Sourcefire VRT Update

Date: 2005-12-30

This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack.

The format of the file is:

sid - Message (rule group)

 New rules:
 4982 - WEB-CLIENT Adodb.Stream ActiveX Object Access (web-client.rules)
 4983 - WEB-CLIENT Adodb.Stream ActiveX Object Access CreateObject Function (web-client.rules)
 4984 - MS-SQL/SMB sa brute force failed login unicode attempt (sql.rules)
 4985 - WEB-MISC Twiki rdiff rev command injection attempt (web-misc.rules)
 4986 - WEB-MISC Twiki view rev command injection attempt (web-misc.rules)
 4987 - WEB-MISC Twiki viewfile rev command injection attempt (web-misc.rules)
 4988 - WEB-MISC Barracuda IMG.PL directory traversal attempt (web-misc.rules)
 4989 - MS-SQL Heap-Based Overflow Attempt (sql.rules)
 4990 - MS-SQL Heap-Based Overflow Attempt (sql.rules)
 4991 - NETBIOS SMB lsass unicode alter context attempt (netbios.rules)
 4992 - NETBIOS SMB lsass WriteAndX unicode alter context attempt (netbios.rules)
 4993 - NETBIOS SMB lsass unicode bind attempt (netbios.rules)
 4994 - NETBIOS SMB lsass WriteAndX unicode bind attempt (netbios.rules)
 4995 - NETBIOS SMB-DS lsass bind attempt (netbios.rules)
 4996 - NETBIOS SMB-DS lsass WriteAndX bind attempt (netbios.rules)
 4997 - NETBIOS SMB-DS lsass unicode bind attempt (netbios.rules)
 4998 - NETBIOS SMB-DS lsass WriteAndX unicode bind attempt (netbios.rules)
 4999 - NETBIOS-DG SMB lsass bind attempt (netbios.rules)
 5000 - NETBIOS-DG SMB lsass WriteAndX bind attempt (netbios.rules)
 5001 - NETBIOS-DG SMB lsass unicode bind attempt (netbios.rules)
 5002 - NETBIOS-DG SMB lsass WriteAndX unicode bind attempt (netbios.rules)
 5003 - NETBIOS SMB lsass little endian bind attempt (netbios.rules)
 5004 - NETBIOS SMB lsass WriteAndX little endian bind attempt (netbios.rules)
 5005 - NETBIOS SMB-DS lsass alter context attempt (netbios.rules)
 5006 - NETBIOS-DG SMB lsass WriteAndX unicode alter context attempt (netbios.rules)
 5007 - NETBIOS SMB lsass little endian alter context attempt (netbios.rules)
 5008 - NETBIOS SMB lsass WriteAndX little endian alter context attempt (netbios.rules)
 5009 - NETBIOS SMB lsass unicode little endian alter context attempt (netbios.rules)
 5010 - NETBIOS SMB lsass WriteAndX unicode little endian alter context attempt (netbios.rules)
 5011 - NETBIOS SMB-DS lsass little endian alter context attempt (netbios.rules)
 5012 - NETBIOS SMB-DS lsass WriteAndX little endian alter context attempt (netbios.rules)
 5013 - NETBIOS SMB-DS lsass unicode little endian alter context attempt (netbios.rules)
 5014 - NETBIOS SMB-DS lsass WriteAndX unicode little endian alter context attempt (netbios.rules)
 5015 - NETBIOS-DG SMB lsass little endian alter context attempt (netbios.rules)
 5016 - NETBIOS-DG SMB lsass WriteAndX little endian alter context attempt (netbios.rules)
 5017 - NETBIOS-DG SMB lsass unicode little endian alter context attempt (netbios.rules)
 5018 - NETBIOS-DG SMB lsass WriteAndX unicode little endian alter context attempt (netbios.rules)
 5019 - NETBIOS SMB lsass bind attempt (netbios.rules)
 5020 - NETBIOS SMB lsass WriteAndX bind attempt (netbios.rules)
 5021 - NETBIOS SMB lsass unicode little endian bind attempt (netbios.rules)
 5022 - NETBIOS SMB lsass WriteAndX unicode little endian bind attempt (netbios.rules)
 5023 - NETBIOS SMB-DS lsass little endian bind attempt (netbios.rules)
 5024 - NETBIOS SMB-DS lsass WriteAndX little endian bind attempt (netbios.rules)
 5025 - NETBIOS SMB-DS lsass unicode little endian bind attempt (netbios.rules)
 5026 - NETBIOS SMB-DS lsass WriteAndX unicode little endian bind attempt (netbios.rules)
 5027 - NETBIOS-DG SMB lsass little endian bind attempt (netbios.rules)
 5028 - NETBIOS-DG SMB lsass WriteAndX little endian bind attempt (netbios.rules)
 5029 - NETBIOS-DG SMB lsass unicode little endian bind attempt (netbios.rules)
 5030 - NETBIOS-DG SMB lsass WriteAndX unicode little endian bind attempt (netbios.rules)
 5031 - NETBIOS SMB lsass andx alter context attempt (netbios.rules)
 5032 - NETBIOS SMB-DS lsass WriteAndX andx alter context attempt (netbios.rules)
 5033 - NETBIOS SMB-DS lsass unicode andx alter context attempt (netbios.rules)
 5034 - NETBIOS SMB lsass WriteAndX andx alter context attempt (netbios.rules)
 5035 - NETBIOS SMB-DS lsass WriteAndX unicode andx alter context attempt (netbios.rules)
 5036 - NETBIOS-DG SMB lsass andx alter context attempt (netbios.rules)
 5037 - NETBIOS-DG SMB lsass WriteAndX andx alter context attempt (netbios.rules)
 5038 - NETBIOS-DG SMB lsass unicode andx alter context attempt (netbios.rules)
 5039 - NETBIOS SMB lsass unicode andx alter context attempt (netbios.rules)
 5040 - NETBIOS SMB lsass WriteAndX unicode andx alter context attempt (netbios.rules)
 5041 - NETBIOS SMB lsass unicode andx bind attempt (netbios.rules)
 5042 - NETBIOS SMB lsass WriteAndX unicode andx bind attempt (netbios.rules)
 5043 - NETBIOS SMB-DS lsass andx bind attempt (netbios.rules)
 5044 - NETBIOS SMB-DS lsass WriteAndX andx bind attempt (netbios.rules)
 5045 - NETBIOS SMB-DS lsass unicode andx bind attempt (netbios.rules)
 5046 - NETBIOS SMB-DS lsass WriteAndX unicode andx bind attempt (netbios.rules)
 5047 - NETBIOS-DG SMB lsass andx bind attempt (netbios.rules)
 5048 - NETBIOS-DG SMB lsass WriteAndX andx bind attempt (netbios.rules)
 5049 - NETBIOS-DG SMB lsass unicode andx bind attempt (netbios.rules)
 5050 - NETBIOS-DG SMB lsass WriteAndX unicode andx bind attempt (netbios.rules)
 5051 - NETBIOS SMB lsass little endian andx bind attempt (netbios.rules)
 5052 - NETBIOS SMB lsass WriteAndX little endian andx bind attempt (netbios.rules)
 5053 - NETBIOS SMB-DS lsass andx alter context attempt (netbios.rules)
 5054 - NETBIOS-DG SMB lsass WriteAndX unicode andx alter context attempt (netbios.rules)
 5055 - NETBIOS SMB lsass little endian andx alter context attempt (netbios.rules)
 5056 - NETBIOS SMB lsass WriteAndX little endian andx alter context attempt (netbios.rules)
 5057 - NETBIOS SMB lsass unicode little endian andx alter context attempt (netbios.rules)
 5058 - NETBIOS SMB lsass WriteAndX unicode little endian andx alter context attempt (netbios.rules)
 5059 - NETBIOS SMB-DS lsass little endian andx alter context attempt (netbios.rules)
 5060 - NETBIOS SMB-DS lsass WriteAndX little endian andx alter context attempt (netbios.rules)
 5061 - NETBIOS SMB-DS lsass unicode little endian andx alter context attempt (netbios.rules)
 5062 - NETBIOS SMB-DS lsass WriteAndX unicode little endian andx alter context attempt (netbios.rules)
 5063 - NETBIOS-DG SMB lsass little endian andx alter context attempt (netbios.rules)
 5064 - NETBIOS-DG SMB lsass WriteAndX little endian andx alter context attempt (netbios.rules)
 5065 - NETBIOS-DG SMB lsass unicode little endian andx alter context attempt (netbios.rules)
 5066 - NETBIOS-DG SMB lsass WriteAndX unicode little endian andx alter context attempt (netbios.rules)
 5067 - NETBIOS SMB lsass andx bind attempt (netbios.rules)
 5068 - NETBIOS SMB lsass WriteAndX andx bind attempt (netbios.rules)
 5069 - NETBIOS SMB lsass unicode little endian andx bind attempt (netbios.rules)
 5070 - NETBIOS SMB lsass WriteAndX unicode little endian andx bind attempt (netbios.rules)
 5071 - NETBIOS SMB-DS lsass little endian andx bind attempt (netbios.rules)
 5072 - NETBIOS SMB-DS lsass WriteAndX little endian andx bind attempt (netbios.rules)
 5073 - NETBIOS SMB-DS lsass unicode little endian andx bind attempt (netbios.rules)
 5074 - NETBIOS SMB-DS lsass WriteAndX unicode little endian andx bind attempt (netbios.rules)
 5075 - NETBIOS-DG SMB lsass little endian andx bind attempt (netbios.rules)
 5076 - NETBIOS-DG SMB lsass WriteAndX little endian andx bind attempt (netbios.rules)
 5077 - NETBIOS-DG SMB lsass unicode little endian andx bind attempt (netbios.rules)
 5078 - NETBIOS-DG SMB lsass WriteAndX unicode little endian andx bind attempt (netbios.rules)
 5079 - NETBIOS DCERPC DIRECT lsass little endian alter context attempt (netbios.rules)
 5080 - NETBIOS DCERPC NCACN-HTTP lsass alter context attempt (netbios.rules)
 5081 - NETBIOS DCERPC NCACN-IP-TCP lsass alter context attempt (netbios.rules)
 5082 - NETBIOS DCERPC NCADG-IP-UDP lsass alter context attempt (netbios.rules)
 5083 - NETBIOS DCERPC NCACN-IP-TCP lsass little endian alter context attempt (netbios.rules)
 5084 - NETBIOS DCERPC NCACN-HTTP lsass little endian alter context attempt (netbios.rules)
 5085 - NETBIOS DCERPC NCADG-IP-UDP lsass little endian alter context attempt (netbios.rules)
 5086 - NETBIOS DCERPC DIRECT lsass alter context attempt (netbios.rules)
 5087 - NETBIOS DCERPC DIRECT lsass little endian bind attempt (netbios.rules)
 5088 - NETBIOS DCERPC NCACN-HTTP lsass bind attempt (netbios.rules)
 5089 - NETBIOS DCERPC NCACN-IP-TCP lsass bind attempt (netbios.rules)
 5090 - NETBIOS DCERPC NCADG-IP-UDP lsass bind attempt (netbios.rules)
 5091 - NETBIOS DCERPC NCACN-IP-TCP lsass little endian bind attempt (netbios.rules)
 5092 - NETBIOS DCERPC NCACN-HTTP lsass little endian bind attempt (netbios.rules)
 5093 - NETBIOS DCERPC NCADG-IP-UDP lsass little endian bind attempt (netbios.rules)
 5094 - NETBIOS DCERPC DIRECT lsass bind attempt (netbios.rules)
 5095 - NETBIOS SMB lsass DsRolerGetPrimaryDomainInformation attempt (netbios.rules)
 5096 - NETBIOS SMB lsass DsRolerGetPrimaryDomainInformation WriteAndX little endian attempt (netbios.rules)
 5097 - NETBIOS SMB-DS lsass DsRolerGetPrimaryDomainInformation WriteAndX little endian attempt (netbios.rules)
 5098 - NETBIOS SMB v4 lsass DsRolerGetPrimaryDomainInformation little endian attempt (netbios.rules)
 5099 - NETBIOS SMB-DS lsass DsRolerGetPrimaryDomainInformation little endian attempt (netbios.rules)
 5100 - NETBIOS-DG SMB lsass DsRolerGetPrimaryDomainInformation WriteAndX unicode little endian attempt (netbios.rules)
 5101 - NETBIOS-DG SMB lsass DsRolerGetPrimaryDomainInformation unicode little endian attempt (netbios.rules)
 5102 - NETBIOS-DG SMB lsass DsRolerGetPrimaryDomainInformation WriteAndX little endian attempt (netbios.rules)
 5103 - NETBIOS-DG SMB lsass DsRolerGetPrimaryDomainInformation unicode attempt (netbios.rules)
 5104 - NETBIOS SMB-DS lsass DsRolerGetPrimaryDomainInformation attempt (netbios.rules)
 5105 - NETBIOS-DG SMB lsass DsRolerGetPrimaryDomainInformation WriteAndX attempt (netbios.rules)
 5106 - NETBIOS-DG SMB v4 lsass DsRolerGetPrimaryDomainInformation WriteAndX unicode little endian attempt (netbios.rules)
 5107 - NETBIOS SMB lsass DsRolerGetPrimaryDomainInformation little endian attempt (netbios.rules)
 5108 - NETBIOS-DG SMB lsass DsRolerGetPrimaryDomainInformation attempt (netbios.rules)
 5109 - NETBIOS SMB-DS v4 lsass DsRolerGetPrimaryDomainInformation unicode attempt (netbios.rules)
 5110 - NETBIOS SMB-DS lsass DsRolerGetPrimaryDomainInformation unicode little endian attempt (netbios.rules)
 5111 - NETBIOS-DG SMB v4 lsass DsRolerGetPrimaryDomainInformation WriteAndX little endian attempt (netbios.rules)
 5112 - NETBIOS SMB-DS v4 lsass DsRolerGetPrimaryDomainInformation WriteAndX unicode attempt (netbios.rules)
 5113 - NETBIOS SMB-DS lsass DsRolerGetPrimaryDomainInformation WriteAndX attempt (netbios.rules)
 5114 - NETBIOS-DG SMB lsass DsRolerGetPrimaryDomainInformation little endian attempt (netbios.rules)
 5115 - NETBIOS SMB-DS lsass DsRolerGetPrimaryDomainInformation unicode attempt (netbios.rules)
 5116 - NETBIOS SMB lsass DsRolerGetPrimaryDomainInformation WriteAndX attempt (netbios.rules)
 5117 - NETBIOS SMB lsass DsRolerGetPrimaryDomainInformation unicode attempt (netbios.rules)
 5118 - NETBIOS-DG SMB lsass DsRolerGetPrimaryDomainInformation WriteAndX unicode attempt (netbios.rules)
 5119 - NETBIOS SMB lsass DsRolerGetPrimaryDomainInformation unicode little endian attempt (netbios.rules)
 5120 - NETBIOS SMB-DS lsass DsRolerGetPrimaryDomainInformation WriteAndX unicode attempt (netbios.rules)
 5121 - NETBIOS SMB lsass DsRolerGetPrimaryDomainInformation WriteAndX unicode little endian attempt (netbios.rules)
 5122 - NETBIOS SMB lsass DsRolerGetPrimaryDomainInformation WriteAndX unicode attempt (netbios.rules)
 5123 - NETBIOS SMB-DS lsass DsRolerGetPrimaryDomainInformation WriteAndX unicode little endian attempt (netbios.rules)
 5124 - NETBIOS-DG SMB v4 lsass DsRolerGetPrimaryDomainInformation attempt (netbios.rules)
 5125 - NETBIOS SMB v4 lsass DsRolerGetPrimaryDomainInformation attempt (netbios.rules)
 5126 - NETBIOS SMB-DS v4 lsass DsRolerGetPrimaryDomainInformation unicode little endian attempt (netbios.rules)
 5127 - NETBIOS-DG SMB v4 lsass DsRolerGetPrimaryDomainInformation little endian attempt (netbios.rules)
 5128 - NETBIOS SMB-DS v4 lsass DsRolerGetPrimaryDomainInformation attempt (netbios.rules)
 5129 - NETBIOS SMB v4 lsass DsRolerGetPrimaryDomainInformation WriteAndX attempt (netbios.rules)
 5130 - NETBIOS SMB v4 lsass DsRolerGetPrimaryDomainInformation unicode attempt (netbios.rules)
 5131 - NETBIOS SMB v4 lsass DsRolerGetPrimaryDomainInformation WriteAndX unicode attempt (netbios.rules)
 5132 - NETBIOS SMB-DS v4 lsass DsRolerGetPrimaryDomainInformation WriteAndX attempt (netbios.rules)
 5133 - NETBIOS-DG SMB v4 lsass DsRolerGetPrimaryDomainInformation WriteAndX attempt (netbios.rules)
 5134 - NETBIOS-DG SMB v4 lsass DsRolerGetPrimaryDomainInformation unicode attempt (netbios.rules)
 5135 - NETBIOS-DG SMB v4 lsass DsRolerGetPrimaryDomainInformation WriteAndX unicode attempt (netbios.rules)
 5136 - NETBIOS SMB-DS v4 lsass DsRolerGetPrimaryDomainInformation little endian attempt (netbios.rules)
 5137 - NETBIOS SMB v4 lsass DsRolerGetPrimaryDomainInformation WriteAndX little endian attempt (netbios.rules)
 5138 - NETBIOS SMB-DS v4 lsass DsRolerGetPrimaryDomainInformation WriteAndX little endian attempt (netbios.rules)
 5139 - NETBIOS SMB v4 lsass DsRolerGetPrimaryDomainInformation unicode little endian attempt (netbios.rules)
 5140 - NETBIOS-DG SMB v4 lsass DsRolerGetPrimaryDomainInformation unicode little endian attempt (netbios.rules)
 5141 - NETBIOS SMB v4 lsass DsRolerGetPrimaryDomainInformation WriteAndX unicode little endian attempt (netbios.rules)
 5142 - NETBIOS SMB-DS v4 lsass DsRolerGetPrimaryDomainInformation WriteAndX unicode little endian attempt (netbios.rules)
 5143 - NETBIOS SMB lsass DsRolerGetPrimaryDomainInformation andx attempt (netbios.rules)
 5144 - NETBIOS SMB lsass DsRolerGetPrimaryDomainInformation WriteAndX little endian andx attempt (netbios.rules)
 5145 - NETBIOS SMB-DS lsass DsRolerGetPrimaryDomainInformation WriteAndX little endian andx attempt (netbios.rules)
 5146 - NETBIOS SMB v4 lsass DsRolerGetPrimaryDomainInformation little endian andx attempt (netbios.rules)
 5147 - NETBIOS SMB-DS lsass DsRolerGetPrimaryDomainInformation little endian andx attempt (netbios.rules)
 5148 - NETBIOS-DG SMB lsass DsRolerGetPrimaryDomainInformation WriteAndX unicode little endian andx attempt (netbios.rules)
 5149 - NETBIOS-DG SMB lsass DsRolerGetPrimaryDomainInformation unicode little endian andx attempt (netbios.rules)
 5150 - NETBIOS-DG SMB lsass DsRolerGetPrimaryDomainInformation WriteAndX little endian andx attempt (netbios.rules)
 5151 - NETBIOS-DG SMB lsass DsRolerGetPrimaryDomainInformation unicode andx attempt (netbios.rules)
 5152 - NETBIOS SMB-DS lsass DsRolerGetPrimaryDomainInformation andx attempt (netbios.rules)
 5153 - NETBIOS-DG SMB lsass DsRolerGetPrimaryDomainInformation WriteAndX andx attempt (netbios.rules)
 5154 - NETBIOS-DG SMB v4 lsass DsRolerGetPrimaryDomainInformation WriteAndX unicode little endian andx attempt (netbios.rules)
 5155 - NETBIOS SMB lsass DsRolerGetPrimaryDomainInformation little endian andx attempt (netbios.rules)
 5156 - NETBIOS-DG SMB lsass DsRolerGetPrimaryDomainInformation andx attempt (netbios.rules)
 5157 - NETBIOS SMB-DS v4 lsass DsRolerGetPrimaryDomainInformation unicode andx attempt (netbios.rules)
 5158 - NETBIOS SMB-DS lsass DsRolerGetPrimaryDomainInformation unicode little endian andx attempt (netbios.rules)
 5159 - NETBIOS-DG SMB v4 lsass DsRolerGetPrimaryDomainInformation WriteAndX little endian andx attempt (netbios.rules)
 5160 - NETBIOS SMB-DS v4 lsass DsRolerGetPrimaryDomainInformation WriteAndX unicode andx attempt (netbios.rules)
 5161 - NETBIOS SMB-DS lsass DsRolerGetPrimaryDomainInformation WriteAndX andx attempt (netbios.rules)
 5162 - NETBIOS-DG SMB lsass DsRolerGetPrimaryDomainInformation little endian andx attempt (netbios.rules)
 5163 - NETBIOS SMB-DS lsass DsRolerGetPrimaryDomainInformation unicode andx attempt (netbios.rules)
 5164 - NETBIOS SMB lsass DsRolerGetPrimaryDomainInformation WriteAndX andx attempt (netbios.rules)
 5165 - NETBIOS SMB lsass DsRolerGetPrimaryDomainInformation unicode andx attempt (netbios.rules)
 5166 - NETBIOS-DG SMB lsass DsRolerGetPrimaryDomainInformation WriteAndX unicode andx attempt (netbios.rules)
 5167 - NETBIOS SMB lsass DsRolerGetPrimaryDomainInformation unicode little endian andx attempt (netbios.rules)
 5168 - NETBIOS SMB-DS lsass DsRolerGetPrimaryDomainInformation WriteAndX unicode andx attempt (netbios.rules)
 5169 - NETBIOS SMB lsass DsRolerGetPrimaryDomainInformation WriteAndX unicode little endian andx attempt (netbios.rules)
 5170 - NETBIOS SMB lsass DsRolerGetPrimaryDomainInformation WriteAndX unicode andx attempt (netbios.rules)
 5171 - NETBIOS SMB-DS lsass DsRolerGetPrimaryDomainInformation WriteAndX unicode little endian andx attempt (netbios.rules)
 5172 - NETBIOS-DG SMB v4 lsass DsRolerGetPrimaryDomainInformation andx attempt (netbios.rules)
 5173 - NETBIOS SMB v4 lsass DsRolerGetPrimaryDomainInformation andx attempt (netbios.rules)
 5174 - NETBIOS SMB-DS v4 lsass DsRolerGetPrimaryDomainInformation unicode little endian andx attempt (netbios.rules)
 5175 - NETBIOS-DG SMB v4 lsass DsRolerGetPrimaryDomainInformation little endian andx attempt (netbios.rules)
 5176 - NETBIOS SMB-DS v4 lsass DsRolerGetPrimaryDomainInformation andx attempt (netbios.rules)
 5177 - NETBIOS SMB v4 lsass DsRolerGetPrimaryDomainInformation WriteAndX andx attempt (netbios.rules)
 5178 - NETBIOS SMB v4 lsass DsRolerGetPrimaryDomainInformation unicode andx attempt (netbios.rules)
 5179 - NETBIOS SMB v4 lsass DsRolerGetPrimaryDomainInformation WriteAndX unicode andx attempt (netbios.rules)
 5180 - NETBIOS SMB-DS v4 lsass DsRolerGetPrimaryDomainInformation WriteAndX andx attempt (netbios.rules)
 5181 - NETBIOS-DG SMB v4 lsass DsRolerGetPrimaryDomainInformation WriteAndX andx attempt (netbios.rules)
 5182 - NETBIOS-DG SMB v4 lsass DsRolerGetPrimaryDomainInformation unicode andx attempt (netbios.rules)
 5183 - NETBIOS-DG SMB v4 lsass DsRolerGetPrimaryDomainInformation WriteAndX unicode andx attempt (netbios.rules)
 5184 - NETBIOS SMB-DS v4 lsass DsRolerGetPrimaryDomainInformation little endian andx attempt (netbios.rules)
 5185 - NETBIOS SMB v4 lsass DsRolerGetPrimaryDomainInformation WriteAndX little endian andx attempt (netbios.rules)
 5186 - NETBIOS SMB-DS v4 lsass DsRolerGetPrimaryDomainInformation WriteAndX little endian andx attempt (netbios.rules)
 5187 - NETBIOS SMB v4 lsass DsRolerGetPrimaryDomainInformation unicode little endian andx attempt (netbios.rules)
 5188 - NETBIOS-DG SMB v4 lsass DsRolerGetPrimaryDomainInformation unicode little endian andx attempt (netbios.rules)
 5189 - NETBIOS SMB v4 lsass DsRolerGetPrimaryDomainInformation WriteAndX unicode little endian andx attempt (netbios.rules)
 5190 - NETBIOS SMB-DS v4 lsass DsRolerGetPrimaryDomainInformation WriteAndX unicode little endian andx attempt (netbios.rules)
 5191 - NETBIOS DCERPC DIRECT v4 lsass DsRolerGetPrimaryDomainInformation attempt (netbios.rules)
 5192 - NETBIOS DCERPC NCACN-IP-TCP v4 lsass DsRolerGetPrimaryDomainInformation attempt (netbios.rules)
 5193 - NETBIOS DCERPC DIRECT v4 lsass DsRolerGetPrimaryDomainInformation little endian attempt (netbios.rules)
 5194 - NETBIOS DCERPC NCACN-HTTP v4 lsass DsRolerGetPrimaryDomainInformation attempt (netbios.rules)
 5195 - NETBIOS DCERPC NCADG-IP-UDP v4 lsass DsRolerGetPrimaryDomainInformation attempt (netbios.rules)
 5196 - NETBIOS DCERPC NCACN-IP-TCP v4 lsass DsRolerGetPrimaryDomainInformation little endian attempt (netbios.rules)
 5197 - NETBIOS DCERPC NCACN-HTTP v4 lsass DsRolerGetPrimaryDomainInformation little endian attempt (netbios.rules)
 5198 - NETBIOS DCERPC NCADG-IP-UDP v4 lsass DsRolerGetPrimaryDomainInformation little endian attempt (netbios.rules)
 5199 - NETBIOS DCERPC DIRECT lsass DsRolerGetPrimaryDomainInformation attempt (netbios.rules)
 5200 - NETBIOS DCERPC NCACN-IP-TCP lsass DsRolerGetPrimaryDomainInformation attempt (netbios.rules)
 5201 - NETBIOS DCERPC DIRECT lsass DsRolerGetPrimaryDomainInformation little endian attempt (netbios.rules)
 5202 - NETBIOS DCERPC NCACN-HTTP lsass DsRolerGetPrimaryDomainInformation attempt (netbios.rules)
 5203 - NETBIOS DCERPC NCADG-IP-UDP lsass DsRolerGetPrimaryDomainInformation attempt (netbios.rules)
 5204 - NETBIOS DCERPC NCACN-IP-TCP lsass DsRolerGetPrimaryDomainInformation little endian attempt (netbios.rules)
 5205 - NETBIOS DCERPC NCACN-HTTP lsass DsRolerGetPrimaryDomainInformation little endian attempt (netbios.rules)
 5206 - NETBIOS DCERPC NCADG-IP-UDP lsass DsRolerGetPrimaryDomainInformation little endian attempt (netbios.rules)
 5207 - NETBIOS-DG SMB lsass DsRolerUpgradeDownlevelServer WriteAndX unicode overflow attempt (netbios.rules)
 5208 - NETBIOS SMB v4 lsass DsRolerUpgradeDownlevelServer WriteAndX overflow attempt (netbios.rules)
 5209 - NETBIOS-DG SMB lsass DsRolerUpgradeDownlevelServer overflow attempt (netbios.rules)
 5210 - NETBIOS SMB-DS lsass DsRolerUpgradeDownlevelServer little endian overflow attempt (netbios.rules)
 5211 - NETBIOS-DG SMB lsass DsRolerUpgradeDownlevelServer WriteAndX unicode little endian overflow attempt (netbios.rules)
 5212 - NETBIOS-DG SMB lsass DsRolerUpgradeDownlevelServer unicode little endian overflow attempt (netbios.rules)
 5213 - NETBIOS SMB lsass DsRolerUpgradeDownlevelServer WriteAndX little endian overflow attempt (netbios.rules)
 5214 - NETBIOS-DG SMB lsass DsRolerUpgradeDownlevelServer WriteAndX little endian overflow attempt (netbios.rules)
 5215 - NETBIOS SMB v4 lsass DsRolerUpgradeDownlevelServer unicode overflow attempt (netbios.rules)
 5216 - NETBIOS SMB lsass DsRolerUpgradeDownlevelServer little endian overflow attempt (netbios.rules)
 5217 - NETBIOS-DG SMB lsass DsRolerUpgradeDownlevelServer unicode overflow attempt (netbios.rules)
 5218 - NETBIOS SMB lsass DsRolerUpgradeDownlevelServer unicode overflow attempt (netbios.rules)
 5219 - NETBIOS SMB-DS lsass DsRolerUpgradeDownlevelServer unicode little endian overflow attempt (netbios.rules)
 5220 - NETBIOS SMB-DS lsass DsRolerUpgradeDownlevelServer WriteAndX little endian overflow attempt (netbios.rules)
 5221 - NETBIOS-DG SMB lsass DsRolerUpgradeDownlevelServer little endian overflow attempt (netbios.rules)
 5222 - NETBIOS SMB-DS lsass DsRolerUpgradeDownlevelServer WriteAndX unicode overflow attempt (netbios.rules)
 5223 - NETBIOS SMB lsass DsRolerUpgradeDownlevelServer WriteAndX overflow attempt (netbios.rules)
 5224 - NETBIOS SMB lsass DsRolerUpgradeDownlevelServer overflow attempt (netbios.rules)
 5225 - NETBIOS-DG SMB v4 lsass DsRolerUpgradeDownlevelServer WriteAndX overflow attempt (netbios.rules)
 5226 - NETBIOS SMB v4 lsass DsRolerUpgradeDownlevelServer WriteAndX unicode little endian overflow attempt (netbios.rules)
 5227 - NETBIOS SMB-DS lsass DsRolerUpgradeDownlevelServer unicode overflow attempt (netbios.rules)
 5228 - NETBIOS SMB lsass DsRolerUpgradeDownlevelServer unicode little endian overflow attempt (netbios.rules)
 5229 - NETBIOS SMB lsass DsRolerUpgradeDownlevelServer WriteAndX unicode overflow attempt (netbios.rules)
 5230 - NETBIOS SMB-DS lsass DsRolerUpgradeDownlevelServer WriteAndX overflow attempt (netbios.rules)
 5231 - NETBIOS-DG SMB lsass DsRolerUpgradeDownlevelServer WriteAndX overflow attempt (netbios.rules)
 5232 - NETBIOS SMB-DS v4 lsass DsRolerUpgradeDownlevelServer WriteAndX unicode overflow attempt (netbios.rules)
 5233 - NETBIOS SMB v4 lsass DsRolerUpgradeDownlevelServer overflow attempt (netbios.rules)
 5234 - NETBIOS SMB-DS v4 lsass DsRolerUpgradeDownlevelServer overflow attempt (netbios.rules)
 5235 - NETBIOS SMB-DS v4 lsass DsRolerUpgradeDownlevelServer unicode overflow attempt (netbios.rules)
 5236 - NETBIOS SMB-DS v4 lsass DsRolerUpgradeDownlevelServer WriteAndX overflow attempt (netbios.rules)
 5237 - NETBIOS SMB v4 lsass DsRolerUpgradeDownlevelServer WriteAndX unicode overflow attempt (netbios.rules)
 5238 - NETBIOS-DG SMB v4 lsass DsRolerUpgradeDownlevelServer unicode overflow attempt (netbios.rules)
 5239 - NETBIOS-DG SMB v4 lsass DsRolerUpgradeDownlevelServer overflow attempt (netbios.rules)
 5240 - NETBIOS-DG SMB v4 lsass DsRolerUpgradeDownlevelServer WriteAndX unicode overflow attempt (netbios.rules)
 5241 - NETBIOS SMB-DS v4 lsass DsRolerUpgradeDownlevelServer WriteAndX unicode little endian overflow attempt (netbios.rules)
 5242 - NETBIOS SMB v4 lsass DsRolerUpgradeDownlevelServer WriteAndX little endian overflow attempt (netbios.rules)
 5243 - NETBIOS SMB v4 lsass DsRolerUpgradeDownlevelServer little endian overflow attempt (netbios.rules)
 5244 - NETBIOS SMB v4 lsass DsRolerUpgradeDownlevelServer unicode little endian overflow attempt (netbios.rules)
 5245 - NETBIOS SMB-DS v4 lsass DsRolerUpgradeDownlevelServer unicode little endian overflow attempt (netbios.rules)
 5246 - NETBIOS SMB-DS v4 lsass DsRolerUpgradeDownlevelServer little endian overflow attempt (netbios.rules)
 5247 - NETBIOS SMB-DS v4 lsass DsRolerUpgradeDownlevelServer WriteAndX little endian overflow attempt (netbios.rules)
 5248 - NETBIOS-DG SMB v4 lsass DsRolerUpgradeDownlevelServer little endian overflow attempt (netbios.rules)
 5249 - NETBIOS-DG SMB v4 lsass DsRolerUpgradeDownlevelServer unicode little endian overflow attempt (netbios.rules)
 5250 - NETBIOS-DG SMB v4 lsass DsRolerUpgradeDownlevelServer WriteAndX unicode little endian overflow attempt (netbios.rules)
 5251 - NETBIOS-DG SMB v4 lsass DsRolerUpgradeDownlevelServer WriteAndX little endian overflow attempt (netbios.rules)
 5252 - NETBIOS SMB-DS lsass DsRolerUpgradeDownlevelServer andx overflow attempt (netbios.rules)
 5253 - NETBIOS SMB-DS lsass DsRolerUpgradeDownlevelServer WriteAndX unicode little endian andx overflow attempt (netbios.rules)
 5254 - NETBIOS SMB lsass DsRolerUpgradeDownlevelServer WriteAndX unicode little endian andx overflow attempt (netbios.rules)
 5255 - NETBIOS-DG SMB lsass DsRolerUpgradeDownlevelServer WriteAndX unicode andx overflow attempt (netbios.rules)
 5256 - NETBIOS SMB v4 lsass DsRolerUpgradeDownlevelServer WriteAndX andx overflow attempt (netbios.rules)
 5257 - NETBIOS-DG SMB lsass DsRolerUpgradeDownlevelServer andx overflow attempt (netbios.rules)
 5258 - NETBIOS SMB-DS lsass DsRolerUpgradeDownlevelServer little endian andx overflow attempt (netbios.rules)
 5259 - NETBIOS-DG SMB lsass DsRolerUpgradeDownlevelServer WriteAndX unicode little endian andx overflow attempt (netbios.rules)
 5260 - NETBIOS-DG SMB lsass DsRolerUpgradeDownlevelServer unicode little endian andx overflow attempt (netbios.rules)
 5261 - NETBIOS SMB lsass DsRolerUpgradeDownlevelServer WriteAndX little endian andx overflow attempt (netbios.rules)
 5262 - NETBIOS-DG SMB lsass DsRolerUpgradeDownlevelServer WriteAndX little endian andx overflow attempt (netbios.rules)
 5263 - NETBIOS SMB v4 lsass DsRolerUpgradeDownlevelServer unicode andx overflow attempt (netbios.rules)
 5264 - NETBIOS SMB lsass DsRolerUpgradeDownlevelServer little endian andx overflow attempt (netbios.rules)
 5265 - NETBIOS-DG SMB lsass DsRolerUpgradeDownlevelServer unicode andx overflow attempt (netbios.rules)
 5266 - NETBIOS SMB lsass DsRolerUpgradeDownlevelServer unicode andx overflow attempt (netbios.rules)
 5267 - NETBIOS SMB-DS lsass DsRolerUpgradeDownlevelServer unicode little endian andx overflow attempt (netbios.rules)
 5268 - NETBIOS SMB-DS lsass DsRolerUpgradeDownlevelServer WriteAndX little endian andx overflow attempt (netbios.rules)
 5269 - NETBIOS-DG SMB lsass DsRolerUpgradeDownlevelServer little endian andx overflow attempt (netbios.rules)
 5270 - NETBIOS SMB-DS lsass DsRolerUpgradeDownlevelServer WriteAndX unicode andx overflow attempt (netbios.rules)
 5271 - NETBIOS SMB lsass DsRolerUpgradeDownlevelServer WriteAndX andx overflow attempt (netbios.rules)
 5272 - NETBIOS SMB lsass DsRolerUpgradeDownlevelServer andx overflow attempt (netbios.rules)
 5273 - NETBIOS-DG SMB v4 lsass DsRolerUpgradeDownlevelServer WriteAndX andx overflow attempt (netbios.rules)
 5274 - NETBIOS SMB v4 lsass DsRolerUpgradeDownlevelServer WriteAndX unicode little endian andx overflow attempt (netbios.rules)
 5275 - NETBIOS SMB-DS lsass DsRolerUpgradeDownlevelServer unicode andx overflow attempt (netbios.rules)
 5276 - NETBIOS SMB lsass DsRolerUpgradeDownlevelServer unicode little endian andx overflow attempt (netbios.rules)
 5277 - NETBIOS SMB lsass DsRolerUpgradeDownlevelServer WriteAndX unicode andx overflow attempt (netbios.rules)
 5278 - NETBIOS SMB-DS lsass DsRolerUpgradeDownlevelServer WriteAndX andx overflow attempt (netbios.rules)
 5279 - NETBIOS-DG SMB lsass DsRolerUpgradeDownlevelServer WriteAndX andx overflow attempt (netbios.rules)
 5280 - NETBIOS SMB-DS v4 lsass DsRolerUpgradeDownlevelServer WriteAndX unicode andx overflow attempt (netbios.rules)
 5281 - NETBIOS SMB v4 lsass DsRolerUpgradeDownlevelServer andx overflow attempt (netbios.rules)
 5282 - NETBIOS SMB-DS v4 lsass DsRolerUpgradeDownlevelServer andx overflow attempt (netbios.rules)
 5283 - NETBIOS SMB-DS v4 lsass DsRolerUpgradeDownlevelServer unicode andx overflow attempt (netbios.rules)
 5284 - NETBIOS SMB-DS v4 lsass DsRolerUpgradeDownlevelServer WriteAndX andx overflow attempt (netbios.rules)
 5285 - NETBIOS SMB v4 lsass DsRolerUpgradeDownlevelServer WriteAndX unicode andx overflow attempt (netbios.rules)
 5286 - NETBIOS-DG SMB v4 lsass DsRolerUpgradeDownlevelServer unicode andx overflow attempt (netbios.rules)
 5287 - NETBIOS-DG SMB v4 lsass DsRolerUpgradeDownlevelServer andx overflow attempt (netbios.rules)
 5288 - NETBIOS-DG SMB v4 lsass DsRolerUpgradeDownlevelServer WriteAndX unicode andx overflow attempt (netbios.rules)
 5289 - NETBIOS SMB-DS v4 lsass DsRolerUpgradeDownlevelServer WriteAndX unicode little endian andx overflow attempt (netbios.rules)
 5290 - NETBIOS SMB v4 lsass DsRolerUpgradeDownlevelServer WriteAndX little endian andx overflow attempt (netbios.rules)
 5291 - NETBIOS SMB v4 lsass DsRolerUpgradeDownlevelServer little endian andx overflow attempt (netbios.rules)
 5292 - NETBIOS SMB v4 lsass DsRolerUpgradeDownlevelServer unicode little endian andx overflow attempt (netbios.rules)
 5293 - NETBIOS SMB-DS v4 lsass DsRolerUpgradeDownlevelServer unicode little endian andx overflow attempt (netbios.rules)
 5294 - NETBIOS SMB-DS v4 lsass DsRolerUpgradeDownlevelServer little endian andx overflow attempt (netbios.rules)
 5295 - NETBIOS SMB-DS v4 lsass DsRolerUpgradeDownlevelServer WriteAndX little endian andx overflow attempt (netbios.rules)
 5296 - NETBIOS-DG SMB v4 lsass DsRolerUpgradeDownlevelServer little endian andx overflow attempt (netbios.rules)
 5297 - NETBIOS-DG SMB v4 lsass DsRolerUpgradeDownlevelServer unicode little endian andx overflow attempt (netbios.rules)
 5298 - NETBIOS-DG SMB v4 lsass DsRolerUpgradeDownlevelServer WriteAndX unicode little endian andx overflow attempt (netbios.rules)
 5299 - NETBIOS-DG SMB v4 lsass DsRolerUpgradeDownlevelServer WriteAndX little endian andx overflow attempt (netbios.rules)
 5300 - NETBIOS DCERPC DIRECT v4 lsass DsRolerUpgradeDownlevelServer overflow attempt (netbios.rules)
 5301 - NETBIOS DCERPC NCADG-IP-UDP v4 lsass DsRolerUpgradeDownlevelServer little endian overflow attempt (netbios.rules)
 5302 - NETBIOS DCERPC NCACN-HTTP v4 lsass DsRolerUpgradeDownlevelServer little endian overflow attempt (netbios.rules)
 5303 - NETBIOS DCERPC NCACN-IP-TCP v4 lsass DsRolerUpgradeDownlevelServer little endian overflow attempt (netbios.rules)
 5304 - NETBIOS DCERPC NCACN-IP-TCP v4 lsass DsRolerUpgradeDownlevelServer overflow attempt (netbios.rules)
 5305 - NETBIOS DCERPC DIRECT v4 lsass DsRolerUpgradeDownlevelServer little endian overflow attempt (netbios.rules)
 5306 - NETBIOS DCERPC NCADG-IP-UDP v4 lsass DsRolerUpgradeDownlevelServer overflow attempt (netbios.rules)
 5307 - NETBIOS DCERPC NCACN-HTTP v4 lsass DsRolerUpgradeDownlevelServer overflow attempt (netbios.rules)
 5308 - NETBIOS DCERPC DIRECT lsass DsRolerUpgradeDownlevelServer overflow attempt (netbios.rules)
 5309 - NETBIOS DCERPC NCADG-IP-UDP lsass DsRolerUpgradeDownlevelServer little endian overflow attempt (netbios.rules)
 5310 - NETBIOS DCERPC NCACN-HTTP lsass DsRolerUpgradeDownlevelServer little endian overflow attempt (netbios.rules)
 5311 - NETBIOS DCERPC NCACN-IP-TCP lsass DsRolerUpgradeDownlevelServer little endian overflow attempt (netbios.rules)
 5312 - NETBIOS DCERPC NCACN-IP-TCP lsass DsRolerUpgradeDownlevelServer overflow attempt (netbios.rules)
 5313 - NETBIOS DCERPC DIRECT lsass DsRolerUpgradeDownlevelServer little endian overflow attempt (netbios.rules)
 5314 - NETBIOS DCERPC NCADG-IP-UDP lsass DsRolerUpgradeDownlevelServer overflow attempt (netbios.rules)
 5315 - NETBIOS DCERPC NCACN-HTTP lsass DsRolerUpgradeDownlevelServer overflow attempt (netbios.rules)
 5316 - EXPLOIT CA CAM log_security overflow attempt (exploit.rules)
 5317 - EXPLOIT pcAnywhere buffer overflow attempt (exploit.rules)
 5318 - WEB-CLIENT wmf file SetAbortProc arbitrary code execution attempt (web-client.rules)
 5319 - WEB-CLIENT Metasploit Windows picture and fax viewer wmf arbitrary code execution attempt (web-client.rules)
 5320 - VIRUS Possible Sober virus call home attempt (virus.rules)
 5321 - VIRUS Possible Sober virus NTP time check attempt (virus.rules)
 5322 - VIRUS Possible Sober virus NTP time check attempt (virus.rules)
 5323 - VIRUS Possible Sober virus NTP time check attempt (virus.rules)
 
 Updated rules:
 1250 - WEB-MISC Cisco IOS HTTP configuration attempt (web-misc.rules)
 1536 - WEB-CGI calendar_admin.pl arbitrary command execution attempt (web-cgi.rules)
 1537 - WEB-CGI calendar_admin.pl access (web-cgi.rules)
 1701 - WEB-CGI calendar-admin.pl access (web-cgi.rules)
 1734 - FTP USER overflow attempt (ftp.rules)
 1792 - NNTP return code buffer overflow attempt (nntp.rules)
 1972 - FTP PASS overflow attempt (ftp.rules)
 2050 - MS-SQL version overflow attempt (sql.rules)
 2507 - NETBIOS SMB lsass alter context attempt (netbios.rules)
 2508 - NETBIOS SMB-DS lsass DsRolerUpgradeDownlevelServer overflow attempt (netbios.rules)
 2509 - NETBIOS SMB-DS lsass WriteAndX alter context attempt (netbios.rules)
 2510 - NETBIOS SMB-DS lsass unicode alter context attempt (netbios.rules)
 2511 - NETBIOS SMB-DS lsass DsRolerUpgradeDownlevelServer WriteAndX unicode little endian overflow attempt (netbios.rules)
 2512 - NETBIOS SMB lsass WriteAndX alter context attempt (netbios.rules)
 2513 - NETBIOS SMB-DS lsass WriteAndX unicode alter context attempt (netbios.rules)
 2514 - NETBIOS SMB lsass DsRolerUpgradeDownlevelServer WriteAndX unicode little endian overflow attempt (netbios.rules)
 2524 - NETBIOS-DG SMB lsass alter context attempt (netbios.rules)
 2525 - NETBIOS-DG SMB lsass WriteAndX alter context attempt (netbios.rules)
 2526 - NETBIOS-DG SMB lsass unicode alter context attempt (netbios.rules)
 2591 - DELETED SMTP From command overflow attempt (deleted.rules)
 2592 - DELETED SMTP ReplyTo command overflow attempt (deleted.rules)
 2593 - DELETED SMTP Sender command overflow attempt (deleted.rules)
 2594 - DELETED SMTP To command overflow attempt (deleted.rules)
 2595 - DELETED SMTP CC command overflow attempt (deleted.rules)
 2596 - DELETED SMTP BCC command overflow attempt (deleted.rules)
 3071 - IMAP status literal overflow attempt (imap.rules)
 3072 - IMAP status overflow attempt (imap.rules)
 3549 - WEB-CLIENT HTML DOM invalid element creation attempt (web-client.rules)
 3550 - WEB-CLIENT HTML http scheme hostname overflow attempt (web-client.rules)
 3679 - WEB-CLIENT Firefox IFRAME src javascript code execution (web-client.rules)