)
 * 1:21235 <-> ENABLED <-> SERVER-WEBAPP LOCK Webdav Stack Buffer Overflow attempt (server-webapp.rules)
 * 1:21236 <-> ENABLED <-> SERVER-WEBAPP UNLOCK Webdav Stack Buffer Overflow attempt (server-webapp.rules)
 * 1:2126 <-> DISABLED <-> OS-WINDOWS Microsoft Windows PPTP Start Control Request buffer overflow attempt (os-windows.rules)
 * 1:21262 <-> DISABLED <-> OS-WINDOWS DCERPC ISystemActivate flood attempt (os-windows.rules)
 * 1:21264 <-> DISABLED <-> BROWSER-PLUGINS Symantec Norton Internet Security 2004 ActiveX function call (browser-plugins.rules)
 * 1:21270 <-> DISABLED <-> SERVER-WEBAPP Devellion CubeCart multiple parameter XSS vulnerability (server-webapp.rules)
 * 1:21271 <-> DISABLED <-> SERVER-WEBAPP Devellion CubeCart searchStr parameter SQL injection (server-webapp.rules)
 * 1:21289 <-> DISABLED <-> OS-WINDOWS Microsoft Color Control Panel STI.dll dll-load exploit attempt (os-windows.rules)
 * 1:21299 <-> ENABLED <-> BROWSER-PLUGINS Microsoft Silverlight privilege escalation attempt (browser-plugins.rules)
 * 1:21309 <-> DISABLED <-> OS-WINDOWS Microsoft product fputlsat.dll dll-load exploit attempt (os-windows.rules)
 * 1:21314 <-> DISABLED <-> SERVER-WEBAPP HP Insight Diagnostics XSS attempt (server-webapp.rules)
 * 1:21333 <-> DISABLED <-> SERVER-WEBAPP Openswan/Strongswan Pluto IKE daemon ISAKMP DPD malformed packet DOS attempt (server-webapp.rules)
 * 1:21334 <-> DISABLED <-> SERVER-WEBAPP Openswan/Strongswan Pluto IKE daemon ISAKMP DPD malformed packet DOS attempt (server-webapp.rules)
 * 1:21349 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector stack overflow attempt (server-other.rules)
 * 1:2135 <-> DISABLED <-> SERVER-WEBAPP philboard.mdb access (server-webapp.rules)
 * 1:21350 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector stack overflow attempt (server-other.rules)
 * 1:21358 <-> DISABLED <-> SERVER-WEBAPP iPlanet Webserver command injection attempt (server-webapp.rules)
 * 1:2136 <-> DISABLED <-> SERVER-WEBAPP philboard_admin.asp authentication bypass attempt (server-webapp.rules)
 * 1:2137 <-> DISABLED <-> SERVER-WEBAPP philboard_admin.asp access (server-webapp.rules)
 * 1:21375 <-> DISABLED <-> SERVER-WEBAPP Remote Execution Backdoor Attempt Against Horde (server-webapp.rules)
 * 1:21377 <-> ENABLED <-> SERVER-WEBAPP Cisco Unified Communications Manager sql injection attempt (server-webapp.rules)
 * 1:2138 <-> DISABLED <-> SERVER-WEBAPP logicworks.ini access (server-webapp.rules)
 * 1:21385 <-> ENABLED <-> SERVER-WEBAPP Cisco Common Services Help servlet XSS attempt (server-webapp.rules)
 * 1:21389 <-> ENABLED <-> SERVER-WEBAPP Cisco Common Services Device Center XSS attempt (server-webapp.rules)
 * 1:2139 <-> DISABLED <-> SERVER-WEBAPP /*.shtml access (server-webapp.rules)
 * 1:2140 <-> DISABLED <-> SERVER-WEBAPP p-news.php access (server-webapp.rules)
 * 1:21406 <-> DISABLED <-> BROWSER-PLUGINS McAfee Security Center ActiveX clsid access (browser-plugins.rules)
 * 1:2141 <-> DISABLED <-> SERVER-WEBAPP shoutbox.php directory traversal attempt (server-webapp.rules)
 * 1:2142 <-> DISABLED <-> SERVER-WEBAPP shoutbox.php access (server-webapp.rules)
 * 1:2143 <-> DISABLED <-> SERVER-WEBAPP b2 cafelog gm-2-b2.php remote file include attempt (server-webapp.rules)
 * 1:2144 <-> DISABLED <-> SERVER-WEBAPP b2 cafelog gm-2-b2.php access (server-webapp.rules)
 * 1:21446 <-> DISABLED <-> BROWSER-PLUGINS FileSystemObject clsid access (browser-plugins.rules)
 * 1:21447 <-> ENABLED <-> BROWSER-PLUGINS FileSystemObject function call (browser-plugins.rules)
 * 1:2145 <-> DISABLED <-> SERVER-WEBAPP TextPortal admin.php default password admin attempt (server-webapp.rules)
 * 1:21458 <-> DISABLED <-> FILE-FLASH Adobe Flash ActionScript float index array memory corruption (file-flash.rules)
 * 1:2146 <-> DISABLED <-> SERVER-WEBAPP TextPortal admin.php default password 12345 attempt (server-webapp.rules)
 * 1:21465 <-> DISABLED <-> SERVER-WEBAPP HTTP response splitting attempt (server-webapp.rules)
 * 1:2147 <-> DISABLED <-> SERVER-WEBAPP BLNews objects.inc.php4 remote file include attempt (server-webapp.rules)
 * 1:2148 <-> DISABLED <-> SERVER-WEBAPP BLNews objects.inc.php4 access (server-webapp.rules)
 * 1:2149 <-> DISABLED <-> SERVER-WEBAPP Turba status.php access (server-webapp.rules)
 * 1:21493 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows DRM technology msnetobj.dll ActiveX clsid access (browser-plugins.rules)
 * 1:2150 <-> DISABLED <-> SERVER-WEBAPP ttCMS header.php remote file include attempt (server-webapp.rules)
 * 1:21501 <-> DISABLED <-> FILE-OTHER Oracle JavaScript file upload keystroke hijack attempt (file-other.rules)
 * 1:2151 <-> DISABLED <-> SERVER-WEBAPP ttCMS header.php access (server-webapp.rules)
 * 1:21513 <-> DISABLED <-> MALWARE-TOOLS HOIC tool (malware-tools.rules)
 * 1:21516 <-> DISABLED <-> SERVER-WEBAPP JBoss JMX console access attempt (server-webapp.rules)
 * 1:21517 <-> DISABLED <-> SERVER-WEBAPP JBoss admin-console access (server-webapp.rules)
 * 1:2152 <-> DISABLED <-> SERVER-WEBAPP test.php access (server-webapp.rules)
 * 1:21529 <-> DISABLED <-> OS-WINDOWS SMB Trans2 Find_First2 filename overflow attempt (os-windows.rules)
 * 1:2153 <-> DISABLED <-> SERVER-WEBAPP autohtml.php directory traversal attempt (server-webapp.rules)
 * 1:2154 <-> DISABLED <-> SERVER-WEBAPP autohtml.php access (server-webapp.rules)
 * 1:2155 <-> DISABLED <-> SERVER-WEBAPP ttforum remote file include attempt (server-webapp.rules)
 * 1:21558 <-> DISABLED <-> BROWSER-PLUGINS Symantec Norton Antivirus ActiveX clsid access (browser-plugins.rules)
 * 1:21559 <-> DISABLED <-> BROWSER-PLUGINS Symantec Norton Antivirus ActiveX clsid access (browser-plugins.rules)
 * 1:2156 <-> DISABLED <-> SERVER-WEBAPP mod_gzip_status access (server-webapp.rules)
 * 1:21560 <-> DISABLED <-> BROWSER-PLUGINS Symantec Norton Antivirus ActiveX clsid access (browser-plugins.rules)
 * 1:21561 <-> DISABLED <-> BROWSER-PLUGINS Symantec Norton Antivirus ActiveX function call access (browser-plugins.rules)
 * 1:21566 <-> DISABLED <-> OS-WINDOWS Microsoft Expression Design wintab32.dll dll-load exploit attempt (os-windows.rules)
 * 1:21570 <-> DISABLED <-> OS-WINDOWS Microsoft Windows RemoteDesktop new session flood attempt (os-windows.rules)
 * 1:2158 <-> DISABLED <-> SERVER-OTHER BGP invalid length (server-other.rules)
 * 1:21589 <-> DISABLED <-> BROWSER-PLUGINS IBM eGatherer ActiveX clsid access (browser-plugins.rules)
 * 1:2159 <-> DISABLED <-> SERVER-OTHER BGP invalid type 0 (server-other.rules)
 * 1:21590 <-> DISABLED <-> BROWSER-PLUGINS IBM eGatherer ActiveX function call access (browser-plugins.rules)
 * 1:21594 <-> DISABLED <-> SERVER-WEBAPP Gravity GTD objectname parameter injection attempt (server-webapp.rules)
 * 1:21609 <-> DISABLED <-> SERVER-WEBAPP SurgeMail webmail.exe page format string exploit attempt (server-webapp.rules)
 * 1:21670 <-> DISABLED <-> SERVER-WEBAPP phpinfo GET POST and COOKIE Parameters cross site scripting attempt (server-webapp.rules)
 * 1:21671 <-> DISABLED <-> SERVER-WEBAPP PECL zip URL wrapper buffer overflow attempt (server-webapp.rules)
 * 1:2176 <-> ENABLED <-> OS-WINDOWS SMB startup folder access (os-windows.rules)
 * 1:21762 <-> DISABLED <-> SERVER-WEBAPP Youngzsoft CMailServer CMailCOM Buffer Overflow attempt (server-webapp.rules)
 * 1:2177 <-> DISABLED <-> OS-WINDOWS SMB startup folder unicode access (os-windows.rules)
 * 1:21788 <-> DISABLED <-> SQL or kic = kic - known SQL injection routine (sql.rules)
 * 1:21789 <-> DISABLED <-> SQL or kic = kic - known SQL injection routine (sql.rules)
 * 1:21818 <-> DISABLED <-> SERVER-WEBAPP System variable directory traversal attempt - %ALLUSERSPROFILE% (server-webapp.rules)
 * 1:21819 <-> DISABLED <-> SERVER-WEBAPP System variable directory traversal attempt - %PROGRAMDATA% (server-webapp.rules)
 * 1:21820 <-> DISABLED <-> SERVER-WEBAPP System variable directory traversal attempt - %APPDATA% (server-webapp.rules)
 * 1:21821 <-> DISABLED <-> SERVER-WEBAPP System variable directory traversal attempt - %COMMONPROGRAMFILES% (server-webapp.rules)
 * 1:21822 <-> DISABLED <-> SERVER-WEBAPP System variable directory traversal attempt - %COMMONPROGRAMFILES - x86% (server-webapp.rules)
 * 1:21823 <-> DISABLED <-> SERVER-WEBAPP System variable directory traversal attempt - %COMSPEC% (server-webapp.rules)
 * 1:21824 <-> DISABLED <-> SERVER-WEBAPP System variable directory traversal attempt - %HOMEDRIVE% (server-webapp.rules)
 * 1:21825 <-> DISABLED <-> SERVER-WEBAPP System variable directory traversal attempt - %HOMEPATH% (server-webapp.rules)
 * 1:21826 <-> DISABLED <-> SERVER-WEBAPP System variable directory traversal attempt - %LOCALAPPDATA% (server-webapp.rules)
 * 1:21827 <-> DISABLED <-> SERVER-WEBAPP System variable directory traversal attempt - %PROGRAMFILES% (server-webapp.rules)
 * 1:21828 <-> DISABLED <-> SERVER-WEBAPP System variable directory traversal attempt - %PROGRAMFILES - X86% (server-webapp.rules)
 * 1:21829 <-> DISABLED <-> SERVER-WEBAPP System variable directory traversal attempt - %SystemDrive% (server-webapp.rules)
 * 1:2183 <-> DISABLED <-> SERVER-MAIL Content-Transfer-Encoding overflow attempt (server-mail.rules)
 * 1:21830 <-> DISABLED <-> SERVER-WEBAPP System variable directory traversal attempt - %SystemRoot% (server-webapp.rules)
 * 1:21831 <-> DISABLED <-> SERVER-WEBAPP System variable directory traversal attempt - %TEMP% (server-webapp.rules)
 * 1:21832 <-> DISABLED <-> SERVER-WEBAPP System variable directory traversal attempt - %TMP% (server-webapp.rules)
 * 1:21833 <-> DISABLED <-> SERVER-WEBAPP System variable directory traversal attempt - %USERDATA% (server-webapp.rules)
 * 1:21834 <-> DISABLED <-> SERVER-WEBAPP System variable directory traversal attempt - %USERNAME% (server-webapp.rules)
 * 1:21835 <-> DISABLED <-> SERVER-WEBAPP System variable directory traversal attempt - %USERPROFILE% (server-webapp.rules)
 * 1:21836 <-> DISABLED <-> SERVER-WEBAPP System variable directory traversal attempt - %WINDIR% (server-webapp.rules)
 * 1:21837 <-> DISABLED <-> SERVER-WEBAPP System variable directory traversal attempt - %PUBLIC% (server-webapp.rules)
 * 1:21838 <-> DISABLED <-> SERVER-WEBAPP System variable directory traversal attempt - %PSModulePath% (server-webapp.rules)
 * 1:21839 <-> DISABLED <-> SERVER-WEBAPP System variable in URI attempt - %COMPUTERNAME% (server-webapp.rules)
 * 1:21840 <-> DISABLED <-> SERVER-WEBAPP System variable in URI attempt - %LOGONSERVER% (server-webapp.rules)
 * 1:21841 <-> DISABLED <-> SERVER-WEBAPP System variable in URI attempt - %PATH% (server-webapp.rules)
 * 1:21842 <-> DISABLED <-> SERVER-WEBAPP System variable in URI attempt - %PATHEXT% (server-webapp.rules)
 * 1:21843 <-> DISABLED <-> SERVER-WEBAPP System variable in URI attempt - %PROMPT% (server-webapp.rules)
 * 1:21844 <-> DISABLED <-> SERVER-WEBAPP System variable in URI attempt - %USERDOMAIN% (server-webapp.rules)
 * 1:2185 <-> DISABLED <-> RPC mountd UDP mount path overflow attempt (rpc.rules)
 * 1:21882 <-> DISABLED <-> BROWSER-PLUGINS ICONICS WebHMI ActiveX clsid access attempt (browser-plugins.rules)
 * 1:21883 <-> DISABLED <-> BROWSER-PLUGINS ICONICS WebHMI ActiveX clsid access attempt (browser-plugins.rules)
 * 1:21918 <-> DISABLED <-> BROWSER-PLUGINS IBM Tivoli Provisioning Manager Express Buffer Overflow ActiveX clsid access attempt (browser-plugins.rules)
 * 1:21919 <-> DISABLED <-> BROWSER-PLUGINS IBM Tivoli Provisioning Manager Express Buffer Overflow ActiveX function call access attempt (browser-plugins.rules)
 * 1:21926 <-> ENABLED <-> SERVER-WEBAPP JCE Joomla module vulnerable directory traversal or malicious file upload attempt (server-webapp.rules)
 * 1:21950 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows MSWebDVD ActiveX clsid access attempt (browser-plugins.rules)
 * 1:21951 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows MSWebDVD ActiveX function call attempt (browser-plugins.rules)
 * 1:22003 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WMIScriptUtils.WMIObjectBroker2.1 ActiveX CLSIDaccess (browser-plugins.rules)
 * 1:22049 <-> DISABLED <-> BROWSER-PLUGINS Symantec Norton Internet Security ActiveX clsid access (browser-plugins.rules)
 * 1:22050 <-> DISABLED <-> BROWSER-PLUGINS Symantec Norton Internet Security ActiveX function call (browser-plugins.rules)
 * 1:22061 <-> ENABLED <-> MALWARE-OTHER Alureon - Malicious IFRAME load attempt (malware-other.rules)
 * 1:22063 <-> ENABLED <-> SERVER-WEBAPP PHP-CGI remote file include attempt (server-webapp.rules)
 * 1:22064 <-> ENABLED <-> SERVER-WEBAPP PHP-CGI command injection attempt (server-webapp.rules)
 * 1:22079 <-> DISABLED <-> OS-WINDOWS Microsoft .NET framework EvidenceBase class remote code execution attempt (os-windows.rules)
 * 1:22088 <-> ENABLED <-> EXPLOIT-KIT Blackhole Exploit Kit javascript service method (exploit-kit.rules)
 * 1:22090 <-> ENABLED <-> OS-WINDOWS Microsoft .NET framework malicious XBAP attempt (os-windows.rules)
 * 1:22097 <-> DISABLED <-> SERVER-WEBAPP PHP-CGI command injection attempt (server-webapp.rules)
 * 1:2226 <-> DISABLED <-> SERVER-WEBAPP pmachine remote file include attempt (server-webapp.rules)
 * 1:2227 <-> DISABLED <-> SERVER-WEBAPP forum_details.php access (server-webapp.rules)
 * 1:2228 <-> DISABLED <-> SERVER-WEBAPP phpMyAdmin db_details_importdocsql.php access (server-webapp.rules)
 * 1:2229 <-> DISABLED <-> SERVER-WEBAPP viewtopic.php access (server-webapp.rules)
 * 1:223 <-> DISABLED <-> MALWARE-OTHER Trin00 Daemon to Master PONG message detected (malware-other.rules)
 * 1:2230 <-> DISABLED <-> SERVER-WEBAPP NetGear router default password login attempt admin/password (server-webapp.rules)
 * 1:2231 <-> DISABLED <-> SERVER-WEBAPP register.dll access (server-webapp.rules)
 * 1:2232 <-> DISABLED <-> SERVER-WEBAPP ContentFilter.dll access (server-webapp.rules)
 * 1:2233 <-> DISABLED <-> SERVER-WEBAPP SFNofitication.dll access (server-webapp.rules)
 * 1:2234 <-> DISABLED <-> SERVER-WEBAPP TOP10.dll access (server-webapp.rules)
 * 1:2235 <-> DISABLED <-> SERVER-WEBAPP SpamExcp.dll access (server-webapp.rules)
 * 1:2236 <-> DISABLED <-> SERVER-WEBAPP spamrule.dll access (server-webapp.rules)
 * 1:2237 <-> DISABLED <-> SERVER-WEBAPP cgiWebupdate.exe access (server-webapp.rules)
 * 1:2238 <-> DISABLED <-> SERVER-WEBAPP WebLogic ConsoleHelp view source attempt (server-webapp.rules)
 * 1:2239 <-> DISABLED <-> SERVER-WEBAPP redirect.exe access (server-webapp.rules)
 * 1:2240 <-> DISABLED <-> SERVER-WEBAPP changepw.exe access (server-webapp.rules)
 * 1:2241 <-> DISABLED <-> SERVER-WEBAPP cwmail.exe access (server-webapp.rules)
 * 1:2242 <-> DISABLED <-> SERVER-WEBAPP ddicgi.exe access (server-webapp.rules)
 * 1:2243 <-> DISABLED <-> SERVER-WEBAPP ndcgi.exe access (server-webapp.rules)
 * 1:2244 <-> DISABLED <-> SERVER-WEBAPP VsSetCookie.exe access (server-webapp.rules)
 * 1:2245 <-> DISABLED <-> SERVER-WEBAPP Webnews.exe access (server-webapp.rules)
 * 1:2246 <-> DISABLED <-> SERVER-WEBAPP webadmin.dll access (server-webapp.rules)
 * 1:2252 <-> ENABLED <-> OS-WINDOWS SMB-DS DCERPC Remote Activation bind attempt (os-windows.rules)
 * 1:2253 <-> DISABLED <-> SERVER-MAIL XEXCH50 overflow attempt (server-mail.rules)
 * 1:2257 <-> ENABLED <-> OS-WINDOWS DCERPC Messenger Service buffer overflow attempt (os-windows.rules)
 * 1:2258 <-> ENABLED <-> OS-WINDOWS SMB-DS DCERPC Messenger Service buffer overflow attempt (os-windows.rules)
 * 1:2259 <-> DISABLED <-> SERVER-MAIL EXPN overflow attempt (server-mail.rules)
 * 1:2260 <-> DISABLED <-> SERVER-MAIL VRFY overflow attempt (server-mail.rules)
 * 1:2275 <-> DISABLED <-> SERVER-MAIL AUTH LOGON brute force attempt (server-mail.rules)
 * 1:2276 <-> DISABLED <-> SERVER-WEBAPP oracle portal demo access (server-webapp.rules)
 * 1:2277 <-> DISABLED <-> SERVER-WEBAPP PeopleSoft PeopleBooks psdoccgi access (server-webapp.rules)
 * 1:2278 <-> DISABLED <-> SERVER-WEBAPP client negative Content-Length attempt (server-webapp.rules)
 * 1:2279 <-> DISABLED <-> SERVER-WEBAPP UpdateClasses.php access (server-webapp.rules)
 * 1:2280 <-> DISABLED <-> SERVER-WEBAPP Title.php access (server-webapp.rules)
 * 1:2281 <-> DISABLED <-> SERVER-WEBAPP Setup.php access (server-webapp.rules)
 * 1:2282 <-> DISABLED <-> SERVER-WEBAPP GlobalFunctions.php access (server-webapp.rules)
 * 1:2283 <-> DISABLED <-> SERVER-WEBAPP DatabaseFunctions.php access (server-webapp.rules)
 * 1:2284 <-> DISABLED <-> SERVER-WEBAPP rolis guestbook remote file include attempt (server-webapp.rules)
 * 1:2285 <-> DISABLED <-> SERVER-WEBAPP rolis guestbook access (server-webapp.rules)
 * 1:2286 <-> DISABLED <-> SERVER-WEBAPP friends.php access (server-webapp.rules)
 * 1:2287 <-> DISABLED <-> SERVER-WEBAPP Advanced Poll admin_comment.php access (server-webapp.rules)
 * 1:2288 <-> DISABLED <-> SERVER-WEBAPP Advanced Poll admin_edit.php access (server-webapp.rules)
 * 1:2289 <-> DISABLED <-> SERVER-WEBAPP Advanced Poll admin_embed.php access (server-webapp.rules)
 * 1:2290 <-> DISABLED <-> SERVER-WEBAPP Advanced Poll admin_help.php access (server-webapp.rules)
 * 1:2291 <-> DISABLED <-> SERVER-WEBAPP Advanced Poll admin_license.php access (server-webapp.rules)
 * 1:2292 <-> DISABLED <-> SERVER-WEBAPP Advanced Poll admin_logout.php access (server-webapp.rules)
 * 1:2293 <-> DISABLED <-> SERVER-WEBAPP Advanced Poll admin_password.php access (server-webapp.rules)
 * 1:2294 <-> DISABLED <-> SERVER-WEBAPP Advanced Poll admin_preview.php access (server-webapp.rules)
 * 1:2295 <-> DISABLED <-> SERVER-WEBAPP Advanced Poll admin_settings.php access (server-webapp.rules)
 * 1:22950 <-> DISABLED <-> SERVER-WEBAPP EXIF header parsing integer overflow attempt big endian (server-webapp.rules)
 * 1:22951 <-> DISABLED <-> SERVER-WEBAPP EXIF header parsing integer overflow attempt little endian (server-webapp.rules)
 * 1:22953 <-> DISABLED <-> MALWARE-TOOLS Hulk denial of service attempt (malware-tools.rules)
 * 1:2296 <-> DISABLED <-> SERVER-WEBAPP Advanced Poll admin_stats.php access (server-webapp.rules)
 * 1:2297 <-> DISABLED <-> SERVER-WEBAPP Advanced Poll admin_templates_misc.php access (server-webapp.rules)
 * 1:2298 <-> DISABLED <-> SERVER-WEBAPP Advanced Poll admin_templates.php access (server-webapp.rules)
 * 1:2299 <-> DISABLED <-> SERVER-WEBAPP Advanced Poll admin_tpl_misc_new.php access (server-webapp.rules)
 * 1:230 <-> DISABLED <-> MALWARE-OTHER shaft client login to handler (malware-other.rules)
 * 1:2300 <-> DISABLED <-> SERVER-WEBAPP Advanced Poll admin_tpl_new.php access (server-webapp.rules)
 * 1:2301 <-> DISABLED <-> SERVER-WEBAPP Advanced Poll booth.php access (server-webapp.rules)
 * 1:2302 <-> DISABLED <-> SERVER-WEBAPP Advanced Poll poll_ssi.php access (server-webapp.rules)
 * 1:2303 <-> DISABLED <-> SERVER-WEBAPP Advanced Poll popup.php access (server-webapp.rules)
 * 1:2304 <-> DISABLED <-> SERVER-WEBAPP files.inc.php access (server-webapp.rules)
 * 1:23046 <-> DISABLED <-> SERVER-WEBAPP Oracle GlassFish Enterprise server cross site scripting attempt (server-webapp.rules)
 * 1:23047 <-> DISABLED <-> SERVER-WEBAPP Oracle GlassFish Enterprise server cross site scripting attempt (server-webapp.rules)
 * 1:23048 <-> DISABLED <-> BROWSER-PLUGINS McAfee Virtual Technician Security Bypass ActiveX clsid attempt (browser-plugins.rules)
 * 1:23049 <-> DISABLED <-> BROWSER-PLUGINS McAfee Virtual Technician Security Bypass ActiveX function call attempt (browser-plugins.rules)
 * 1:2305 <-> DISABLED <-> SERVER-WEBAPP chatbox.php access (server-webapp.rules)
 * 1:23050 <-> DISABLED <-> BROWSER-PLUGINS McAfee Virtual Technician Security Bypass ActiveX function call attempt (browser-plugins.rules)
 * 1:2306 <-> DISABLED <-> SERVER-WEBAPP gallery remote file include attempt (server-webapp.rules)
 * 1:2307 <-> DISABLED <-> SERVER-WEBAPP PayPal Storefront remote file include attempt (server-webapp.rules)
 * 1:231 <-> DISABLED <-> MALWARE-OTHER Trin00 Daemon to Master message detected (malware-other.rules)
 * 1:23128 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer 9 memory disclosure attempt (browser-ie.rules)
 * 1:23142 <-> ENABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23143 <-> ENABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23144 <-> ENABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23145 <-> ENABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23146 <-> ENABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23162 <-> DISABLED <-> OS-WINDOWS Microsoft Lync Online ncrypt.dll dll-load exploit attempt (os-windows.rules)
 * 1:23163 <-> DISABLED <-> OS-WINDOWS Microsoft Lync Online wlanapi.dll dll-load exploit attempt (os-windows.rules)
 * 1:2317 <-> DISABLED <-> INDICATOR-COMPROMISE CVS non-relative path error response (indicator-compromise.rules)
 * 1:23174 <-> DISABLED <-> BROWSER-PLUGINS IBM Lotus Quickr ActiveX stack buffer overflow attempt (browser-plugins.rules)
 * 1:23175 <-> DISABLED <-> BROWSER-PLUGINS IBM Lotus Quickr ActiveX stack buffer overflow attempt (browser-plugins.rules)
 * 1:23176 <-> DISABLED <-> MALWARE-CNC Donbot.A runtime traffic detected (malware-cnc.rules)
 * 1:23177 <-> DISABLED <-> SERVER-WEBAPP Symantec Web Gateway timer.php cross site scripting attempt (server-webapp.rules)
 * 1:2318 <-> DISABLED <-> SERVER-OTHER CVS non-relative path access attempt (server-other.rules)
 * 1:23186 <-> DISABLED <-> BROWSER-PLUGINS Dell CrazyTalk.DLL ActiveX clsid access (browser-plugins.rules)
 * 1:232 <-> DISABLED <-> MALWARE-OTHER Trin00 Daemon to Master *HELLO* message detected (malware-other.rules)
 * 1:23216 <-> DISABLED <-> SERVER-WEBAPP Ruby on Rails SQL injection attempt (server-webapp.rules)
 * 1:23228 <-> DISABLED <-> BROWSER-PLUGINS Oracle Webcenter ActiveX clsid access (browser-plugins.rules)
 * 1:23229 <-> DISABLED <-> BROWSER-PLUGINS Oracle Webcenter ActiveX function call access (browser-plugins.rules)
 * 1:23230 <-> DISABLED <-> OS-WINDOWS Microsoft Windows NT DHCP REQUEST client identifier overflow attempt (os-windows.rules)
 * 1:23231 <-> DISABLED <-> OS-WINDOWS Microsoft Windows NT DHCP REQUEST hostname overflow attempt (os-windows.rules)
 * 1:23232 <-> DISABLED <-> OS-WINDOWS Microsoft Windows NT DHCP DISCOVER client identifier overflow attempt (os-windows.rules)
 * 1:23233 <-> DISABLED <-> OS-WINDOWS Microsoft Windows NT DHCP DISCOVER hostname overflow attempt (os-windows.rules)
 * 1:23237 <-> DISABLED <-> OS-WINDOWS SMB2 client NetBufferList NULL entry remote code execution attempt (os-windows.rules)
 * 1:23251 <-> DISABLED <-> MALWARE-CNC Trojan.Spyeye variant outbound connection (malware-cnc.rules)
 * 1:23253 <-> DISABLED <-> BROWSER-PLUGINS HP Easy Printer Care XMLSimpleAccessor ActiveX function call access attempt (browser-plugins.rules)
 * 1:23258 <-> DISABLED <-> SERVER-WEBAPP LANDesk Thinkmanagement Suite ServerSetup Directory Transversal attempt (server-webapp.rules)
 * 1:23259 <-> DISABLED <-> SERVER-WEBAPP LANDesk Thinkmanagement Suite ServerSetup Directory Transversal attempt (server-webapp.rules)
 * 1:23260 <-> DISABLED <-> SERVER-WEBAPP SAP NetWeaver cross site scripting attempt (server-webapp.rules)
 * 1:23265 <-> ENABLED <-> FILE-FLASH Adobe Flash Player newfunction memory corruption attempt (file-flash.rules)
 * 1:2327 <-> DISABLED <-> SERVER-WEBAPP bsml.pl access (server-webapp.rules)
 * 1:2328 <-> DISABLED <-> SERVER-WEBAPP authentication_index.php access (server-webapp.rules)
 * 1:23283 <-> DISABLED <-> BROWSER-PLUGINS Oracle WebCenter Forms Recognition ActiveX clsid attempt (browser-plugins.rules)
 * 1:23284 <-> DISABLED <-> BROWSER-PLUGINS Oracle WebCenter Forms Recognition ActiveX function call attempt (browser-plugins.rules)
 * 1:23286 <-> ENABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23287 <-> ENABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23288 <-> ENABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23289 <-> ENABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:2329 <-> DISABLED <-> SERVER-MSSQL probe response overflow attempt (server-mssql.rules)
 * 1:23290 <-> ENABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23291 <-> ENABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23292 <-> ENABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23293 <-> ENABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23294 <-> ENABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23295 <-> ENABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23296 <-> ENABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23297 <-> ENABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23298 <-> ENABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23299 <-> ENABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:233 <-> DISABLED <-> MALWARE-OTHER Trin00 Attacker to Master default startup password (malware-other.rules)
 * 1:23300 <-> ENABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23301 <-> ENABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23302 <-> ENABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23303 <-> ENABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23304 <-> ENABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:2331 <-> DISABLED <-> SERVER-WEBAPP MatrikzGB privilege escalation attempt (server-webapp.rules)
 * 1:23314 <-> DISABLED <-> OS-WINDOWS SMB invalid character argument injection attempt (os-windows.rules)
 * 1:23352 <-> DISABLED <-> BROWSER-PLUGINS Cisco Linksys PlayerPT ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23353 <-> DISABLED <-> BROWSER-PLUGINS Cisco Linksys PlayerPT ActiveX function call access attempt (browser-plugins.rules)
 * 1:23363 <-> DISABLED <-> EXPLOIT Novell Netware XNFS.NLM xdrdecodeString heap buffer overflow attempt (exploit.rules)
 * 1:23364 <-> DISABLED <-> EXPLOIT Novell Netware XNFS.NLM v2 xdrdecodeString heap buffer overflow attempt (exploit.rules)
 * 1:23365 <-> DISABLED <-> EXPLOIT Novell Netware XNFS.NLM NFS v3 xdrdecodeString heap buffer overflow attempt (exploit.rules)
 * 1:23366 <-> DISABLED <-> EXPLOIT Novell Netware XNFS.NLM NFS v2 xdrdecodeString heap buffer overflow attempt (exploit.rules)
 * 1:23372 <-> ENABLED <-> BROWSER-PLUGINS Teechart Professional ActiveX clsid access (browser-plugins.rules)
 * 1:23373 <-> ENABLED <-> BROWSER-PLUGINS Teechart Professional ActiveX clsid access (browser-plugins.rules)
 * 1:23374 <-> ENABLED <-> BROWSER-PLUGINS Teechart Professional ActiveX clsid access (browser-plugins.rules)
 * 1:23375 <-> ENABLED <-> BROWSER-PLUGINS Teechart Professional ActiveX clsid access (browser-plugins.rules)
 * 1:23376 <-> ENABLED <-> BROWSER-PLUGINS Teechart Professional ActiveX clsid access (browser-plugins.rules)
 * 1:23395 <-> DISABLED <-> BROWSER-PLUGINS Quest InTrust Annotation Objects ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23396 <-> DISABLED <-> BROWSER-PLUGINS Quest InTrust Annotation Objects ActiveX function call access attempt (browser-plugins.rules)
 * 1:234 <-> DISABLED <-> MALWARE-OTHER Trin00 Attacker to Master default password (malware-other.rules)
 * 1:23401 <-> DISABLED <-> SERVER-WEBAPP Oracle GlassFish server REST interface cross site request forgery attempt (server-webapp.rules)
 * 1:23402 <-> DISABLED <-> SERVER-WEBAPP CVS remote file information disclosure attempt (server-webapp.rules)
 * 1:23403 <-> DISABLED <-> SERVER-WEBAPP Adobe JRun directory traversal attempt (server-webapp.rules)
 * 1:23405 <-> DISABLED <-> SERVER-WEBAPP PHP-Nuke index.php SQL injection attempt (server-webapp.rules)
 * 1:23406 <-> DISABLED <-> SERVER-WEBAPP PHP-Nuke index.php SQL injection attempt (server-webapp.rules)
 * 1:23407 <-> DISABLED <-> SERVER-WEBAPP Apple iChat url format string exploit attempt (server-webapp.rules)
 * 1:23409 <-> DISABLED <-> BROWSER-PLUGINS Veritas Storage Exec ActiveX clsid access attempt (browser-plugins.rules)
 * 1:2341 <-> DISABLED <-> SERVER-WEBAPP DCP-Portal remote file include editor script attempt (server-webapp.rules)
 * 1:23410 <-> DISABLED <-> BROWSER-PLUGINS Veritas Storage Exec ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23411 <-> DISABLED <-> BROWSER-PLUGINS Veritas Storage Exec ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23412 <-> DISABLED <-> BROWSER-PLUGINS Veritas Storage Exec ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23413 <-> DISABLED <-> BROWSER-PLUGINS Veritas Storage Exec ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23414 <-> DISABLED <-> BROWSER-PLUGINS Veritas Storage Exec ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23415 <-> DISABLED <-> BROWSER-PLUGINS Veritas Storage Exec ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23416 <-> DISABLED <-> BROWSER-PLUGINS Veritas Storage Exec ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23417 <-> DISABLED <-> BROWSER-PLUGINS Veritas Storage Exec ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23418 <-> DISABLED <-> BROWSER-PLUGINS Veritas Storage Exec ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23419 <-> DISABLED <-> BROWSER-PLUGINS Veritas Storage Exec ActiveX clsid access attempt (browser-plugins.rules)
 * 1:2342 <-> DISABLED <-> SERVER-WEBAPP DCP-Portal remote file include lib script attempt (server-webapp.rules)
 * 1:23420 <-> DISABLED <-> BROWSER-PLUGINS Veritas Storage Exec ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23421 <-> DISABLED <-> BROWSER-PLUGINS Veritas Storage Exec ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23422 <-> DISABLED <-> BROWSER-PLUGINS Veritas Storage Exec ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23423 <-> DISABLED <-> BROWSER-PLUGINS Veritas Storage Exec ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23424 <-> DISABLED <-> BROWSER-PLUGINS Veritas Storage Exec ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23425 <-> DISABLED <-> BROWSER-PLUGINS Veritas Storage Exec ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23426 <-> DISABLED <-> BROWSER-PLUGINS Veritas Storage Exec ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23427 <-> DISABLED <-> BROWSER-PLUGINS Veritas Storage Exec ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23428 <-> DISABLED <-> BROWSER-PLUGINS Veritas Storage Exec ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23429 <-> DISABLED <-> BROWSER-PLUGINS Veritas Storage Exec ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23430 <-> DISABLED <-> BROWSER-PLUGINS Veritas Storage Exec ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23431 <-> DISABLED <-> BROWSER-PLUGINS Veritas Storage Exec ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23432 <-> DISABLED <-> BROWSER-PLUGINS Veritas Storage Exec ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23433 <-> DISABLED <-> SERVER-WEBAPP IBM Lotus Domino cross site scripting attempt (server-webapp.rules)
 * 1:23434 <-> DISABLED <-> SERVER-WEBAPP IBM Lotus Domino cross site scripting attempt (server-webapp.rules)
 * 1:23438 <-> DISABLED <-> INDICATOR-COMPROMISE php-shell remote command shell initialization attempt (indicator-compromise.rules)
 * 1:23439 <-> DISABLED <-> INDICATOR-COMPROMISE php-shell remote command shell upload attempt (indicator-compromise.rules)
 * 1:23440 <-> DISABLED <-> INDICATOR-COMPROMISE php-shell remote command shell upload attempt (indicator-compromise.rules)
 * 1:23441 <-> DISABLED <-> INDICATOR-COMPROMISE php-shell remote command shell upload attempt (indicator-compromise.rules)
 * 1:23442 <-> DISABLED <-> INDICATOR-COMPROMISE php-shell remote command injection attempt (indicator-compromise.rules)
 * 1:23443 <-> DISABLED <-> INDICATOR-COMPROMISE php-shell failed remote command injection attempt (indicator-compromise.rules)
 * 1:2345 <-> DISABLED <-> SERVER-WEBAPP PhpGedView search.php access (server-webapp.rules)
 * 1:2346 <-> DISABLED <-> SERVER-WEBAPP myPHPNuke chatheader.php access (server-webapp.rules)
 * 1:23466 <-> ENABLED <-> SERVER-WEBAPP IBM System Storage DS storage manager profiler XSS attempt (server-webapp.rules)
 * 1:2347 <-> DISABLED <-> SERVER-WEBAPP myPHPNuke partner.php access (server-webapp.rules)
 * 1:23470 <-> DISABLED <-> BROWSER-PLUGINS StoneTrip S3DPlayer ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23480 <-> DISABLED <-> SERVER-WEBAPP IBM Lotus Domino webadmin.nsf directory traversal attempt (server-webapp.rules)
 * 1:23485 <-> ENABLED <-> SERVER-WEBAPP Wordpress Invit0r plugin php upload attempt (server-webapp.rules)
 * 1:235 <-> DISABLED <-> MALWARE-OTHER Trin00 Attacker to Master default mdie password (malware-other.rules)
 * 1:23501 <-> DISABLED <-> FILE-PDF Adobe Acrobat and Acrobat Reader javascript getIcon method buffer overflow attempt (file-pdf.rules)
 * 1:2353 <-> DISABLED <-> SERVER-WEBAPP IdeaBox cord.php file include (server-webapp.rules)
 * 1:2354 <-> DISABLED <-> SERVER-WEBAPP IdeaBox notification.php file include (server-webapp.rules)
 * 1:2355 <-> DISABLED <-> SERVER-WEBAPP Invision Board emailer.php file include (server-webapp.rules)
 * 1:2356 <-> DISABLED <-> SERVER-WEBAPP WebChat db_mysql.php file include (server-webapp.rules)
 * 1:2357 <-> DISABLED <-> SERVER-WEBAPP WebChat english.php file include (server-webapp.rules)
 * 1:2358 <-> DISABLED <-> SERVER-WEBAPP Typo3 translations.php file include (server-webapp.rules)
 * 1:2359 <-> DISABLED <-> SERVER-WEBAPP Invision Board ipchat.php file include (server-webapp.rules)
 * 1:2360 <-> DISABLED <-> SERVER-WEBAPP myphpPagetool pt_config.inc file include (server-webapp.rules)
 * 1:2361 <-> DISABLED <-> SERVER-WEBAPP news.php file include (server-webapp.rules)
 * 1:23613 <-> DISABLED <-> SERVER-WEBAPP Arbitrary file location upload attempt (server-webapp.rules)
 * 1:23614 <-> ENABLED <-> FILE-OTHER Oracle JavaScript heap exploitation library usage attempt (file-other.rules)
 * 1:2362 <-> DISABLED <-> SERVER-WEBAPP YaBB SE packages.php file include (server-webapp.rules)
 * 1:2363 <-> DISABLED <-> SERVER-WEBAPP Cyboards default_header.php access (server-webapp.rules)
 * 1:2364 <-> DISABLED <-> SERVER-WEBAPP Cyboards options_form.php access (server-webapp.rules)
 * 1:2365 <-> DISABLED <-> SERVER-WEBAPP newsPHP Language file include attempt (server-webapp.rules)
 * 1:2366 <-> DISABLED <-> SERVER-WEBAPP PhpGedView PGV authentication_index.php base directory manipulation attempt (server-webapp.rules)
 * 1:2367 <-> DISABLED <-> SERVER-WEBAPP PhpGedView PGV functions.php base directory manipulation attempt (server-webapp.rules)
 * 1:2368 <-> DISABLED <-> SERVER-WEBAPP PhpGedView PGV config_gedcom.php base directory manipulation attempt (server-webapp.rules)
 * 1:2369 <-> DISABLED <-> SERVER-WEBAPP ISAPISkeleton.dll access (server-webapp.rules)
 * 1:237 <-> DISABLED <-> MALWARE-OTHER Trin00 Master to Daemon default password attempt (malware-other.rules)
 * 1:2370 <-> DISABLED <-> SERVER-WEBAPP BugPort config.conf file access (server-webapp.rules)
 * 1:2371 <-> DISABLED <-> SERVER-WEBAPP Sample_showcode.html access (server-webapp.rules)
 * 1:2372 <-> DISABLED <-> SERVER-WEBAPP Photopost PHP Pro showphoto.php access (server-webapp.rules)
 * 1:23783 <-> ENABLED <-> SERVER-WEBAPP Symantec Web Gateway pbcontrol.php filename parameter command injection attempt (server-webapp.rules)
 * 1:23784 <-> ENABLED <-> SERVER-WEBAPP Symantec Web Gateway blocked.php id parameter sql injection attempt (server-webapp.rules)
 * 1:23791 <-> DISABLED <-> SERVER-WEBAPP PHP use-after-free in substr_replace attempt (server-webapp.rules)
 * 1:23792 <-> DISABLED <-> SERVER-WEBAPP PHP use-after-free in substr_replace attempt (server-webapp.rules)
 * 1:23793 <-> DISABLED <-> SERVER-WEBAPP use-after-free in substr_replace attempt (server-webapp.rules)
 * 1:23796 <-> DISABLED <-> SERVER-WEBAPP exif invalid tag data buffer overflow attempt (server-webapp.rules)
 * 1:2381 <-> DISABLED <-> SERVER-WEBAPP Checkpoint Firewall-1 HTTP parsing format string vulnerability attempt (server-webapp.rules)
 * 1:2382 <-> DISABLED <-> OS-WINDOWS SMB Session Setup NTMLSSP asn1 overflow attempt (os-windows.rules)
 * 1:23827 <-> ENABLED <-> SERVER-WEBAPP Joomla Remote File Include upload attempt (server-webapp.rules)
 * 1:23828 <-> ENABLED <-> SERVER-WEBAPP Joomla Remote File Include upload attempt (server-webapp.rules)
 * 1:2383 <-> DISABLED <-> OS-WINDOWS SMB-DS Session Setup NTMLSSP asn1 overflow attempt (os-windows.rules)
 * 1:23837 <-> DISABLED <-> OS-WINDOWS SMB host announcement format string exploit attempt (os-windows.rules)
 * 1:23838 <-> DISABLED <-> OS-WINDOWS SMB NetServerEnum response host format string exploit attempt (os-windows.rules)
 * 1:23878 <-> ENABLED <-> BROWSER-PLUGINS Oracle JRE Deployment Toolkit ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23891 <-> ENABLED <-> FILE-PDF Adobe Reader getAnnotsRichMedia return type confusion attempt (file-pdf.rules)
 * 1:23892 <-> ENABLED <-> FILE-PDF Adobe Reader getAnnotsRichMedia return type confusion attempt (file-pdf.rules)
 * 1:23894 <-> DISABLED <-> SERVER-WEBAPP truncated crypt function attempt (server-webapp.rules)
 * 1:23895 <-> DISABLED <-> SERVER-WEBAPP PHP truncated crypt function attempt (server-webapp.rules)
 * 1:23896 <-> DISABLED <-> SERVER-WEBAPP PHP truncated crypt function attempt (server-webapp.rules)
 * 1:239 <-> DISABLED <-> MALWARE-OTHER shaft handler to agent (malware-other.rules)
 * 1:2393 <-> DISABLED <-> SERVER-WEBAPP /_admin access (server-webapp.rules)
 * 1:23937 <-> ENABLED <-> SERVER-WEBAPP Invalid global flag attachment attempt (server-webapp.rules)
 * 1:2394 <-> DISABLED <-> SERVER-WEBAPP Compaq web-based management agent denial of service attempt (server-webapp.rules)
 * 1:23944 <-> DISABLED <-> SERVER-WEBAPP empty zip file upload attempt (server-webapp.rules)
 * 1:2395 <-> DISABLED <-> SERVER-WEBAPP InteractiveQuery.jsp access (server-webapp.rules)
 * 1:23950 <-> DISABLED <-> OS-WINDOWS Microsoft Windows DNS NAPTR remote unauthenticated code execution vulnerability attempt (os-windows.rules)
 * 1:23951 <-> DISABLED <-> OS-WINDOWS Microsoft Windows DNS NAPTR remote unauthenticated code execution vulnerability attempt (os-windows.rules)
 * 1:23952 <-> DISABLED <-> MALWARE-TOOLS Tors Hammer slow post flood attempt (malware-tools.rules)
 * 1:23974 <-> DISABLED <-> SERVER-WEBAPP calendar conversion remote integer overflow attempt (server-webapp.rules)
 * 1:23975 <-> DISABLED <-> SERVER-WEBAPP calendar conversion remote integer overflow attempt (server-webapp.rules)
 * 1:2398 <-> DISABLED <-> SERVER-WEBAPP WAnewsletter newsletter.php file include attempt (server-webapp.rules)
 * 1:23984 <-> DISABLED <-> SERVER-WEBAPP LongTail Video JW Player XSS attempt link param (server-webapp.rules)
 * 1:23985 <-> DISABLED <-> BROWSER-PLUGINS Apple Quicktime plugin SetLanguage buffer overflow attempt (browser-plugins.rules)
 * 1:23986 <-> DISABLED <-> BROWSER-PLUGINS Apple Quicktime plugin SetLanguage buffer overflow attempt (browser-plugins.rules)
 * 1:23988 <-> DISABLED <-> SERVER-WEBAPP ocPortal cms cross site request forgery attempt (server-webapp.rules)
 * 1:2399 <-> DISABLED <-> SERVER-WEBAPP WAnewsletter db_type.php access (server-webapp.rules)
 * 1:23994 <-> ENABLED <-> SERVER-WEBAPP zend_strndup null pointer dereference attempt (server-webapp.rules)
 * 1:23995 <-> ENABLED <-> SERVER-WEBAPP libtidy null pointer dereference attempt (server-webapp.rules)
 * 1:23997 <-> DISABLED <-> FILE-FLASH Adobe Flash ActionScript float index array memory corruption attempt (file-flash.rules)
 * 1:240 <-> DISABLED <-> MALWARE-OTHER shaft agent to handler (malware-other.rules)
 * 1:2400 <-> DISABLED <-> SERVER-WEBAPP edittag.pl access (server-webapp.rules)
 * 1:24020 <-> DISABLED <-> FILE-OTHER Oracle Java privileged protection domain exploitation attempt (file-other.rules)
 * 1:24021 <-> DISABLED <-> FILE-OTHER Oracle Java privileged protection domain exploitation attempt (file-other.rules)
 * 1:24026 <-> DISABLED <-> FILE-OTHER Oracle Java privileged protection domain exploitation attempt (file-other.rules)
 * 1:24027 <-> DISABLED <-> FILE-OTHER Oracle Java privileged protection domain exploitation attempt (file-other.rules)
 * 1:24028 <-> ENABLED <-> FILE-OTHER Oracle Java privileged protection domain exploitation attempt (file-other.rules)
 * 1:24036 <-> DISABLED <-> FILE-OTHER Oracle Java privileged protection domain exploitation attempt (file-other.rules)
 * 1:24037 <-> DISABLED <-> FILE-OTHER Oracle Java privileged protection domain exploitation attempt (file-other.rules)
 * 1:24039 <-> DISABLED <-> BROWSER-PLUGINS HP Easy Printer Care Software ActiveX function call access (browser-plugins.rules)
 * 1:24040 <-> DISABLED <-> BROWSER-PLUGINS HP Easy Printer Care Software ActiveX clsid access (browser-plugins.rules)
 * 1:24041 <-> DISABLED <-> BROWSER-PLUGINS HP Easy Printer Care Software ActiveX clsid access (browser-plugins.rules)
 * 1:24042 <-> DISABLED <-> BROWSER-PLUGINS HP Easy Printer Care Software ActiveX clsid access (browser-plugins.rules)
 * 1:24043 <-> DISABLED <-> BROWSER-PLUGINS HP Easy Printer Care Software ActiveX clsid access (browser-plugins.rules)
 * 1:24044 <-> DISABLED <-> BROWSER-PLUGINS HP Easy Printer Care Software ActiveX clsid access (browser-plugins.rules)
 * 1:2405 <-> DISABLED <-> SERVER-WEBAPP phptest.php access (server-webapp.rules)
 * 1:24059 <-> DISABLED <-> SERVER-WEBAPP 5.3.3 mt_rand integer overflow attempt (server-webapp.rules)
 * 1:24060 <-> DISABLED <-> SERVER-WEBAPP PHP 5.3.3 mt_rand integer overflow attempt (server-webapp.rules)
 * 1:24061 <-> DISABLED <-> SERVER-WEBAPP PHP 5.3.3 mt_rand integer overflow attempt (server-webapp.rules)
 * 1:2407 <-> DISABLED <-> SERVER-WEBAPP util.pl access (server-webapp.rules)
 * 1:2408 <-> DISABLED <-> SERVER-WEBAPP Invision Power Board search.pl access (server-webapp.rules)
 * 1:24089 <-> ENABLED <-> OS-WINDOWS Microsoft WebDAV PROPFIND request (os-windows.rules)
 * 1:24091 <-> DISABLED <-> SERVER-WEBAPP SAP NetWeaver SOAP interface command injection attempt (server-webapp.rules)
 * 1:24093 <-> DISABLED <-> SERVER-WEBAPP RFC1867 file-upload implementation denial of service attempt (server-webapp.rules)
 * 1:2410 <-> DISABLED <-> SERVER-WEBAPP IGeneric Free Shopping Cart page.php access (server-webapp.rules)
 * 1:2411 <-> DISABLED <-> SERVER-WEBAPP RealNetworks RealSystem Server DESCRIBE buffer overflow attempt (server-webapp.rules)
 * 1:24112 <-> DISABLED <-> SERVER-WEBAPP inTouch SQL injection in index.php user attempt (server-webapp.rules)
 * 1:24113 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer 8 ieframe.dll ActiveX clsid access (browser-plugins.rules)
 * 1:24128 <-> DISABLED <-> OS-WINDOWS Microsoft SCCM ReportChart xss attempt (os-windows.rules)
 * 1:24131 <-> ENABLED <-> OS-WINDOWS Visual Studio Team Web Access console cross site scripting attempt (os-windows.rules)
 * 1:24132 <-> ENABLED <-> OS-WINDOWS Visual Studio Team Web Access console cross site scripting attempt (os-windows.rules)
 * 1:24133 <-> ENABLED <-> OS-WINDOWS Visual Studio Team Web Access console cross site scripting attempt (os-windows.rules)
 * 1:24134 <-> ENABLED <-> OS-WINDOWS Visual Studio Team Web Access console cross site scripting attempt (os-windows.rules)
 * 1:24135 <-> ENABLED <-> OS-WINDOWS Visual Studio Team Web Access console cross site scripting attempt (os-windows.rules)
 * 1:24136 <-> ENABLED <-> OS-WINDOWS Visual Studio Team Web Access console cross site scripting attempt (os-windows.rules)
 * 1:24137 <-> ENABLED <-> OS-WINDOWS Visual Studio Team Web Access console cross site scripting attempt (os-windows.rules)
 * 1:24155 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader free text annotation invalid IT value denial of service attempt (file-pdf.rules)
 * 1:24179 <-> DISABLED <-> FILE-OTHER eZip Wizard stack overflow attempt (file-other.rules)
 * 1:24180 <-> DISABLED <-> FILE-OTHER eZip Wizard stack overflow attempt (file-other.rules)
 * 1:24181 <-> DISABLED <-> FILE-OTHER eZip Wizard stack overflow attempt (file-other.rules)
 * 1:24192 <-> DISABLED <-> SERVER-WEBAPP socket_connect buffer overflow attempt (server-webapp.rules)
 * 1:24193 <-> DISABLED <-> SERVER-WEBAPP socket_connect buffer overflow attempt (server-webapp.rules)
 * 1:24194 <-> DISABLED <-> SERVER-WEBAPP socket_connect buffer overflow attempt (server-webapp.rules)
 * 1:24195 <-> DISABLED <-> SERVER-WEBAPP socket_connect buffer overflow attempt (server-webapp.rules)
 * 1:24196 <-> DISABLED <-> BROWSER-PLUGINS GE Intelligent Platforms Proficy HTML help ActiveX clsid access attempt (browser-plugins.rules)
 * 1:24197 <-> DISABLED <-> BROWSER-PLUGINS GE Intelligent Platforms Proficy HTML help ActiveX function call attempt (browser-plugins.rules)
 * 1:24201 <-> ENABLED <-> FILE-OTHER Oracle Java field bytecode verifier cache code execution attempt (file-other.rules)
 * 1:24202 <-> ENABLED <-> FILE-OTHER Oracle Java field bytecode verifier cache code execution attempt (file-other.rules)
 * 1:24207 <-> DISABLED <-> FILE-OTHER IBM Lotus Notes LZH Attachment Viewer buffer overflow (file-other.rules)
 * 1:24208 <-> DISABLED <-> FILE-OTHER IBM Lotus Notes LZH Attachment Viewer buffer overflow (file-other.rules)
 * 1:24230 <-> DISABLED <-> FILE-OTHER RealNetworks Netzip Classic zip archive long filename buffer overflow attempt (file-other.rules)
 * 1:24239 <-> DISABLED <-> SERVER-WEBAPP Novell GroupWise Internet Agent content-length integer overflow attempt (server-webapp.rules)
 * 1:2424 <-> DISABLED <-> NNTP sendsys overflow attempt (nntp.rules)
 * 1:24246 <-> DISABLED <-> BROWSER-PLUGINS AdminStudio and InstallShield ActiveX clsid access attempt (browser-plugins.rules)
 * 1:24247 <-> DISABLED <-> BROWSER-PLUGINS AdminStudio and InstallShield ActiveX clsid access attempt (browser-plugins.rules)
 * 1:24248 <-> DISABLED <-> BROWSER-PLUGINS AdminStudio and InstallShield ActiveX function call access attempt (browser-plugins.rules)
 * 1:24249 <-> DISABLED <-> BROWSER-PLUGINS AdminStudio and InstallShield ActiveX function call access attempt (browser-plugins.rules)
 * 1:2425 <-> DISABLED <-> NNTP senduuname overflow attempt (nntp.rules)
 * 1:24250 <-> DISABLED <-> SERVER-OTHER telephone URI to USSD code for factory reset (server-other.rules)
 * 1:24256 <-> ENABLED <-> SERVER-WEBAPP phpMyAdmin server_sync.php backdoor access attempt (server-webapp.rules)
 * 1:2426 <-> DISABLED <-> NNTP version overflow attempt (nntp.rules)
 * 1:2427 <-> DISABLED <-> NNTP checkgroups overflow attempt (nntp.rules)
 * 1:2428 <-> DISABLED <-> NNTP ihave overflow attempt (nntp.rules)
 * 1:24281 <-> DISABLED <-> BROWSER-PLUGINS Cisco Secure Desktop CSDWebInstaller ActiveX clsid access (browser-plugins.rules)
 * 1:24282 <-> DISABLED <-> BROWSER-PLUGINS Cisco Secure Desktop CSDWebInstaller ActiveX function call access (browser-plugins.rules)
 * 1:24289 <-> DISABLED <-> SERVER-WEBAPP Fortinet FortiOS appliedTags field cross site scripting attempt (server-webapp.rules)
 * 1:2429 <-> DISABLED <-> NNTP sendme overflow attempt (nntp.rules)
 * 1:24291 <-> ENABLED <-> SERVER-WEBAPP HP SiteScope APISiteScopeImpl information disclosure attempt (server-webapp.rules)
 * 1:24292 <-> ENABLED <-> SERVER-WEBAPP HP SiteScope APISiteScopeImpl information disclosure attempt (server-webapp.rules)
 * 1:243 <-> DISABLED <-> MALWARE-OTHER mstream agent to handler (malware-other.rules)
 * 1:2430 <-> ENABLED <-> NNTP newgroup overflow attempt (nntp.rules)
 * 1:2431 <-> ENABLED <-> NNTP rmgroup overflow attempt (nntp.rules)
 * 1:24313 <-> ENABLED <-> SERVER-WEBAPP HP OpenView Operations Agent request (server-webapp.rules)
 * 1:2432 <-> DISABLED <-> NNTP article post without path attempt (nntp.rules)
 * 1:24322 <-> DISABLED <-> BROWSER-PLUGINS EMC ApplicationXtender Desktop ActiveX function call attempt (browser-plugins.rules)
 * 1:24323 <-> DISABLED <-> BROWSER-PLUGINS EMC ApplicationXtender Desktop ActiveX function call attempt (browser-plugins.rules)
 * 1:24335 <-> DISABLED <-> BROWSER-PLUGINS Citrix Access Gateway plug-in buffer overflow attempt (browser-plugins.rules)
 * 1:24339 <-> DISABLED <-> SERVER-WEBAPP Zend Framework Zend_XmlRpc information disclosure attempt (server-webapp.rules)
 * 1:24342 <-> DISABLED <-> SERVER-WEBAPP JBoss web console access attempt (server-webapp.rules)
 * 1:24343 <-> DISABLED <-> SERVER-WEBAPP JBoss JMXInvokerServlet access attempt (server-webapp.rules)
 * 1:24355 <-> ENABLED <-> SERVER-MSSQL Microsoft SQL Server Reporting Services cross site scripting attempt (server-mssql.rules)
 * 1:24356 <-> ENABLED <-> SERVER-MSSQL Microsoft SQL Server Reporting Services cross site scripting attempt (server-mssql.rules)
 * 1:24359 <-> ENABLED <-> OS-WINDOWS SMB NTLM NULL session attempt (os-windows.rules)
 * 1:24360 <-> DISABLED <-> OS-WINDOWS SMB Kerberos NULL session denial of service attempt (os-windows.rules)
 * 1:24368 <-> DISABLED <-> MALWARE-CNC Lizamoon sql injection campaign phone-home (malware-cnc.rules)
 * 1:24370 <-> DISABLED <-> OS-LINUX Linux kernel IA32 out-of-bounds system call attempt (os-linux.rules)
 * 1:24371 <-> DISABLED <-> OS-LINUX Linux kernel IA32 out-of-bounds system call attempt (os-linux.rules)
 * 1:24395 <-> DISABLED <-> MALWARE-OTHER itsoknoproblembro TCP flood (malware-other.rules)
 * 1:24396 <-> DISABLED <-> MALWARE-OTHER itsoknoproblembro TCP flood (malware-other.rules)
 * 1:244 <-> DISABLED <-> MALWARE-OTHER mstream handler to agent (malware-other.rules)
 * 1:24401 <-> DISABLED <-> OS-WINDOWS PCT Client_Hello overflow attempt (os-windows.rules)
 * 1:2441 <-> DISABLED <-> SERVER-WEBAPP NetObserve authentication bypass attempt (server-webapp.rules)
 * 1:24416 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agent outbound connection (malware-cnc.rules)
 * 1:24417 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agent outbound connection (malware-cnc.rules)
 * 1:24418 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Vundo variant outbound connection (malware-cnc.rules)
 * 1:24419 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Vundo variant outbound connection (malware-cnc.rules)
 * 1:2442 <-> DISABLED <-> SERVER-WEBAPP Apple Quicktime User-Agent buffer overflow attempt (server-webapp.rules)
 * 1:24420 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Misun variant outbound connection (malware-cnc.rules)
 * 1:24435 <-> ENABLED <-> SERVER-WEBAPP Novell ZENworks Asset Management default admin credentials function call attempt (server-webapp.rules)
 * 1:24436 <-> ENABLED <-> SERVER-WEBAPP Novell ZENworks Asset Management default admin credentials function call attempt (server-webapp.rules)
 * 1:24440 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Chiviper outbound connection (malware-cnc.rules)
 * 1:2447 <-> DISABLED <-> SERVER-WEBAPP ServletManager access (server-webapp.rules)
 * 1:2448 <-> DISABLED <-> SERVER-WEBAPP setinfo.hts access (server-webapp.rules)