Talos Rules 2016-03-03
This release adds and modifies rules in several categories.

Talos has added and modified multiple rules in the blacklist, browser-ie, browser-other, browser-plugins, deleted, exploit-kit, file-flash, file-identify, file-image, file-multimedia, file-office, file-other, file-pdf, indicator-compromise, indicator-obfuscation, malware-cnc, netbios, os-windows, policy-other, protocol-pop, protocol-voip, pua-other, server-apache, server-mail, server-oracle, server-other and sql rule sets to provide coverage for emerging threats from these technologies.

For information about Snort Subscriber Rulesets available for purchase, please visit the Snort product page.

Change logs

2016-03-03 20:39:45 UTC

Snort Subscriber Rules Update

Date: 2016-03-03

This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 2962.

The format of the file is:

gid:sid <-> Default rule state <-> Message (rule group)

New Rules:


 * 1:38018 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Dridex outbound connection attempt (malware-cnc.rules)
 * 1:38016 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer DOM manipulation memory corruption attempt (browser-ie.rules)
 * 1:38030 <-> DISABLED <-> POLICY-OTHER SWF containing ExternalInterface function download detected (policy-other.rules)
 * 1:38020 <-> DISABLED <-> FILE-FLASH CreateFileA shellcode found in flash file (file-flash.rules)
 * 1:38024 <-> DISABLED <-> FILE-FLASH suspicious SWF with large DefineBinaryData tag (file-flash.rules)
 * 1:38033 <-> DISABLED <-> POLICY-OTHER SWF containing allowLoadBytesCodeExecution download detected  (policy-other.rules)
 * 1:38019 <-> DISABLED <-> DELETED EXPLOIT-KIT Angler exploit kit search uri request attempt (deleted.rules)
 * 1:38026 <-> DISABLED <-> FILE-FLASH SWF with RC4 decryption routine detected (file-flash.rules)
 * 1:38032 <-> DISABLED <-> POLICY-OTHER SWF containing atomicCompareAndSwapLength function download detected (policy-other.rules)
 * 1:38014 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer getBoundingClientRect incorrect rebalancing attempt (browser-ie.rules)
 * 1:37889 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer dynamic page reloading memory corruption attempt (browser-ie.rules)
 * 1:37998 <-> DISABLED <-> BROWSER-PLUGINS IE MsRdpClient ActiveX attempt (browser-plugins.rules)
 * 1:37976 <-> DISABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules)
 * 1:37982 <-> DISABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules)
 * 1:37916 <-> DISABLED <-> POLICY-OTHER SSL/TLS weak RC4 cipher suite use attempt (policy-other.rules)
 * 1:37948 <-> DISABLED <-> INDICATOR-OBFUSCATION known malicious JavaScript decryption routine (indicator-obfuscation.rules)
 * 1:37991 <-> DISABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules)
 * 1:37912 <-> DISABLED <-> POLICY-OTHER SSL/TLS weak RC4 cipher suite use attempt (policy-other.rules)
 * 1:38004 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows RDP ActiveX component mstscax use after free attempt (browser-plugins.rules)
 * 1:37897 <-> DISABLED <-> FILE-OTHER Oracle Outside In tag parsing buffer overflow attempt (file-other.rules)
 * 1:37950 <-> DISABLED <-> INDICATOR-OBFUSCATION email of heavily compressed PDF attempt (indicator-obfuscation.rules)
 * 1:37959 <-> DISABLED <-> FILE-MULTIMEDIA Apple iTunes PLS file parsing buffer overflow attempt (file-multimedia.rules)
 * 1:37929 <-> ENABLED <-> FILE-FLASH Adobe Flash Player atomicCompareAndSwapLength integer overflow attempt (file-flash.rules)
 * 1:37906 <-> DISABLED <-> INDICATOR-OBFUSCATION javascript known obfuscation method attempt (indicator-obfuscation.rules)
 * 1:37965 <-> DISABLED <-> DELETED INDICATOR-OBFUSCATION third party PDF compression detected (deleted.rules)
 * 1:37899 <-> DISABLED <-> BROWSER-PLUGINS Attachmate Reflection ActiveX buffer overflow clsid attempt (browser-plugins.rules)
 * 1:37944 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer invalid object access memory corruption attempt (browser-ie.rules)
 * 1:37949 <-> DISABLED <-> INDICATOR-OBFUSCATION download of heavily compressed PDF attempt (indicator-obfuscation.rules)
 * 1:37909 <-> DISABLED <-> INDICATOR-OBFUSCATION known javascript packer detected (indicator-obfuscation.rules)
 * 1:37896 <-> DISABLED <-> FILE-OTHER Oracle Outside In tag parsing buffer overflow attempt (file-other.rules)
 * 1:37993 <-> DISABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules)
 * 1:37954 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer boundElements arbitrary code execution attempt (browser-ie.rules)
 * 1:38009 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows RDP ActiveX component mstscax use after free attempt (browser-plugins.rules)
 * 1:37911 <-> DISABLED <-> FILE-PDF Adobe Acrobat and Reader U3D Buffer Overflow buffer overflow attempt (file-pdf.rules)
 * 1:37940 <-> ENABLED <-> FILE-MULTIMEDIA Adobe Flash pixel bender buffer overflow attempt (file-multimedia.rules)
 * 1:37981 <-> DISABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules)
 * 1:37917 <-> DISABLED <-> SERVER-WEBAPP AMX backdoor username login attempt (server-webapp.rules)
 * 1:37903 <-> DISABLED <-> INDICATOR-OBFUSCATION fromCharcode known obfuscation attempt (indicator-obfuscation.rules)
 * 1:37999 <-> DISABLED <-> BROWSER-PLUGINS IE MsRdpClient ActiveX attempt (browser-plugins.rules)
 * 1:37938 <-> ENABLED <-> FILE-MULTIMEDIA Adobe Flash pixel bender buffer overflow attempt (file-multimedia.rules)
 * 1:37995 <-> DISABLED <-> BROWSER-PLUGINS IE MsRdpClient ActiveX attempt (browser-plugins.rules)
 * 1:37914 <-> DISABLED <-> POLICY-OTHER SSL/TLS weak RC4 cipher suite use attempt (policy-other.rules)
 * 1:37876 <-> DISABLED <-> FILE-IMAGE Microsoft Windows GDI metafile integer overflow attempt (file-image.rules)
 * 1:38003 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows RDP ActiveX component mstscax use after free attempt (browser-plugins.rules)
 * 1:37878 <-> DISABLED <-> FILE-IMAGE Microsoft Windows GDI metafile integer overflow attempt (file-image.rules)
 * 1:37953 <-> DISABLED <-> SERVER-WEBAPP Adobe RoboHelp r0 SQL injection attempt (server-webapp.rules)
 * 1:37973 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer onscroll DOS attempt (browser-ie.rules)
 * 1:37884 <-> DISABLED <-> BROWSER-PLUGINS IBM Tivoli Provisioning Manager Express ActiveX clsid access attempt (browser-plugins.rules)
 * 1:37986 <-> DISABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules)
 * 1:37910 <-> DISABLED <-> FILE-PDF Adobe Acrobat and Reader U3D Buffer Overflow buffer overflow attempt (file-pdf.rules)
 * 1:37905 <-> DISABLED <-> INDICATOR-OBFUSCATION javascript charset concatentation attempt (indicator-obfuscation.rules)
 * 1:37994 <-> DISABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules)
 * 1:37962 <-> DISABLED <-> SERVER-WEBAPP PHP htmlspecialchars htmlentities function buffer overflow attempt (server-webapp.rules)
 * 1:37983 <-> DISABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules)
 * 1:38005 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows RDP ActiveX component mstscax use after free attempt (browser-plugins.rules)
 * 1:37888 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer dynamic page reloading memory corruption attempt (browser-ie.rules)
 * 1:37922 <-> ENABLED <-> FILE-FLASH Adobe Flash Player atomicCompareAndSwapLength integer overflow attempt (file-flash.rules)
 * 1:37974 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer onscroll DOS attempt (browser-ie.rules)
 * 1:37893 <-> DISABLED <-> FILE-OTHER Oracle Outside In tag parsing buffer overflow attempt (file-other.rules)
 * 1:37913 <-> DISABLED <-> POLICY-OTHER SSL/TLS weak RC4 cipher suite use attempt (policy-other.rules)
 * 1:37955 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer boundElements arbitrary code execution attempt (browser-ie.rules)
 * 1:37874 <-> DISABLED <-> BROWSER-PLUGINS Novell ZENworks LaunchHelp.dll ActiveX clsid access attempt (browser-plugins.rules)
 * 1:37957 <-> ENABLED <-> EXPLOIT-KIT Angler exploit kit view uri request attempt (exploit-kit.rules)
 * 1:37960 <-> DISABLED <-> SERVER-OTHER Pidgin MSN MSNP2P message integer overflow attempt (server-other.rules)
 * 1:37984 <-> DISABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules)
 * 1:37935 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer malformed table tag memory corruption attempt (browser-ie.rules)
 * 1:37971 <-> DISABLED <-> INDICATOR-OBFUSCATION obfuscated script encoding detected (indicator-obfuscation.rules)
 * 1:37989 <-> DISABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules)
 * 1:38008 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows RDP ActiveX component mstscax use after free attempt (browser-plugins.rules)
 * 1:37975 <-> DISABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules)
 * 1:37980 <-> DISABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules)
 * 1:37961 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer long URL buffer overflow attempt (browser-ie.rules)
 * 1:37990 <-> DISABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules)
 * 1:37925 <-> ENABLED <-> FILE-FLASH Adobe Flash Player atomicCompareAndSwapLength integer overflow attempt (file-flash.rules)
 * 1:38012 <-> DISABLED <-> SERVER-WEBAPP Alienvault OSSIM graph_geoloc.php SQL injection attempt (server-webapp.rules)
 * 1:37879 <-> DISABLED <-> FILE-IMAGE Microsoft Windows GDI metafile integer overflow attempt (file-image.rules)
 * 1:38001 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows RDP ActiveX component mstscax use after free attempt (browser-plugins.rules)
 * 1:37964 <-> DISABLED <-> DELETED INDICATOR-OBFUSCATION third party PDF compression detected (deleted.rules)
 * 1:38011 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows RDP ActiveX component mstscax use after free attempt (browser-plugins.rules)
 * 1:37880 <-> DISABLED <-> POLICY-OTHER Symantec Workspace Streaming insecure java serialized data upload attempt (policy-other.rules)
 * 1:38002 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows RDP ActiveX component mstscax use after free attempt (browser-plugins.rules)
 * 1:37931 <-> ENABLED <-> FILE-FLASH Adobe Flash Player atomicCompareAndSwapLength integer overflow attempt (file-flash.rules)
 * 1:37943 <-> DISABLED <-> SERVER-WEBAPP AlienVault OSSIM a_deployment.php command injection attempt (server-webapp.rules)
 * 1:37930 <-> ENABLED <-> FILE-FLASH Adobe Flash Player atomicCompareAndSwapLength integer overflow attempt (file-flash.rules)
 * 1:37890 <-> DISABLED <-> SERVER-WEBAPP Netgear ProSafe NMS arbitrary JSP file upload attempt (server-webapp.rules)
 * 1:37901 <-> DISABLED <-> BROWSER-PLUGINS Attachmate Reflection ActiveX buffer overflow function call attempt (browser-plugins.rules)
 * 1:37877 <-> DISABLED <-> FILE-IMAGE Microsoft Windows GDI metafile integer overflow attempt (file-image.rules)
 * 1:37883 <-> DISABLED <-> BROWSER-PLUGINS IBM SizerOne ActiveX clsid access attempt (browser-plugins.rules)
 * 1:37988 <-> DISABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules)
 * 1:37891 <-> DISABLED <-> INDICATOR-OBFUSCATION DNS tunneling attempt (indicator-obfuscation.rules)
 * 1:37886 <-> DISABLED <-> OS-WINDOWS DCERPC Plug and Play registry key access buffer overflow attempt (os-windows.rules)
 * 1:37927 <-> ENABLED <-> FILE-FLASH Adobe Flash Player atomicCompareAndSwapLength integer overflow attempt (file-flash.rules)
 * 1:37977 <-> DISABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules)
 * 1:37894 <-> DISABLED <-> FILE-OTHER Oracle Outside In tag parsing buffer overflow attempt (file-other.rules)
 * 1:37970 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer DataView use-after-free attempt (browser-ie.rules)
 * 1:37902 <-> DISABLED <-> BROWSER-PLUGINS Attachmate Reflection ActiveX buffer overflow function call attempt (browser-plugins.rules)
 * 1:37947 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer invalid object access memory corruption attempt (browser-ie.rules)
 * 1:37968 <-> DISABLED <-> SERVER-WEBAPP Apache HTTP server potential cookie disclosure attempt (server-webapp.rules)
 * 1:37933 <-> ENABLED <-> FILE-FLASH Adobe Flash Player atomicCompareAndSwapLength integer overflow attempt (file-flash.rules)
 * 1:37985 <-> DISABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules)
 * 1:37952 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer FTP client directory traversal attempt (browser-ie.rules)
 * 1:37887 <-> DISABLED <-> OS-WINDOWS DCERPC Plug and Play registry key access buffer overflow attempt (os-windows.rules)
 * 1:37926 <-> ENABLED <-> FILE-FLASH Adobe Flash Player atomicCompareAndSwapLength integer overflow attempt (file-flash.rules)
 * 1:37956 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer boundElements arbitrary code execution attempt (browser-ie.rules)
 * 1:37942 <-> DISABLED <-> SERVER-WEBAPP AlienVault OSSIM a_deployment.php command injection attempt (server-webapp.rules)
 * 1:38010 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows RDP ActiveX component mstscax use after free attempt (browser-plugins.rules)
 * 1:37881 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer DOM mergeAttributes memory corruption attempt (browser-ie.rules)
 * 1:37875 <-> DISABLED <-> BROWSER-PLUGINS Novell ZENworks LaunchHelp.dll ActiveX clsid access attempt (browser-plugins.rules)
 * 1:37978 <-> DISABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules)
 * 1:37923 <-> ENABLED <-> FILE-FLASH Adobe Flash Player atomicCompareAndSwapLength integer overflow attempt (file-flash.rules)
 * 1:37967 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer covered object memory corruption attempt (browser-ie.rules)
 * 1:38034 <-> DISABLED <-> POLICY-OTHER SWF containing allowLoadBytesCodeExecution function download detected (policy-other.rules)
 * 1:38022 <-> DISABLED <-> FILE-FLASH SWF with RC4 decryption routine detected (file-flash.rules)
 * 1:38015 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer DOM manipulation memory corruption attempt (browser-ie.rules)
 * 1:38027 <-> DISABLED <-> POLICY-OTHER SWF containing ExternalInterface function download detected (policy-other.rules)
 * 1:37966 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer covered object memory corruption attempt (browser-ie.rules)
 * 1:38025 <-> DISABLED <-> FILE-FLASH suspicious SWF with large DefineBinaryData tag (file-flash.rules)
 * 1:38037 <-> DISABLED <-> POLICY-OTHER PDF containing AcroForm key download detected (policy-other.rules)
 * 1:38035 <-> DISABLED <-> POLICY-OTHER PDF containing Launch key download detected (policy-other.rules)
 * 1:38031 <-> DISABLED <-> POLICY-OTHER SWF containing loadBytes function download detected (policy-other.rules)
 * 1:38006 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows RDP ActiveX component mstscax use after free attempt (browser-plugins.rules)
 * 1:37895 <-> DISABLED <-> FILE-OTHER Oracle Outside In tag parsing buffer overflow attempt (file-other.rules)
 * 1:37885 <-> DISABLED <-> BROWSER-PLUGINS IBM Tivoli Provisioning Manager Express ActiveX clsid access attempt (browser-plugins.rules)
 * 1:37918 <-> ENABLED <-> EXPLOIT-KIT Magnitude exploit kit Internet Explorer exploit attempt (exploit-kit.rules)
 * 1:37979 <-> DISABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules)
 * 1:37937 <-> ENABLED <-> FILE-MULTIMEDIA Adobe Flash pixel bender buffer overflow attempt (file-multimedia.rules)
 * 1:37958 <-> ENABLED <-> EXPLOIT-KIT Angler exploit kit viewthread uri request attempt (exploit-kit.rules)
 * 1:37907 <-> DISABLED <-> INDICATOR-OBFUSCATION javascript unicode escape variable name attempt (indicator-obfuscation.rules)
 * 1:38000 <-> DISABLED <-> BROWSER-PLUGINS IE MsRdpClient ActiveX attempt (browser-plugins.rules)
 * 1:37946 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer invalid object access memory corruption attempt (browser-ie.rules)
 * 1:37900 <-> DISABLED <-> BROWSER-PLUGINS Attachmate Reflection ActiveX buffer overflow clsid attempt (browser-plugins.rules)
 * 1:37997 <-> DISABLED <-> BROWSER-PLUGINS IE MsRdpClient ActiveX attempt (browser-plugins.rules)
 * 1:37882 <-> DISABLED <-> BROWSER-PLUGINS IBM SizerOne ActiveX clsid access attempt (browser-plugins.rules)
 * 1:37969 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer DataView use-after-free attempt (browser-ie.rules)
 * 1:37951 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer FTP client directory traversal attempt (browser-ie.rules)
 * 1:37996 <-> DISABLED <-> BROWSER-PLUGINS IE MsRdpClient ActiveX attempt (browser-plugins.rules)
 * 1:37963 <-> DISABLED <-> INDICATOR-COMPROMISE malicious file download attempt (indicator-compromise.rules)
 * 1:38007 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows RDP ActiveX component mstscax use after free attempt (browser-plugins.rules)
 * 1:37936 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer malformed table tag memory corruption attempt (browser-ie.rules)
 * 1:37921 <-> DISABLED <-> FILE-OFFICE Microsoft Office Publisher tyo.oty field heap overflow attempt (file-office.rules)
 * 1:37898 <-> DISABLED <-> FILE-OTHER Oracle Outside In tag parsing buffer overflow attempt (file-other.rules)
 * 1:37928 <-> ENABLED <-> FILE-FLASH Adobe Flash Player atomicCompareAndSwapLength integer overflow attempt (file-flash.rules)
 * 1:37915 <-> DISABLED <-> POLICY-OTHER SSL/TLS weak RC4 cipher suite use attempt (policy-other.rules)
 * 1:37972 <-> DISABLED <-> INDICATOR-OBFUSCATION obfuscated script encoding detected (indicator-obfuscation.rules)
 * 1:37932 <-> ENABLED <-> FILE-FLASH Adobe Flash Player atomicCompareAndSwapLength integer overflow attempt (file-flash.rules)
 * 1:37924 <-> ENABLED <-> FILE-FLASH Adobe Flash Player atomicCompareAndSwapLength integer overflow attempt (file-flash.rules)
 * 1:37908 <-> DISABLED <-> INDICATOR-OBFUSCATION javascript with hex variable names (indicator-obfuscation.rules)
 * 1:37992 <-> DISABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules)
 * 1:37919 <-> ENABLED <-> EXPLOIT-KIT Gong da exploit kit landing page (exploit-kit.rules)
 * 1:37945 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer deleted object access memory corruption attempt (browser-ie.rules)
 * 1:37987 <-> DISABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules)
 * 1:37939 <-> ENABLED <-> FILE-MULTIMEDIA Adobe Flash pixel bender buffer overflow attempt (file-multimedia.rules)
 * 1:37941 <-> DISABLED <-> SERVER-WEBAPP AlienVault OSSIM a_deployment.php command injection attempt (server-webapp.rules)
 * 1:37920 <-> DISABLED <-> FILE-OFFICE Microsoft Office Publisher pubconv.dll corruption attempt (file-office.rules)
 * 1:37892 <-> DISABLED <-> INDICATOR-OBFUSCATION DNS tunneling attempt (indicator-obfuscation.rules)
 * 1:38013 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer getBoundingClientRect incorrect rebalancing attempt (browser-ie.rules)
 * 1:37904 <-> DISABLED <-> INDICATOR-OBFUSCATION fromCharcode known obfuscation attempt (indicator-obfuscation.rules)
 * 1:38021 <-> DISABLED <-> FILE-FLASH suspicious SWF with large DefineBinaryData tag (file-flash.rules)
 * 1:38017 <-> ENABLED <-> MALWARE-CNC Win.Trojan.TeslaCrypt server reply (malware-cnc.rules)
 * 1:38028 <-> DISABLED <-> POLICY-OTHER SWF containing loadBytes function download detected (policy-other.rules)
 * 1:38036 <-> DISABLED <-> POLICY-OTHER PDF containing Action key download detected (policy-other.rules)
 * 1:38023 <-> DISABLED <-> FILE-FLASH CreateFileA shellcode found in flash file (file-flash.rules)
 * 1:38039 <-> DISABLED <-> POLICY-OTHER PDF ActiveX CLSID access detected (policy-other.rules)
 * 1:38040 <-> DISABLED <-> POLICY-OTHER PDF containing mluc tag object download detected (policy-other.rules)
 * 1:38041 <-> DISABLED <-> POLICY-OTHER PDF containing U3D object download detected (policy-other.rules)
 * 1:38042 <-> DISABLED <-> POLICY-OTHER PDF containing Launch key download detected (policy-other.rules)
 * 1:38043 <-> DISABLED <-> POLICY-OTHER PDF containing Action key download detected (policy-other.rules)
 * 1:38044 <-> DISABLED <-> POLICY-OTHER PDF containing AcroForm key download detected (policy-other.rules)
 * 1:38045 <-> DISABLED <-> POLICY-OTHER PDF ActiveX CLSID access detected (policy-other.rules)
 * 1:38046 <-> DISABLED <-> POLICY-OTHER PDF ActiveX CLSID access detected (policy-other.rules)
 * 1:38047 <-> DISABLED <-> POLICY-OTHER PDF containing mluc tag object download detected (policy-other.rules)
 * 1:38048 <-> DISABLED <-> POLICY-OTHER PDF containing U3D object download detected (policy-other.rules)
 * 1:38049 <-> DISABLED <-> SERVER-WEBAPP Centreon Web Interface index.php command injection attempt (server-webapp.rules)
 * 1:38050 <-> DISABLED <-> POLICY-OTHER SWF containing defaultValue function download detected (policy-other.rules)
 * 1:38051 <-> DISABLED <-> POLICY-OTHER SWF containing domainMemory function download detected (policy-other.rules)
 * 1:38052 <-> DISABLED <-> POLICY-OTHER SWF containing parseFloat function download detected (policy-other.rules)
 * 1:38053 <-> DISABLED <-> POLICY-OTHER SWF containing getDefinitionByName function download detected (policy-other.rules)
 * 1:38054 <-> DISABLED <-> POLICY-OTHER SWF containing protoType.valueOf function download detected (policy-other.rules)
 * 1:38055 <-> DISABLED <-> POLICY-OTHER SWF containing defaultValue function download detected (policy-other.rules)
 * 1:38056 <-> DISABLED <-> POLICY-OTHER SWF containing domainMemory function download detected (policy-other.rules)
 * 1:38057 <-> DISABLED <-> POLICY-OTHER SWF containing parseFloat function download detected (policy-other.rules)
 * 1:38058 <-> DISABLED <-> POLICY-OTHER SWF containing getDefinitionByName function download detected (policy-other.rules)
 * 1:38059 <-> DISABLED <-> POLICY-OTHER SWF containing protoType.valueOf function download detected (policy-other.rules)
 * 1:38060 <-> DISABLED <-> POLICY-OTHER SSLv2 Client Hello attempt (policy-other.rules)
 * 1:38038 <-> DISABLED <-> POLICY-OTHER PDF ActiveX CLSID access detected (policy-other.rules)
 * 1:38029 <-> DISABLED <-> POLICY-OTHER SWF containing atomicCompareAndSwapLength function download detected (policy-other.rules)

Modified Rules:


 * 1:16760 <-> ENABLED <-> NETBIOS SMB /PlughNTCommand unicode andx create tree attempt (netbios.rules)
 * 1:24826 <-> ENABLED <-> FILE-IDENTIFY RealPlayer skin file attachment detected (file-identify.rules)
 * 1:24902 <-> ENABLED <-> FILE-IDENTIFY JNLP file attachment detected (file-identify.rules)
 * 1:21742 <-> ENABLED <-> FILE-IDENTIFY Embedded Open Type Font file attachment detected (file-identify.rules)
 * 1:16755 <-> ENABLED <-> NETBIOS SMB /PlughNTCommand create tree attempt (netbios.rules)
 * 1:21741 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Media asx file attachment detected (file-identify.rules)
 * 1:17327 <-> ENABLED <-> SERVER-MAIL Qualcomm WorldMail Server Response (server-mail.rules)
 * 1:17332 <-> ENABLED <-> SERVER-MAIL Content-Disposition attachment (server-mail.rules)
 * 1:17359 <-> ENABLED <-> FILE-IDENTIFY XBM image file download request (file-identify.rules)
 * 1:17364 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Help Workshop CNT Help file download request (file-identify.rules)
 * 1:17370 <-> ENABLED <-> SERVER-WEBAPP Squid authentication headers handling denial of service attempt (server-webapp.rules)
 * 1:17380 <-> ENABLED <-> FILE-IDENTIFY PNG file download request (file-identify.rules)
 * 1:17394 <-> ENABLED <-> FILE-IDENTIFY GIF file download request (file-identify.rules)
 * 1:17396 <-> ENABLED <-> SERVER-OTHER VNC client authentication response (server-other.rules)
 * 1:17418 <-> ENABLED <-> SERVER-ORACLE Oracle connection established (server-oracle.rules)
 * 1:17426 <-> ENABLED <-> FILE-IDENTIFY RAT file download request (file-identify.rules)
 * 1:17441 <-> ENABLED <-> FILE-IDENTIFY LNK file download request (file-identify.rules)
 * 1:17494 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer long URL buffer overflow attempt (browser-ie.rules)
 * 1:17509 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows .NET Manifest file download request (file-identify.rules)
 * 1:17534 <-> ENABLED <-> SERVER-OTHER IPP Application Content (server-other.rules)
 * 1:17540 <-> ENABLED <-> FILE-IDENTIFY LZH file download request (file-identify.rules)
 * 1:17547 <-> ENABLED <-> FILE-IDENTIFY SMIL file download request (file-identify.rules)
 * 1:35458 <-> ENABLED <-> FILE-IDENTIFY Adobe LZMA compressed Flash file magic detected (file-identify.rules)
 * 1:5713 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Metafile invalid header size integer overflow attempt (os-windows.rules)
 * 1:4143 <-> ENABLED <-> SERVER-OTHER lpd receive printer job cascade adaptor protocol request (server-other.rules)
 * 1:37722 <-> ENABLED <-> FILE-FLASH Adobe Flash Player atomicCompareAndSwapLength integer overflow attempt (file-flash.rules)
 * 1:17552 <-> ENABLED <-> FILE-IDENTIFY Adobe Pagemaker file download request (file-identify.rules)
 * 1:16757 <-> ENABLED <-> NETBIOS SMB /PlughNTCommand unicode create tree attempt (netbios.rules)
 * 1:6010 <-> ENABLED <-> SERVER-OTHER VERITAS NetBackup vnetd connection attempt (server-other.rules)
 * 1:35852 <-> ENABLED <-> FILE-IDENTIFY JPEG file upload detected (file-identify.rules)
 * 1:17575 <-> DISABLED <-> BROWSER-PLUGINS IBM SizerOne ActiveX clsid access attempt (browser-plugins.rules)
 * 1:37715 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer onscroll DOS attempt (browser-ie.rules)
 * 1:16758 <-> ENABLED <-> NETBIOS SMB /PlughNTCommand andx create tree attempt (netbios.rules)
 * 1:17598 <-> ENABLED <-> SERVER-OTHER IBM DB2 Universal Database accsec command without rdbnam (server-other.rules)
 * 1:17600 <-> ENABLED <-> FILE-IDENTIFY XUL file download request (file-identify.rules)
 * 1:17679 <-> ENABLED <-> FILE-IDENTIFY Apple disk image file download request (file-identify.rules)
 * 1:17732 <-> ENABLED <-> FILE-IDENTIFY TIFF file download request (file-identify.rules)
 * 1:17733 <-> ENABLED <-> FILE-IDENTIFY XML file download request (file-identify.rules)
 * 1:17739 <-> ENABLED <-> FILE-IDENTIFY FlashPix file download request (file-identify.rules)
 * 1:17745 <-> ENABLED <-> NETBIOS SMB TRANS2 Find_First2 request attempt (netbios.rules)
 * 1:17751 <-> ENABLED <-> FILE-IDENTIFY OpenType Font file download request (file-identify.rules)
 * 1:17801 <-> ENABLED <-> FILE-IDENTIFY Adobe Director Movie file magic detected (file-identify.rules)
 * 1:17802 <-> ENABLED <-> FILE-IDENTIFY Adobe Director Movie file download request (file-identify.rules)
 * 1:17809 <-> ENABLED <-> FILE-IDENTIFY Apple Quicktime qt file download request (file-identify.rules)
 * 1:18234 <-> ENABLED <-> FILE-IDENTIFY QuickDraw/PICT file download request (file-identify.rules)
 * 1:18239 <-> DISABLED <-> INDICATOR-OBFUSCATION known malicious JavaScript decryption routine (indicator-obfuscation.rules)
 * 1:18516 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Word file download request (file-identify.rules)
 * 1:18593 <-> ENABLED <-> FILE-IDENTIFY BitTorrent torrent file download request (file-identify.rules)
 * 1:18675 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Fax Cover page document file download request (file-identify.rules)
 * 1:19128 <-> ENABLED <-> FILE-IDENTIFY RealNetworks Realplayer REC file magic detected (file-identify.rules)
 * 1:19129 <-> ENABLED <-> FILE-IDENTIFY RealNetworks Realplayer .r1m file magic detected (file-identify.rules)
 * 1:19149 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer malformed table tag memory corruption attempt (browser-ie.rules)
 * 1:19150 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer malformed table tag memory corruption attempt (browser-ie.rules)
 * 1:19166 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Excel file magic detected (file-identify.rules)
 * 1:19190 <-> ENABLED <-> NETBIOS SMB-DS Trans2 Distributed File System GET_DFS_REFERRAL request (netbios.rules)
 * 1:19211 <-> ENABLED <-> FILE-IDENTIFY ZIP archive file download request (file-identify.rules)
 * 1:19215 <-> ENABLED <-> FILE-IDENTIFY Google Chrome extension file download request (file-identify.rules)
 * 1:19224 <-> ENABLED <-> FILE-IDENTIFY Cisco Webex wrf file download request (file-identify.rules)
 * 1:19218 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Fax Cover page document file download request (file-identify.rules)
 * 1:17230 <-> ENABLED <-> FILE-IDENTIFY Tiff big endian file magic detected (file-identify.rules)
 * 1:19289 <-> ENABLED <-> FILE-IDENTIFY MHTML file download request (file-identify.rules)
 * 1:19422 <-> ENABLED <-> FILE-IDENTIFY matroska file magic detected (file-identify.rules)
 * 1:19423 <-> ENABLED <-> FILE-IDENTIFY MKV file download request (file-identify.rules)
 * 1:19424 <-> ENABLED <-> FILE-IDENTIFY MKA file download request (file-identify.rules)
 * 1:19425 <-> ENABLED <-> FILE-IDENTIFY MKS file download request (file-identify.rules)
 * 1:19430 <-> ENABLED <-> FILE-IDENTIFY MIDI file download request (file-identify.rules)
 * 1:19560 <-> DISABLED <-> FILE-MULTIMEDIA Apple iTunes PLS file parsing buffer overflow attempt (file-multimedia.rules)
 * 1:19907 <-> ENABLED <-> FILE-IDENTIFY PICT file magic detected (file-identify.rules)
 * 1:20032 <-> ENABLED <-> FILE-IDENTIFY MIME file type file download request (file-identify.rules)
 * 1:20223 <-> ENABLED <-> FILE-IDENTIFY SMI file download request (file-identify.rules)
 * 1:20260 <-> ENABLED <-> FILE-IDENTIFY Microsoft Client Agent Helper JAR file download request (file-identify.rules)
 * 1:20262 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer onscroll DOS attempt (browser-ie.rules)
 * 1:20282 <-> ENABLED <-> FILE-IDENTIFY S3M file download request (file-identify.rules)
 * 1:20287 <-> ENABLED <-> FILE-IDENTIFY QCP file download request (file-identify.rules)
 * 1:20429 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader U3D CLODMeshDeceleration code execution attempt (file-pdf.rules)
 * 1:20450 <-> ENABLED <-> FILE-IDENTIFY MPEG video stream file magic detected (file-identify.rules)
 * 1:20451 <-> ENABLED <-> FILE-IDENTIFY MPEG sys stream file magic detected (file-identify.rules)
 * 1:20459 <-> ENABLED <-> FILE-IDENTIFY GIF file magic detected (file-identify.rules)
 * 1:13465 <-> ENABLED <-> FILE-IDENTIFY Microsoft Works file download request (file-identify.rules)
 * 1:11835 <-> ENABLED <-> FILE-IDENTIFY Visio file magic detected (file-identify.rules)
 * 1:12972 <-> ENABLED <-> FILE-IDENTIFY Microsoft Media Player asf/wmv/wma file magic detected (file-identify.rules)
 * 1:12283 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Excel xlw file magic detected (file-identify.rules)
 * 1:12182 <-> ENABLED <-> FILE-IDENTIFY Adobe Flash Video file magic detected (file-identify.rules)
 * 1:12454 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Media ASF file magic detected (file-identify.rules)
 * 1:12455 <-> ENABLED <-> FILE-IDENTIFY SAP Crystal Reports file download request (file-identify.rules)
 * 1:15294 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Visio file download request (file-identify.rules)
 * 1:16425 <-> ENABLED <-> FILE-IDENTIFY Portable Executable binary file download request (file-identify.rules)
 * 1:15427 <-> ENABLED <-> FILE-IDENTIFY SVG file download request (file-identify.rules)
 * 1:15987 <-> ENABLED <-> FILE-IDENTIFY DXF file download request (file-identify.rules)
 * 1:15586 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office PowerPoint file download request (file-identify.rules)
 * 1:16205 <-> ENABLED <-> FILE-IDENTIFY BMP file download request (file-identify.rules)
 * 1:15463 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Excel file download request (file-identify.rules)
 * 1:13525 <-> DISABLED <-> BROWSER-PLUGINS Novell iPrint ActiveX function call access (browser-plugins.rules)
 * 1:16691 <-> ENABLED <-> FILE-IDENTIFY PLF playlist file download request (file-identify.rules)
 * 1:16373 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader U3D CLODMeshContinuation code execution attempt (file-pdf.rules)
 * 1:15865 <-> ENABLED <-> FILE-IDENTIFY MP4 file download request (file-identify.rules)
 * 1:16381 <-> ENABLED <-> NETBIOS SMB session negotiation request (netbios.rules)
 * 1:14017 <-> ENABLED <-> FILE-IDENTIFY MPEG Layer 3 playlist file download request (file-identify.rules)
 * 1:16143 <-> ENABLED <-> FILE-IDENTIFY Microsoft asf file magic detected (file-identify.rules)
 * 1:15237 <-> ENABLED <-> FILE-IDENTIFY Java .class file download request (file-identify.rules)
 * 1:16406 <-> ENABLED <-> FILE-IDENTIFY JPEG file download request (file-identify.rules)
 * 1:15516 <-> ENABLED <-> FILE-IDENTIFY AVI multimedia file download request (file-identify.rules)
 * 1:13585 <-> ENABLED <-> FILE-IDENTIFY Microsoft SYmbolic LinK file magic detected (file-identify.rules)
 * 1:16474 <-> ENABLED <-> FILE-IDENTIFY Microsoft Compound File Binary v3 file magic detected (file-identify.rules)
 * 1:13928 <-> DISABLED <-> SERVER-WEBAPP Adobe RoboHelp r0 SQL injection attempt (server-webapp.rules)
 * 1:15468 <-> ENABLED <-> BROWSER-IE Apple Safari-Internet Explorer SearchPath blended threat dll request (browser-ie.rules)
 * 1:15900 <-> ENABLED <-> FILE-IDENTIFY Audio Interchange file download request (file-identify.rules)
 * 1:16367 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer invalid object access memory corruption attempt (browser-ie.rules)
 * 1:15518 <-> ENABLED <-> FILE-IDENTIFY Embedded Open Type Font file download request (file-identify.rules)
 * 1:15239 <-> ENABLED <-> FILE-IDENTIFY RealNetworks RealMedia format file download request (file-identify.rules)
 * 1:15240 <-> ENABLED <-> FILE-IDENTIFY RealNetworks RealMedia format file download request (file-identify.rules)
 * 1:15079 <-> ENABLED <-> FILE-IDENTIFY WAV file download request (file-identify.rules)
 * 1:16594 <-> ENABLED <-> PROTOCOL-POP STAT command (protocol-pop.rules)
 * 1:15945 <-> ENABLED <-> FILE-IDENTIFY RSS file download request (file-identify.rules)
 * 1:16219 <-> ENABLED <-> FILE-IDENTIFY Adobe Director Movie file download request (file-identify.rules)
 * 1:16286 <-> ENABLED <-> FILE-IDENTIFY TrueType font file download request (file-identify.rules)
 * 1:16529 <-> ENABLED <-> FILE-IDENTIFY JPEG file download request (file-identify.rules)
 * 1:16061 <-> ENABLED <-> FILE-IDENTIFY X PixMap file download request (file-identify.rules)
 * 1:15587 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Word file download request (file-identify.rules)
 * 1:14037 <-> DISABLED <-> BROWSER-PLUGINS Novell iPrint ActiveX clsid access (browser-plugins.rules)
 * 1:14018 <-> ENABLED <-> FILE-IDENTIFY PLS multimedia playlist file download request (file-identify.rules)
 * 1:16407 <-> ENABLED <-> FILE-IDENTIFY JPEG file download request (file-identify.rules)
 * 1:13583 <-> ENABLED <-> FILE-IDENTIFY Microsoft SYmbolic LinK file download request (file-identify.rules)
 * 1:13473 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Publisher file download request (file-identify.rules)
 * 1:13801 <-> ENABLED <-> FILE-IDENTIFY RTF file download request (file-identify.rules)
 * 1:13515 <-> ENABLED <-> FILE-MULTIMEDIA Apple QuickTime user agent (file-multimedia.rules)
 * 1:16369 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer deleted object access memory corruption attempt (browser-ie.rules)
 * 1:16377 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer DOM mergeAttributes memory corruption attempt (browser-ie.rules)
 * 1:15013 <-> ENABLED <-> FILE-IDENTIFY PDF file download request (file-identify.rules)
 * 1:16473 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Movie Maker project file download request (file-identify.rules)
 * 1:20460 <-> ENABLED <-> FILE-IDENTIFY MP3 file magic detected (file-identify.rules)
 * 1:20463 <-> ENABLED <-> FILE-IDENTIFY JAR/ZIP file magic detected (file-identify.rules)
 * 1:20464 <-> ENABLED <-> FILE-IDENTIFY JAR/ZIP file magic detected (file-identify.rules)
 * 1:20466 <-> ENABLED <-> FILE-IDENTIFY JAR/ZIP file magic detected (file-identify.rules)
 * 1:20467 <-> ENABLED <-> FILE-IDENTIFY JAR/ZIP file magic detected (file-identify.rules)
 * 1:20468 <-> ENABLED <-> FILE-IDENTIFY JAR/ZIP file magic detected (file-identify.rules)
 * 1:20471 <-> ENABLED <-> FILE-IDENTIFY RIFX file magic detected (file-identify.rules)
 * 1:20469 <-> ENABLED <-> FILE-IDENTIFY JAR/ZIP file magic detected (file-identify.rules)
 * 1:20472 <-> ENABLED <-> FILE-IDENTIFY RAR file magic detected (file-identify.rules)
 * 1:20465 <-> ENABLED <-> FILE-IDENTIFY JAR/ZIP file magic detected (file-identify.rules)
 * 1:20478 <-> ENABLED <-> FILE-IDENTIFY PNG file magic detected (file-identify.rules)
 * 1:20480 <-> ENABLED <-> FILE-IDENTIFY JPEG file magic detection (file-identify.rules)
 * 1:20481 <-> ENABLED <-> FILE-IDENTIFY MP3 file magic detected (file-identify.rules)
 * 1:20483 <-> ENABLED <-> FILE-IDENTIFY JPEG file magic detected (file-identify.rules)
 * 1:20486 <-> ENABLED <-> FILE-IDENTIFY RTF file magic detected (file-identify.rules)
 * 1:20492 <-> ENABLED <-> FILE-IDENTIFY Universal Binary/Java Bytecode file magic detected (file-identify.rules)
 * 1:20493 <-> ENABLED <-> FILE-IDENTIFY jarpack file magic detected (file-identify.rules)
 * 1:20495 <-> ENABLED <-> FILE-IDENTIFY compressed Adobe Shockwave Flash file magic detected (file-identify.rules)
 * 1:20494 <-> ENABLED <-> FILE-IDENTIFY PDF file magic detected (file-identify.rules)
 * 1:20496 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file magic detected (file-identify.rules)
 * 1:20497 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file magic detected (file-identify.rules)
 * 1:20500 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:20501 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:20502 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:20503 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:20507 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file magic detected (file-identify.rules)
 * 1:20514 <-> ENABLED <-> FILE-IDENTIFY dmg file magic detected (file-identify.rules)
 * 1:20521 <-> ENABLED <-> FILE-IDENTIFY Flac file magic detected (file-identify.rules)
 * 1:20518 <-> ENABLED <-> FILE-IDENTIFY rmf file download request (file-identify.rules)
 * 1:20522 <-> ENABLED <-> FILE-IDENTIFY VideoLAN VLC file magic detected (file-identify.rules)
 * 1:20544 <-> ENABLED <-> FILE-IDENTIFY Adobe Flash Player FLV file download request (file-identify.rules)
 * 1:20554 <-> ENABLED <-> PUA-OTHER Microsoft MSN Messenger and Windows Live Messenger Code Execution attempt (pua-other.rules)
 * 1:20621 <-> ENABLED <-> FILE-IDENTIFY JAR file download request (file-identify.rules)
 * 1:20634 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer onscroll DOS attempt (browser-ie.rules)
 * 1:20723 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Word docx file download request (file-identify.rules)
 * 1:20733 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Media Player DVR file download request (file-identify.rules)
 * 1:20792 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Excel file attachment detected (file-identify.rules)
 * 1:20795 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Word file attachment detected (file-identify.rules)
 * 1:20793 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Excel file attachment detected (file-identify.rules)
 * 1:20796 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Word file attachment detected (file-identify.rules)
 * 1:20798 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file attachment detected (file-identify.rules)
 * 1:20799 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file attachment detected (file-identify.rules)
 * 1:20801 <-> ENABLED <-> FILE-IDENTIFY MIME file type file attachment detected (file-identify.rules)
 * 1:20800 <-> ENABLED <-> FILE-IDENTIFY MIME file type file attachment detected (file-identify.rules)
 * 1:20834 <-> DISABLED <-> BROWSER-PLUGINS Novell ZENworks LaunchHelp.dll ActiveX clsid access attempt (browser-plugins.rules)
 * 1:20835 <-> DISABLED <-> BROWSER-PLUGINS Novell ZENworks LaunchHelp.dll ActiveX clsid access attempt (browser-plugins.rules)
 * 1:20839 <-> ENABLED <-> FILE-IDENTIFY eSignal .quo file download request (file-identify.rules)
 * 1:20840 <-> ENABLED <-> FILE-IDENTIFY eSignal .por file download request (file-identify.rules)
 * 1:20841 <-> ENABLED <-> FILE-IDENTIFY eSignal .sum file download request (file-identify.rules)
 * 1:20854 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Visio file attachment detected (file-identify.rules)
 * 1:20855 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Visio file attachment detected (file-identify.rules)
 * 1:20874 <-> ENABLED <-> SERVER-OTHER IBM Tivoli Storage Manager Express Backup initialization packet (server-other.rules)
 * 1:20897 <-> ENABLED <-> FILE-IDENTIFY MIDI file magic detected (file-identify.rules)
 * 1:20899 <-> ENABLED <-> FILE-IDENTIFY MIDI file attachment detected (file-identify.rules)
 * 1:20905 <-> ENABLED <-> FILE-IDENTIFY X PixMap file attachment detected (file-identify.rules)
 * 1:20906 <-> ENABLED <-> FILE-IDENTIFY X PixMap file attachment detected (file-identify.rules)
 * 1:21745 <-> ENABLED <-> FILE-IDENTIFY AVI file attachment detected (file-identify.rules)
 * 1:20930 <-> ENABLED <-> FILE-IDENTIFY MKV file attachment detected (file-identify.rules)
 * 1:20907 <-> ENABLED <-> FILE-IDENTIFY DXF file attachment detected (file-identify.rules)
 * 1:20909 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Media ASF file attachment detected (file-identify.rules)
 * 1:20910 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Media ASF file attachment detected (file-identify.rules)
 * 1:20913 <-> ENABLED <-> FILE-IDENTIFY XML Shareable Playlist Format file attachment detected (file-identify.rules)
 * 1:20914 <-> ENABLED <-> FILE-IDENTIFY XML Shareable Playlist Format file attachment detected (file-identify.rules)
 * 1:20925 <-> ENABLED <-> FILE-IDENTIFY Adobe Pagemaker file attachment detected (file-identify.rules)
 * 1:20956 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:20926 <-> ENABLED <-> FILE-IDENTIFY Adobe Pagemaker file attachment detected (file-identify.rules)
 * 1:20928 <-> ENABLED <-> FILE-IDENTIFY SMIL file magic detected (file-identify.rules)
 * 1:20908 <-> ENABLED <-> FILE-IDENTIFY DXF file attachment detected (file-identify.rules)
 * 1:20929 <-> ENABLED <-> FILE-IDENTIFY MKV file attachment detected (file-identify.rules)
 * 1:20931 <-> ENABLED <-> FILE-IDENTIFY MKS file attachment detected (file-identify.rules)
 * 1:20932 <-> ENABLED <-> FILE-IDENTIFY MKS file attachment detected (file-identify.rules)
 * 1:20933 <-> ENABLED <-> FILE-IDENTIFY MKA file attachment detected (file-identify.rules)
 * 1:20945 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file attachment detected (file-identify.rules)
 * 1:20934 <-> ENABLED <-> FILE-IDENTIFY MKA file attachment detected (file-identify.rules)
 * 1:20936 <-> ENABLED <-> FILE-IDENTIFY QCP file attachment detected (file-identify.rules)
 * 1:20937 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file download request (file-identify.rules)
 * 1:20938 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file download request (file-identify.rules)
 * 1:20939 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file download request (file-identify.rules)
 * 1:20941 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file attachment detected (file-identify.rules)
 * 1:20966 <-> ENABLED <-> FILE-IDENTIFY JPEG file download request (file-identify.rules)
 * 1:20940 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file download request (file-identify.rules)
 * 1:20942 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file attachment detected (file-identify.rules)
 * 1:20943 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file attachment detected (file-identify.rules)
 * 1:20944 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file attachment detected (file-identify.rules)
 * 1:20946 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file attachment detected (file-identify.rules)
 * 1:20947 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file attachment detected (file-identify.rules)
 * 1:20948 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file attachment detected (file-identify.rules)
 * 1:20950 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:20952 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:20953 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:20954 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:20935 <-> ENABLED <-> FILE-IDENTIFY QCP file attachment detected (file-identify.rules)
 * 1:20961 <-> ENABLED <-> FILE-IDENTIFY TTE file download request (file-identify.rules)
 * 1:20955 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:20957 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:20958 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:20924 <-> ENABLED <-> FILE-IDENTIFY PLS file magic detected (file-identify.rules)
 * 1:20959 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:20960 <-> ENABLED <-> FILE-IDENTIFY Flac file download request (file-identify.rules)
 * 1:20962 <-> ENABLED <-> FILE-IDENTIFY OTF file download request (file-identify.rules)
 * 1:20963 <-> ENABLED <-> FILE-IDENTIFY DIB file download request (file-identify.rules)
 * 1:20971 <-> ENABLED <-> FILE-IDENTIFY M4R file download request (file-identify.rules)
 * 1:20964 <-> ENABLED <-> FILE-IDENTIFY SAMI file download request (file-identify.rules)
 * 1:20965 <-> ENABLED <-> FILE-IDENTIFY JPEG file download request (file-identify.rules)
 * 1:20967 <-> ENABLED <-> FILE-IDENTIFY JPEG file download request (file-identify.rules)
 * 1:20968 <-> ENABLED <-> FILE-IDENTIFY Apple disk image file download request (file-identify.rules)
 * 1:20951 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:20969 <-> ENABLED <-> FILE-IDENTIFY M4A file download request (file-identify.rules)
 * 1:20970 <-> ENABLED <-> FILE-IDENTIFY M4P file download request (file-identify.rules)
 * 1:20972 <-> ENABLED <-> FILE-IDENTIFY M4V file magic request (file-identify.rules)
 * 1:20976 <-> ENABLED <-> FILE-IDENTIFY K3G file download request (file-identify.rules)
 * 1:37026 <-> DISABLED <-> POLICY-OTHER SSL/TLS weak RC4 cipher suite use attempt (policy-other.rules)
 * 1:6404 <-> ENABLED <-> SERVER-OTHER Veritas NetBackup Volume Manager connection attempt (server-other.rules)
 * 1:20973 <-> ENABLED <-> FILE-IDENTIFY M4B file download request (file-identify.rules)
 * 1:20974 <-> ENABLED <-> FILE-IDENTIFY 3GP file download request (file-identify.rules)
 * 1:9845 <-> ENABLED <-> FILE-IDENTIFY M3U file magic detected (file-identify.rules)
 * 1:16759 <-> ENABLED <-> NETBIOS SMB /PlughNTCommand create tree attempt (netbios.rules)
 * 1:37723 <-> ENABLED <-> FILE-FLASH Adobe Flash Player atomicCompareAndSwapLength integer overflow attempt (file-flash.rules)
 * 1:37025 <-> DISABLED <-> POLICY-OTHER SSL/TLS weak RC4 cipher suite use attempt (policy-other.rules)
 * 1:37716 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer onscroll DOS attempt (browser-ie.rules)
 * 1:36748 <-> ENABLED <-> FILE-IDENTIFY TTF file attachment detected (file-identify.rules)
 * 1:36036 <-> DISABLED <-> INDICATOR-OBFUSCATION Adobe Flash file with SecureSwfLoader packer detected (indicator-obfuscation.rules)
 * 1:24903 <-> ENABLED <-> FILE-IDENTIFY JNLP file attachment detected (file-identify.rules)
 * 1:37728 <-> DISABLED <-> INDICATOR-OBFUSCATION SWF with large DefineBinaryData tag (indicator-obfuscation.rules)
 * 1:37546 <-> ENABLED <-> SERVER-OTHER Veritas NetBackup Volume Manager connection attempt (server-other.rules)
 * 1:36058 <-> ENABLED <-> FILE-IDENTIFY OLE Document upload detected (file-identify.rules)
 * 1:35459 <-> ENABLED <-> FILE-IDENTIFY Adobe LZMA compressed Flash file download request (file-identify.rules)
 * 1:16754 <-> ENABLED <-> NETBIOS SMB /PlughNTCommand andx create tree attempt (netbios.rules)
 * 1:20975 <-> ENABLED <-> FILE-IDENTIFY 3G2 file download request (file-identify.rules)
 * 1:20977 <-> ENABLED <-> FILE-IDENTIFY SKM file download request (file-identify.rules)
 * 1:20978 <-> ENABLED <-> FILE-IDENTIFY TTE file attachment detected (file-identify.rules)
 * 1:20898 <-> ENABLED <-> FILE-IDENTIFY MIDI file attachment detected (file-identify.rules)
 * 1:20979 <-> ENABLED <-> FILE-IDENTIFY TTE file attachment detected (file-identify.rules)
 * 1:20981 <-> ENABLED <-> FILE-IDENTIFY OTF file attachment detected (file-identify.rules)
 * 1:20980 <-> ENABLED <-> FILE-IDENTIFY OTF file attachment detected (file-identify.rules)
 * 1:20982 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office PowerPoint file attachment detected (file-identify.rules)
 * 1:20983 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office PowerPoint file attachment detected (file-identify.rules)
 * 1:20986 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Word docx file attachment detected (file-identify.rules)
 * 1:20991 <-> ENABLED <-> FILE-IDENTIFY TTF file magic detected (file-identify.rules)
 * 1:20987 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Word docx file attachment detected (file-identify.rules)
 * 1:20992 <-> ENABLED <-> FILE-IDENTIFY SAMI file magic detected (file-identify.rules)
 * 1:21035 <-> ENABLED <-> FILE-IDENTIFY PDF file attachment detected (file-identify.rules)
 * 1:21036 <-> ENABLED <-> FILE-IDENTIFY PDF file attachment detected (file-identify.rules)
 * 1:21061 <-> ENABLED <-> FILE-IDENTIFY AVI file attachment detected (file-identify.rules)
 * 1:21059 <-> ENABLED <-> FILE-IDENTIFY AVI Video file magic detected (file-identify.rules)
 * 1:21062 <-> ENABLED <-> FILE-IDENTIFY AVI file attachment detected (file-identify.rules)
 * 1:21109 <-> ENABLED <-> FILE-IDENTIFY MPEG video stream file download request (file-identify.rules)
 * 1:21110 <-> ENABLED <-> FILE-IDENTIFY MPEG video stream file attachment detected (file-identify.rules)
 * 1:21283 <-> ENABLED <-> FILE-IDENTIFY XSL file attachment detected (file-identify.rules)
 * 1:21111 <-> ENABLED <-> FILE-IDENTIFY MPEG video stream file attachment detected (file-identify.rules)
 * 1:21113 <-> ENABLED <-> FILE-IDENTIFY Cisco Webex Player .wrf file magic detected (file-identify.rules)
 * 1:21152 <-> ENABLED <-> FILE-IDENTIFY S3M file attachment detected (file-identify.rules)
 * 1:21153 <-> ENABLED <-> FILE-IDENTIFY S3M file attachment detected (file-identify.rules)
 * 1:21174 <-> ENABLED <-> FILE-IDENTIFY RealNetworks RealPlayer realtext file download request (file-identify.rules)
 * 1:21282 <-> ENABLED <-> FILE-IDENTIFY XSL file download request (file-identify.rules)
 * 1:21284 <-> ENABLED <-> FILE-IDENTIFY XSL file attachment detected (file-identify.rules)
 * 1:21285 <-> ENABLED <-> FILE-IDENTIFY XSLT file download request (file-identify.rules)
 * 1:21286 <-> ENABLED <-> FILE-IDENTIFY XSLT file attachment detected (file-identify.rules)
 * 1:21287 <-> ENABLED <-> FILE-IDENTIFY XSLT file attachment detected (file-identify.rules)
 * 1:21410 <-> ENABLED <-> FILE-IDENTIFY paq8o file download request (file-identify.rules)
 * 1:21411 <-> ENABLED <-> FILE-IDENTIFY paq8o file attachment detected (file-identify.rules)
 * 1:21412 <-> ENABLED <-> FILE-IDENTIFY paq8o file attachment detected (file-identify.rules)
 * 1:21498 <-> ENABLED <-> FILE-IDENTIFY XML file magic detected (file-identify.rules)
 * 1:21480 <-> ENABLED <-> FILE-IDENTIFY XML file magic detected (file-identify.rules)
 * 1:21499 <-> ENABLED <-> FILE-IDENTIFY XML file attachment detected (file-identify.rules)
 * 1:21500 <-> ENABLED <-> FILE-IDENTIFY XML file attachment detected (file-identify.rules)
 * 1:21611 <-> ENABLED <-> FILE-IDENTIFY RAT file attachment detected (file-identify.rules)
 * 1:21613 <-> ENABLED <-> FILE-IDENTIFY PNG file attachment detected (file-identify.rules)
 * 1:21612 <-> ENABLED <-> FILE-IDENTIFY RAT file attachment detected (file-identify.rules)
 * 1:21614 <-> ENABLED <-> FILE-IDENTIFY PNG file attachment detected (file-identify.rules)
 * 1:21615 <-> ENABLED <-> FILE-IDENTIFY WMF file attachment detected (file-identify.rules)
 * 1:21625 <-> ENABLED <-> FILE-IDENTIFY POR file attachment detected (file-identify.rules)
 * 1:21616 <-> ENABLED <-> FILE-IDENTIFY WMF file attachment detected (file-identify.rules)
 * 1:21618 <-> ENABLED <-> FILE-IDENTIFY RT file attachment detected (file-identify.rules)
 * 1:21617 <-> ENABLED <-> FILE-IDENTIFY RT file attachment detected (file-identify.rules)
 * 1:21620 <-> ENABLED <-> FILE-IDENTIFY WAV file magic detected (file-identify.rules)
 * 1:21621 <-> ENABLED <-> FILE-IDENTIFY AVI file magic detected (file-identify.rules)
 * 1:21623 <-> ENABLED <-> FILE-IDENTIFY QUO file attachment detected (file-identify.rules)
 * 1:21624 <-> ENABLED <-> FILE-IDENTIFY QUO file attachment detected (file-identify.rules)
 * 1:21626 <-> ENABLED <-> FILE-IDENTIFY POR file attachment detected (file-identify.rules)
 * 1:21627 <-> ENABLED <-> FILE-IDENTIFY SUM file attachment detected (file-identify.rules)
 * 1:21628 <-> ENABLED <-> FILE-IDENTIFY SUM file attachment detected (file-identify.rules)
 * 1:21649 <-> ENABLED <-> FILE-IDENTIFY QuickDraw/PICT file attachment detected (file-identify.rules)
 * 1:21648 <-> ENABLED <-> FILE-IDENTIFY QuickDraw/PICT file attachment detected (file-identify.rules)
 * 1:21650 <-> ENABLED <-> FILE-IDENTIFY QuickDraw/PICT file download request (file-identify.rules)
 * 1:21651 <-> ENABLED <-> FILE-IDENTIFY QuickDraw/PICT file attachment detected (file-identify.rules)
 * 1:21688 <-> ENABLED <-> FILE-IDENTIFY PLS file attachment detected (file-identify.rules)
 * 1:21652 <-> ENABLED <-> FILE-IDENTIFY QuickDraw/PICT file attachment detected (file-identify.rules)
 * 1:21687 <-> ENABLED <-> FILE-IDENTIFY PLS file attachment detected (file-identify.rules)
 * 1:21691 <-> ENABLED <-> FILE-IDENTIFY SMIL file attachment detected (file-identify.rules)
 * 1:21692 <-> ENABLED <-> FILE-IDENTIFY SMIL file attachment detected (file-identify.rules)
 * 1:21693 <-> ENABLED <-> FILE-IDENTIFY FLAC file attachment detected (file-identify.rules)
 * 1:21694 <-> ENABLED <-> FILE-IDENTIFY FLAC file attachment detected (file-identify.rules)
 * 1:21695 <-> ENABLED <-> FILE-IDENTIFY SMI file attachment detected (file-identify.rules)
 * 1:21696 <-> ENABLED <-> FILE-IDENTIFY SMI file attachment detected (file-identify.rules)
 * 1:21697 <-> ENABLED <-> FILE-IDENTIFY SAMI file attachment detected (file-identify.rules)
 * 1:21698 <-> ENABLED <-> FILE-IDENTIFY SAMI file attachment detected (file-identify.rules)
 * 1:21700 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Excel xlw file attachment detected (file-identify.rules)
 * 1:21699 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Excel xlw file attachment detected (file-identify.rules)
 * 1:21701 <-> ENABLED <-> FILE-IDENTIFY FlashPix file attachment detected (file-identify.rules)
 * 1:21702 <-> ENABLED <-> FILE-IDENTIFY FlashPix file attachment detected (file-identify.rules)
 * 1:21703 <-> ENABLED <-> FILE-IDENTIFY 4XM file attachment detected (file-identify.rules)
 * 1:21704 <-> ENABLED <-> FILE-IDENTIFY 4XM file attachment detected (file-identify.rules)
 * 1:21705 <-> ENABLED <-> FILE-IDENTIFY BitTorrent torrent file attachment detected (file-identify.rules)
 * 1:21706 <-> ENABLED <-> FILE-IDENTIFY BitTorrent torrent file attachment detected (file-identify.rules)
 * 1:21709 <-> ENABLED <-> FILE-IDENTIFY AIFF file attachment detected (file-identify.rules)
 * 1:21710 <-> ENABLED <-> FILE-IDENTIFY AIFF file attachment detected (file-identify.rules)
 * 1:21712 <-> ENABLED <-> FILE-IDENTIFY PFA file magic detected (file-identify.rules)
 * 1:21711 <-> ENABLED <-> FILE-IDENTIFY PFA file download request (file-identify.rules)
 * 1:21713 <-> ENABLED <-> FILE-IDENTIFY PFA file attachment detected (file-identify.rules)
 * 1:21714 <-> ENABLED <-> FILE-IDENTIFY PFA file attachment detected (file-identify.rules)
 * 1:21715 <-> ENABLED <-> FILE-IDENTIFY PFB file download request (file-identify.rules)
 * 1:21717 <-> ENABLED <-> FILE-IDENTIFY PFB file attachment detected (file-identify.rules)
 * 1:21716 <-> ENABLED <-> FILE-IDENTIFY PFB file attachment detected (file-identify.rules)
 * 1:21718 <-> ENABLED <-> FILE-IDENTIFY PFM file download request (file-identify.rules)
 * 1:21719 <-> ENABLED <-> FILE-IDENTIFY PFM file attachment detected (file-identify.rules)
 * 1:21720 <-> ENABLED <-> FILE-IDENTIFY PFM file attachment detected (file-identify.rules)
 * 1:21721 <-> ENABLED <-> FILE-IDENTIFY AFM file download request (file-identify.rules)
 * 1:21722 <-> ENABLED <-> FILE-IDENTIFY AFM file attachment detected (file-identify.rules)
 * 1:21723 <-> ENABLED <-> FILE-IDENTIFY AFM file attachment detected (file-identify.rules)
 * 1:21724 <-> ENABLED <-> FILE-IDENTIFY ANI file download request (file-identify.rules)
 * 1:21725 <-> ENABLED <-> FILE-IDENTIFY ANI file attachment detected (file-identify.rules)
 * 1:21726 <-> ENABLED <-> FILE-IDENTIFY ANI file attachment detected (file-identify.rules)
 * 1:21727 <-> ENABLED <-> FILE-IDENTIFY ANI file magic detection (file-identify.rules)
 * 1:21728 <-> ENABLED <-> FILE-IDENTIFY JPG file attachment detected (file-identify.rules)
 * 1:21729 <-> ENABLED <-> FILE-IDENTIFY JPG file attachment detected (file-identify.rules)
 * 1:21730 <-> ENABLED <-> FILE-IDENTIFY JPG file attachment detected (file-identify.rules)
 * 1:21732 <-> ENABLED <-> FILE-IDENTIFY JPG file attachment detected (file-identify.rules)
 * 1:21731 <-> ENABLED <-> FILE-IDENTIFY JPG file attachment detected (file-identify.rules)
 * 1:21733 <-> ENABLED <-> FILE-IDENTIFY JPG file attachment detected (file-identify.rules)
 * 1:21734 <-> ENABLED <-> FILE-IDENTIFY JPG file attachment detected (file-identify.rules)
 * 1:21736 <-> ENABLED <-> FILE-IDENTIFY JPG file attachment detected (file-identify.rules)
 * 1:21737 <-> ENABLED <-> FILE-IDENTIFY JPG file attachment detected (file-identify.rules)
 * 1:21735 <-> ENABLED <-> FILE-IDENTIFY JPG file attachment detected (file-identify.rules)
 * 1:21738 <-> ENABLED <-> FILE-IDENTIFY JPG file attachment detected (file-identify.rules)
 * 1:21740 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Media asx file attachment detected (file-identify.rules)
 * 1:21739 <-> ENABLED <-> FILE-IDENTIFY JPG file attachment detected (file-identify.rules)
 * 1:20456 <-> ENABLED <-> FILE-IDENTIFY RealNetworks Real Media file magic detected (file-identify.rules)
 * 1:16523 <-> DISABLED <-> FILE-PDF PDF with click-to-launch executable (file-pdf.rules)
 * 1:15922 <-> ENABLED <-> FILE-IDENTIFY MP3 file download request (file-identify.rules)
 * 1:15158 <-> ENABLED <-> FILE-IDENTIFY XML Shareable Playlist Format file download request (file-identify.rules)
 * 1:15870 <-> ENABLED <-> FILE-IDENTIFY 4XM file download request (file-identify.rules)
 * 1:15483 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file download request (file-identify.rules)
 * 1:14038 <-> DISABLED <-> BROWSER-PLUGINS Novell iPrint ActiveX function call access (browser-plugins.rules)
 * 1:16534 <-> DISABLED <-> SERVER-OTHER Windows Server2000/2003/2008 SMTP service DNS MX lookup denial of service attempt  (server-other.rules)
 * 1:15464 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Excel file download request (file-identify.rules)
 * 1:16756 <-> ENABLED <-> NETBIOS SMB /PlughNTCommand unicode andx create tree attempt (netbios.rules)
 * 1:35457 <-> ENABLED <-> FILE-IDENTIFY Adobe LZMA compressed Flash file attachment detected (file-identify.rules)
 * 1:21743 <-> ENABLED <-> FILE-IDENTIFY Embedded Open Type Font file attachment detected (file-identify.rules)
 * 1:21744 <-> ENABLED <-> FILE-IDENTIFY AVI file attachment detected (file-identify.rules)
 * 1:21746 <-> ENABLED <-> FILE-IDENTIFY RTF file attachment detected (file-identify.rules)
 * 1:21747 <-> ENABLED <-> FILE-IDENTIFY RTF file attachment detected (file-identify.rules)
 * 1:21748 <-> ENABLED <-> FILE-IDENTIFY HPJ file download request (file-identify.rules)
 * 1:21750 <-> ENABLED <-> FILE-IDENTIFY HPJ file attachment detected (file-identify.rules)
 * 1:21751 <-> ENABLED <-> FILE-IDENTIFY HPJ file magic detected (file-identify.rules)
 * 1:21807 <-> ENABLED <-> FILE-IDENTIFY Adobe Download Manager aom file download request (file-identify.rules)
 * 1:21808 <-> ENABLED <-> FILE-IDENTIFY Adobe Download Manager aom file attachment detected (file-identify.rules)
 * 1:21810 <-> ENABLED <-> FILE-IDENTIFY Adobe Download Manager aom file magic detected (file-identify.rules)
 * 1:21811 <-> ENABLED <-> FILE-IDENTIFY Apple Quicktime FLIC animation file file download request (file-identify.rules)
 * 1:21812 <-> ENABLED <-> FILE-IDENTIFY Apple Quicktime FLIC animation file file attachment detected (file-identify.rules)
 * 1:21813 <-> ENABLED <-> FILE-IDENTIFY Apple Quicktime FLIC animation file file attachment detected (file-identify.rules)
 * 1:21815 <-> ENABLED <-> FILE-IDENTIFY LZH file attachment detected (file-identify.rules)
 * 1:21816 <-> ENABLED <-> FILE-IDENTIFY LZH file attachment detected (file-identify.rules)
 * 1:21854 <-> ENABLED <-> FILE-IDENTIFY LNK file attachment detected (file-identify.rules)
 * 1:21855 <-> ENABLED <-> FILE-IDENTIFY LNK file attachment detected (file-identify.rules)
 * 1:21857 <-> ENABLED <-> FILE-IDENTIFY ZIP file attachment detected (file-identify.rules)
 * 1:21861 <-> ENABLED <-> FILE-IDENTIFY WRF file attachment detected (file-identify.rules)
 * 1:21862 <-> ENABLED <-> FILE-IDENTIFY WRF file attachment detected (file-identify.rules)
 * 1:21863 <-> ENABLED <-> FILE-IDENTIFY Google Chrome extension file attachment detected (file-identify.rules)
 * 1:21865 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Fax Cover page document file attachment detected (file-identify.rules)
 * 1:21866 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Fax Cover page document file attachment detected (file-identify.rules)
 * 1:21867 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Fax Cover page document file attachment detected (file-identify.rules)
 * 1:24824 <-> ENABLED <-> FILE-IDENTIFY RealPlayer skin file download request (file-identify.rules)
 * 1:24825 <-> ENABLED <-> FILE-IDENTIFY RealPlayer skin file attachment detected (file-identify.rules)
 * 1:25032 <-> ENABLED <-> FILE-IDENTIFY Microsoft Silverlight application file download request (file-identify.rules)
 * 1:25034 <-> ENABLED <-> FILE-IDENTIFY Microsoft Silverlight application file attachment detected (file-identify.rules)
 * 1:25064 <-> DISABLED <-> SERVER-WEBAPP PHP htmlspecialchars htmlentities function buffer overflow attempt (server-webapp.rules)
 * 1:25137 <-> ENABLED <-> EXPLOIT-KIT Styx exploit kit jar outbound connection (exploit-kit.rules)
 * 1:25306 <-> ENABLED <-> FILE-IDENTIFY Adobe Audition Session file download request (file-identify.rules)
 * 1:25307 <-> ENABLED <-> FILE-IDENTIFY Adobe Audition Session file attachment detected (file-identify.rules)
 * 1:25308 <-> ENABLED <-> FILE-IDENTIFY Adobe Audition Session file attachment detected (file-identify.rules)
 * 1:25514 <-> ENABLED <-> FILE-IDENTIFY Portable Executable download detected (file-identify.rules)
 * 1:25515 <-> ENABLED <-> FILE-IDENTIFY Portable Executable binary file magic detected (file-identify.rules)
 * 1:25539 <-> ENABLED <-> EXPLOIT-KIT Red Dot java retrieval attempt (exploit-kit.rules)
 * 1:25682 <-> ENABLED <-> FILE-IDENTIFY Adobe Flash Player embedded compact font detected (file-identify.rules)
 * 1:25764 <-> ENABLED <-> EXPLOIT-KIT Zuponcic exploit kit Oracle Java file download (exploit-kit.rules)
 * 1:25798 <-> ENABLED <-> EXPLOIT-KIT Multiple exploit kit 32-alpha jar request (exploit-kit.rules)
 * 1:25804 <-> ENABLED <-> EXPLOIT-KIT Whitehole exploit kit malicious jar download attempt (exploit-kit.rules)
 * 1:26022 <-> DISABLED <-> FILE-PDF EmbeddedFile contained within a PDF (file-pdf.rules)
 * 1:26057 <-> ENABLED <-> FILE-IDENTIFY ZIP file download detected (file-identify.rules)
 * 1:26251 <-> ENABLED <-> FILE-IDENTIFY JPEG file magic detected (file-identify.rules)
 * 1:26355 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows RDP ActiveX component mstscax use after free attempt (browser-plugins.rules)
 * 1:26356 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows RDP ActiveX component mstscax use after free attempt (browser-plugins.rules)
 * 1:26358 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows RDP ActiveX component mstscax use after free attempt (browser-plugins.rules)
 * 1:26359 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows RDP ActiveX component mstscax use after free attempt (browser-plugins.rules)
 * 1:26360 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows RDP ActiveX component mstscax use after free attempt (browser-plugins.rules)
 * 1:26362 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows RDP ActiveX component mstscax use after free attempt (browser-plugins.rules)
 * 1:26363 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows RDP ActiveX component mstscax use after free attempt (browser-plugins.rules)
 * 1:26364 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows RDP ActiveX component mstscax use after free attempt (browser-plugins.rules)
 * 1:26456 <-> ENABLED <-> FILE-IDENTIFY Stream redirector file attachment detected (file-identify.rules)
 * 1:26457 <-> ENABLED <-> FILE-IDENTIFY Stream redirector file attachment detected (file-identify.rules)
 * 1:26458 <-> ENABLED <-> FILE-IDENTIFY Stream redirector file download request (file-identify.rules)
 * 1:26466 <-> ENABLED <-> FILE-IDENTIFY XUL file attachment detected (file-identify.rules)
 * 1:26492 <-> ENABLED <-> FILE-IDENTIFY KingView KingMessage log file download request (file-identify.rules)
 * 1:26493 <-> ENABLED <-> FILE-IDENTIFY KingView KingMessage log file attachment detected (file-identify.rules)
 * 1:26593 <-> DISABLED <-> SERVER-WEBAPP PHP htmlspecialchars htmlentities function buffer overflow attempt (server-webapp.rules)
 * 1:26661 <-> DISABLED <-> FILE-PDF PDF with click-to-launch executable (file-pdf.rules)
 * 1:26950 <-> ENABLED <-> EXPLOIT-KIT DotkaChef/Rmayana/DotCache exploit kit Zeroaccess download attempt (exploit-kit.rules)
 * 1:27121 <-> ENABLED <-> SERVER-OTHER HP OpenView Storage Data Protector - initiate connection (server-other.rules)
 * 1:27704 <-> ENABLED <-> EXPLOIT-KIT Gong Da exploit kit Java exploit requested (exploit-kit.rules)
 * 1:27705 <-> ENABLED <-> EXPLOIT-KIT Gong Da exploit kit Java exploit requested (exploit-kit.rules)
 * 1:27813 <-> ENABLED <-> EXPLOIT-KIT Styx exploit kit landing page with payload (exploit-kit.rules)
 * 1:27866 <-> ENABLED <-> EXPLOIT-KIT Blackholev2/Darkleech exploit kit landing page (exploit-kit.rules)
 * 1:27873 <-> ENABLED <-> EXPLOIT-KIT Kore exploit kit outbound payload download attempt (exploit-kit.rules)
 * 1:27877 <-> ENABLED <-> EXPLOIT-KIT Blackholev2/Cool exploit kit landing page (exploit-kit.rules)
 * 1:27878 <-> ENABLED <-> EXPLOIT-KIT Blackholev2/Cool exploit kit landing page (exploit-kit.rules)
 * 1:28109 <-> ENABLED <-> EXPLOIT-KIT Nuclear/Magnitude exploit kit Oracle Java exploit download attempt (exploit-kit.rules)
 * 1:28196 <-> ENABLED <-> EXPLOIT-KIT Bleeding Life exploit kit module call (exploit-kit.rules)
 * 1:28197 <-> ENABLED <-> EXPLOIT-KIT Bleeding Life exploit kit module call (exploit-kit.rules)
 * 1:28198 <-> ENABLED <-> EXPLOIT-KIT Bleeding Life exploit kit module call (exploit-kit.rules)
 * 1:28414 <-> ENABLED <-> EXPLOIT-KIT Nuclear/Magnitude exploit kit Oracle Java exploit download attempt (exploit-kit.rules)
 * 1:28425 <-> ENABLED <-> OS-WINDOWS Microsoft Windows SMB Microsoft Windows Remote Administration Protocol usage attempt (os-windows.rules)
 * 1:28449 <-> ENABLED <-> EXPLOIT-KIT Sakura exploit outbound connection attempt (exploit-kit.rules)
 * 1:28595 <-> ENABLED <-> EXPLOIT-KIT Nuclear exploit kit Oracle Java jar file retrieval (exploit-kit.rules)
 * 1:28611 <-> ENABLED <-> EXPLOIT-KIT Sakura exploit kit outbound connection attempt (exploit-kit.rules)
 * 1:28615 <-> ENABLED <-> EXPLOIT-KIT Angler exploit kit exploit download attempt (exploit-kit.rules)
 * 1:28630 <-> DISABLED <-> INDICATOR-OBFUSCATION obfuscated script encoding detected (indicator-obfuscation.rules)
 * 1:28894 <-> ENABLED <-> FILE-IDENTIFY eSignal .ets file attachment detected (file-identify.rules)
 * 1:28895 <-> ENABLED <-> FILE-IDENTIFY eSignal .por file attachment detected (file-identify.rules)
 * 1:28897 <-> ENABLED <-> FILE-IDENTIFY eSignal .sum file attachment detected (file-identify.rules)
 * 1:28898 <-> ENABLED <-> FILE-IDENTIFY eSignal .ets file attachment detected (file-identify.rules)
 * 1:28899 <-> ENABLED <-> FILE-IDENTIFY eSignal .por file attachment detected (file-identify.rules)
 * 1:28901 <-> ENABLED <-> FILE-IDENTIFY eSignal .ets file download request (file-identify.rules)
 * 1:29003 <-> ENABLED <-> EXPLOIT-KIT SPL2 exploit kit jar exploit download (exploit-kit.rules)
 * 1:29129 <-> ENABLED <-> EXPLOIT-KIT Stamp exploit kit jar exploit download - specific structure (exploit-kit.rules)
 * 1:29274 <-> ENABLED <-> FILE-IDENTIFY XFDL file attachment detected (file-identify.rules)
 * 1:29275 <-> ENABLED <-> FILE-IDENTIFY XFDL file attachment detected (file-identify.rules)
 * 1:29276 <-> ENABLED <-> FILE-IDENTIFY XFDL file download request (file-identify.rules)
 * 1:29385 <-> ENABLED <-> FILE-IDENTIFY Adobe AIR file attachment detected (file-identify.rules)
 * 1:29386 <-> ENABLED <-> FILE-IDENTIFY Adobe AIR file attachment detected (file-identify.rules)
 * 1:29405 <-> ENABLED <-> FILE-IDENTIFY Microsoft Internet Shortcut file attachment detected (file-identify.rules)
 * 1:29407 <-> ENABLED <-> FILE-IDENTIFY Microsoft Internet Shortcut file download request (file-identify.rules)
 * 1:29446 <-> ENABLED <-> EXPLOIT-KIT Styx exploit kit jar outbound connection (exploit-kit.rules)
 * 1:29514 <-> ENABLED <-> OS-WINDOWS Microsoft Windows SMB Microsoft Windows Remote Administration Protocol usage attempt (os-windows.rules)
 * 1:29613 <-> ENABLED <-> FILE-IDENTIFY XPS file attachment detected (file-identify.rules)
 * 1:29614 <-> ENABLED <-> FILE-IDENTIFY XPS file download request (file-identify.rules)
 * 1:29749 <-> DISABLED <-> BROWSER-PLUGINS IBM SizerOne ActiveX clsid access attempt (browser-plugins.rules)
 * 1:30014 <-> ENABLED <-> FILE-IDENTIFY OS/2 Metafile file magic detected (file-identify.rules)
 * 1:30015 <-> ENABLED <-> FILE-IDENTIFY OS/2 Metafile file attachment detected (file-identify.rules)
 * 1:30016 <-> ENABLED <-> FILE-IDENTIFY OS/2 Metafile file attachment detected (file-identify.rules)
 * 1:30018 <-> ENABLED <-> FILE-IDENTIFY OS/2 Metafile file download request (file-identify.rules)
 * 1:30219 <-> ENABLED <-> EXPLOIT-KIT Nuclear exploit kit outbound jar request (exploit-kit.rules)
 * 1:30767 <-> ENABLED <-> EXPLOIT-KIT Magnitude exploit kit Oracle Java payload request (exploit-kit.rules)
 * 1:30944 <-> DISABLED <-> SERVER-APACHE Apache Struts CookieInterceptor classloader access attempt (server-apache.rules)
 * 1:31232 <-> ENABLED <-> EXPLOIT-KIT Bleeding Life exploit kit outbound jar request (exploit-kit.rules)
 * 1:31277 <-> ENABLED <-> EXPLOIT-KIT CottonCastle exploit kit Oracle Java outbound connection (exploit-kit.rules)
 * 1:31299 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Necurs or Win.Trojan Locky variant outbound detection (malware-cnc.rules)
 * 1:3135 <-> ENABLED <-> NETBIOS SMB Trans2 QUERY_FILE_INFO attempt (netbios.rules)
 * 1:3136 <-> ENABLED <-> NETBIOS SMB Trans2 QUERY_FILE_INFO andx attempt (netbios.rules)
 * 1:3138 <-> ENABLED <-> NETBIOS SMB-DS Trans2 QUERY_FILE_INFO andx attempt (netbios.rules)
 * 1:3139 <-> ENABLED <-> NETBIOS SMB Trans2 FIND_FIRST2 attempt (netbios.rules)
 * 1:3140 <-> ENABLED <-> NETBIOS SMB Trans2 FIND_FIRST2 andx attempt (netbios.rules)
 * 1:31408 <-> ENABLED <-> BROWSER-PLUGINS Adobe Reader 11 messageHandler ActiveX access attempt (browser-plugins.rules)
 * 1:31409 <-> ENABLED <-> BROWSER-PLUGINS Adobe Reader 11 messageHandler ActiveX access attempt (browser-plugins.rules)
 * 1:3141 <-> ENABLED <-> NETBIOS SMB-DS Trans2 FIND_FIRST2 attempt (netbios.rules)
 * 1:3142 <-> ENABLED <-> NETBIOS SMB-DS Trans2 FIND_FIRST2 andx attempt (netbios.rules)
 * 1:31505 <-> ENABLED <-> SERVER-WEBAPP AlienVault OSSIM av-centerd get_license command injection attempt (server-webapp.rules)
 * 1:31506 <-> ENABLED <-> SERVER-WEBAPP AlienVault OSSIM av-centerd get_log_line command injection attempt (server-webapp.rules)
 * 1:31526 <-> ENABLED <-> SERVER-OTHER HP AutoPass License Server CommunicationServlet directory traversal attempt (server-other.rules)
 * 1:31702 <-> ENABLED <-> FILE-IDENTIFY Microsoft Silverlight application file magic detected (file-identify.rules)
 * 1:31703 <-> ENABLED <-> FILE-IDENTIFY Microsoft Silverlight application file magic detected (file-identify.rules)
 * 1:31774 <-> ENABLED <-> FILE-IDENTIFY BitTorrent torrent file attachment detected (file-identify.rules)
 * 1:31775 <-> ENABLED <-> FILE-IDENTIFY BitTorrent torrent file attachment detected (file-identify.rules)
 * 1:31776 <-> ENABLED <-> FILE-IDENTIFY BitTorrent torrent file attachment detected (file-identify.rules)
 * 1:31871 <-> ENABLED <-> FILE-IDENTIFY JPEG file magic detection (file-identify.rules)
 * 1:32134 <-> ENABLED <-> FILE-IDENTIFY XBM file attachment detected (file-identify.rules)
 * 1:32135 <-> ENABLED <-> FILE-IDENTIFY XBM file attachment detected (file-identify.rules)
 * 1:32203 <-> DISABLED <-> SERVER-WEBAPP PineApp Mail-SeCure ldapsyncnow.php command injection attempt (server-webapp.rules)
 * 1:32251 <-> ENABLED <-> FILE-IDENTIFY Basic Control Engine file attachment detected (file-identify.rules)
 * 1:32252 <-> ENABLED <-> FILE-IDENTIFY Basic Control Engine file attachment detected (file-identify.rules)
 * 1:32342 <-> ENABLED <-> SERVER-OTHER AlienVault OSSIM framework backup_restore action command injection attempt (server-other.rules)
 * 1:32345 <-> ENABLED <-> SERVER-OTHER HP OpenView Storage Data Protector - initiate connection (server-other.rules)
 * 1:32355 <-> DISABLED <-> INDICATOR-OBFUSCATION Javascript variable obfuscation (indicator-obfuscation.rules)
 * 1:32380 <-> ENABLED <-> FILE-IDENTIFY dib file attachment detected (file-identify.rules)
 * 1:32389 <-> ENABLED <-> EXPLOIT-KIT Nuclear exploit kit outbound Oracle Java request (exploit-kit.rules)
 * 1:32481 <-> DISABLED <-> POLICY-OTHER Remote non-JavaScript file found in script tag src attribute (policy-other.rules)
 * 1:32524 <-> DISABLED <-> BROWSER-OTHER FreeBSD tnftp fetch_url client side command injection attempt (browser-other.rules)
 * 1:32525 <-> ENABLED <-> BROWSER-OTHER FreeBSD tnftp client detected (browser-other.rules)
 * 1:32555 <-> ENABLED <-> EXPLOIT-KIT Hellspawn exploit kit outbound Oracle Java jar request (exploit-kit.rules)
 * 1:32782 <-> ENABLED <-> FILE-FLASH Adobe Flash Player parseFloat stack overflow remote code execution attempt (file-flash.rules)
 * 1:32783 <-> ENABLED <-> FILE-FLASH Adobe Flash Player parseFloat stack overflow remote code execution attempt (file-flash.rules)
 * 1:32784 <-> ENABLED <-> FILE-FLASH Adobe Flash Player parseFloat stack overflow remote code execution attempt (file-flash.rules)
 * 1:32991 <-> DISABLED <-> SERVER-OTHER SAP NetWeaver SXPG_COMMAND_EXECUTE remote command execution attempt (server-other.rules)
 * 1:32992 <-> DISABLED <-> SERVER-OTHER SAP NetWeaver SXPG_COMMAND_EXECUTE remote command execution attempt (server-other.rules)
 * 1:33026 <-> ENABLED <-> FILE-IDENTIFY Publish-iT PUI file attachment detected (file-identify.rules)
 * 1:33028 <-> ENABLED <-> FILE-IDENTIFY Publish-iT PUI file download request (file-identify.rules)
 * 1:33070 <-> DISABLED <-> BROWSER-PLUGINS Attachmate Reflection FTP Client ActiveX clsid access attempt (browser-plugins.rules)
 * 1:33071 <-> DISABLED <-> BROWSER-PLUGINS Attachmate Reflection FTP Client ActiveX clsid access attempt (browser-plugins.rules)
 * 1:33073 <-> DISABLED <-> BROWSER-PLUGINS Attachmate Reflection FTP Client ActiveX clsid access attempt (browser-plugins.rules)
 * 1:33247 <-> DISABLED <-> BLACKLIST User-Agent known malicious user-agent string - PPKHandler - Win.Backdoor.Upatre (blacklist.rules)
 * 1:33569 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CTableLayout memory corruption attempt (browser-ie.rules)
 * 1:33785 <-> DISABLED <-> SERVER-OTHER SSL request for export grade cipher suite attempt (server-other.rules)
 * 1:34104 <-> DISABLED <-> SERVER-WEBAPP Novell ZENworks Configuration Management directory traversal attempt (server-webapp.rules)
 * 1:34105 <-> DISABLED <-> SERVER-WEBAPP Novell ZENworks Configuration Management directory traversal attempt (server-webapp.rules)
 * 1:34332 <-> ENABLED <-> EXPLOIT-KIT Fiesta exploit kit Oracle Java exploit download (exploit-kit.rules)
 * 1:34727 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer DataView use-after-free attempt (browser-ie.rules)
 * 1:34728 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer DataView use-after-free attempt (browser-ie.rules)
 * 1:35433 <-> ENABLED <-> FILE-IDENTIFY M4A file magic detected (file-identify.rules)
 * 1:35455 <-> ENABLED <-> FILE-IDENTIFY Adobe LZMA compressed Flash file magic detected (file-identify.rules)
 * 1:35456 <-> ENABLED <-> FILE-IDENTIFY Adobe LZMA compressed Flash file attachment detected (file-identify.rules)
 * 1:21885 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Publisher file attachment detected (file-identify.rules)
 * 1:21886 <-> ENABLED <-> FILE-IDENTIFY OpenType Font file attachment detected (file-identify.rules)
 * 1:21887 <-> ENABLED <-> FILE-IDENTIFY OpenType Font file attachment detected (file-identify.rules)
 * 1:21888 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Movie Maker file attachment detected (file-identify.rules)
 * 1:21889 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Movie Maker file attachment detected (file-identify.rules)
 * 1:21890 <-> ENABLED <-> FILE-IDENTIFY Adobe Director Movie file attachment detected (file-identify.rules)
 * 1:21891 <-> ENABLED <-> FILE-IDENTIFY Adobe Director Movie file attachment detected (file-identify.rules)
 * 1:21892 <-> ENABLED <-> FILE-IDENTIFY Adobe Director Movie file attachment detected (file-identify.rules)
 * 1:21893 <-> ENABLED <-> FILE-IDENTIFY Adobe Director Movie file attachment detected (file-identify.rules)
 * 1:21894 <-> ENABLED <-> FILE-IDENTIFY SVG file attachment detected (file-identify.rules)
 * 1:21895 <-> ENABLED <-> FILE-IDENTIFY SVG file attachment detected (file-identify.rules)
 * 1:21908 <-> ENABLED <-> FILE-IDENTIFY Portable Executable file attachment detected (file-identify.rules)
 * 1:21909 <-> ENABLED <-> FILE-IDENTIFY Portable Executable file attachment detected (file-identify.rules)
 * 1:21915 <-> ENABLED <-> SERVER-OTHER Novell Groupwise HTTP login request (server-other.rules)
 * 1:21916 <-> ENABLED <-> SERVER-OTHER Novell Groupwise HTTP login request (server-other.rules)
 * 1:21918 <-> DISABLED <-> BROWSER-PLUGINS IBM Tivoli Provisioning Manager Express ActiveX clsid access attempt (browser-plugins.rules)
 * 1:21919 <-> DISABLED <-> BROWSER-PLUGINS IBM Tivoli Provisioning Manager Express ActiveX clsid access attempt (browser-plugins.rules)
 * 1:21999 <-> ENABLED <-> FILE-IDENTIFY OpenType Font file magic detection (file-identify.rules)
 * 1:22943 <-> ENABLED <-> FILE-IDENTIFY NAB file download request (file-identify.rules)
 * 1:22944 <-> ENABLED <-> FILE-IDENTIFY NAB file attachment detected (file-identify.rules)
 * 1:22945 <-> ENABLED <-> FILE-IDENTIFY NAB file attachment detected (file-identify.rules)
 * 1:22946 <-> ENABLED <-> FILE-IDENTIFY NAB file magic detected (file-identify.rules)
 * 1:22961 <-> ENABLED <-> FILE-IDENTIFY RealNetworks RealPlayer RAM file attachment detected (file-identify.rules)
 * 1:22962 <-> ENABLED <-> FILE-IDENTIFY RealNetworks RealPlayer RAM file attachment detected (file-identify.rules)
 * 1:22965 <-> ENABLED <-> FILE-IDENTIFY RealNetworks RealPlayer RT file attachment detected (file-identify.rules)
 * 1:22966 <-> ENABLED <-> FILE-IDENTIFY RealNetworks RealPlayer RT file attachment detected (file-identify.rules)
 * 1:22971 <-> ENABLED <-> FILE-IDENTIFY MPEG Layer 3 playlist file attachment detected (file-identify.rules)
 * 1:22972 <-> ENABLED <-> FILE-IDENTIFY m3u playlist file file attachment detected (file-identify.rules)
 * 1:22979 <-> ENABLED <-> FILE-IDENTIFY M4V file attachment detected (file-identify.rules)
 * 1:22980 <-> ENABLED <-> FILE-IDENTIFY M4V file attachment detected (file-identify.rules)
 * 1:22993 <-> ENABLED <-> FILE-IDENTIFY MP4 file attachment detected (file-identify.rules)
 * 1:22994 <-> ENABLED <-> FILE-IDENTIFY MP4 file attachment detected (file-identify.rules)
 * 1:22995 <-> ENABLED <-> FILE-IDENTIFY Apple QuickTime Movie file attachment detected (file-identify.rules)
 * 1:22996 <-> ENABLED <-> FILE-IDENTIFY Apple QuickTime Movie file attachment detected (file-identify.rules)
 * 1:22997 <-> ENABLED <-> FILE-IDENTIFY MHTML file attachment detected (file-identify.rules)
 * 1:22998 <-> ENABLED <-> FILE-IDENTIFY MHTML file attachment detected (file-identify.rules)
 * 1:22999 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Audio wmf file magic detected (file-identify.rules)
 * 1:23000 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Media Player DVR file attachment detected (file-identify.rules)
 * 1:23001 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Media Player DVR file attachment detected (file-identify.rules)
 * 1:23011 <-> ENABLED <-> FILE-IDENTIFY Collada file download request (file-identify.rules)
 * 1:23012 <-> ENABLED <-> FILE-IDENTIFY Collada file attachment detected (file-identify.rules)
 * 1:23013 <-> ENABLED <-> FILE-IDENTIFY Collada file attachment detected (file-identify.rules)
 * 1:23167 <-> ENABLED <-> FILE-IDENTIFY MPG video stream file download request (file-identify.rules)
 * 1:23168 <-> ENABLED <-> FILE-IDENTIFY MPG video stream file attachment detected (file-identify.rules)
 * 1:23169 <-> ENABLED <-> FILE-IDENTIFY MPG video stream file attachment detected (file-identify.rules)
 * 1:23190 <-> ENABLED <-> FILE-IDENTIFY Windows Media Metafile file download request (file-identify.rules)
 * 1:23191 <-> ENABLED <-> FILE-IDENTIFY Windows Media Metafile file attachment detected (file-identify.rules)
 * 1:23192 <-> ENABLED <-> FILE-IDENTIFY Windows Media Metafile file attachment detected (file-identify.rules)
 * 1:23193 <-> ENABLED <-> FILE-IDENTIFY Windows Media Metafile file download request (file-identify.rules)
 * 1:23194 <-> ENABLED <-> FILE-IDENTIFY Windows Media Metafile file attachment detected (file-identify.rules)
 * 1:23195 <-> ENABLED <-> FILE-IDENTIFY Windows Media Metafile file attachment detected (file-identify.rules)
 * 1:23196 <-> ENABLED <-> FILE-IDENTIFY Windows Media Metafile file download request (file-identify.rules)
 * 1:23197 <-> ENABLED <-> FILE-IDENTIFY Windows Media Metafile file attachment detected (file-identify.rules)
 * 1:23198 <-> ENABLED <-> FILE-IDENTIFY Windows Media Metafile file attachment detected (file-identify.rules)
 * 1:23199 <-> ENABLED <-> FILE-IDENTIFY Windows Media Metafile file download request (file-identify.rules)
 * 1:23200 <-> ENABLED <-> FILE-IDENTIFY Windows Media Metafile file attachment detected (file-identify.rules)
 * 1:23201 <-> ENABLED <-> FILE-IDENTIFY Windows Media Metafile file attachment detected (file-identify.rules)
 * 1:23202 <-> ENABLED <-> FILE-IDENTIFY Windows Media Metafile file download request (file-identify.rules)
 * 1:23203 <-> ENABLED <-> FILE-IDENTIFY Windows Media Metafile file attachment detected (file-identify.rules)
 * 1:23204 <-> ENABLED <-> FILE-IDENTIFY Windows Media Metafile file attachment detected (file-identify.rules)
 * 1:23205 <-> ENABLED <-> FILE-IDENTIFY Windows Media Metafile file download request (file-identify.rules)
 * 1:23206 <-> ENABLED <-> FILE-IDENTIFY Windows Media Metafile file attachment detected (file-identify.rules)
 * 1:23207 <-> ENABLED <-> FILE-IDENTIFY Windows Media Metafile file attachment detected (file-identify.rules)
 * 1:23208 <-> ENABLED <-> PROTOCOL-VOIP Digium Asterisk Manager Interface initial banner (protocol-voip.rules)
 * 1:23282 <-> DISABLED <-> SERVER-WEBAPP Microsoft Office SharePoint query.iqy XSS attempt (server-webapp.rules)
 * 1:23347 <-> ENABLED <-> FILE-IDENTIFY Lotus file download request (file-identify.rules)
 * 1:23348 <-> ENABLED <-> FILE-IDENTIFY Lotus file attachment detected (file-identify.rules)
 * 1:23349 <-> ENABLED <-> FILE-IDENTIFY Lotus file attachment detected (file-identify.rules)
 * 1:23393 <-> ENABLED <-> SQL IBM SolidDB initial banner (sql.rules)
 * 1:23530 <-> DISABLED <-> FILE-OFFICE Microsoft Office TIFF filter buffer overflow attempt (file-office.rules)
 * 1:23637 <-> ENABLED <-> FILE-IDENTIFY Java .class file attachment detected (file-identify.rules)
 * 1:23638 <-> ENABLED <-> FILE-IDENTIFY Java .class file attachment detected (file-identify.rules)
 * 1:23639 <-> ENABLED <-> FILE-IDENTIFY MPEG video stream file magic detected (file-identify.rules)
 * 1:23640 <-> ENABLED <-> FILE-IDENTIFY MPEG sys stream file magic detected (file-identify.rules)
 * 1:23645 <-> ENABLED <-> FILE-IDENTIFY RealNetworks Real Media file magic detected (file-identify.rules)
 * 1:23647 <-> ENABLED <-> FILE-IDENTIFY GIF file magic detected (file-identify.rules)
 * 1:23648 <-> ENABLED <-> FILE-IDENTIFY MP3 file magic detected (file-identify.rules)
 * 1:23651 <-> ENABLED <-> FILE-IDENTIFY JAR/ZIP file magic detected (file-identify.rules)
 * 1:23652 <-> ENABLED <-> FILE-IDENTIFY JAR/ZIP file magic detected (file-identify.rules)
 * 1:23653 <-> ENABLED <-> FILE-IDENTIFY JAR/ZIP file magic detected (file-identify.rules)
 * 1:23654 <-> ENABLED <-> FILE-IDENTIFY JAR/ZIP file magic detected (file-identify.rules)
 * 1:23655 <-> ENABLED <-> FILE-IDENTIFY JAR/ZIP file magic detected (file-identify.rules)
 * 1:23656 <-> ENABLED <-> FILE-IDENTIFY JAR/ZIP file magic detected (file-identify.rules)
 * 1:23657 <-> ENABLED <-> FILE-IDENTIFY JAR/ZIP file magic detected (file-identify.rules)
 * 1:23658 <-> ENABLED <-> FILE-IDENTIFY RIFX file magic detected (file-identify.rules)
 * 1:23659 <-> ENABLED <-> FILE-IDENTIFY RAR file magic detected (file-identify.rules)
 * 1:23664 <-> ENABLED <-> FILE-IDENTIFY PNG file magic detected (file-identify.rules)
 * 1:23666 <-> ENABLED <-> FILE-IDENTIFY MP3 file magic detected (file-identify.rules)
 * 1:23667 <-> ENABLED <-> FILE-IDENTIFY JPEG file magic detected (file-identify.rules)
 * 1:23670 <-> ENABLED <-> FILE-IDENTIFY RTF file magic detected (file-identify.rules)
 * 1:23676 <-> ENABLED <-> FILE-IDENTIFY Universal Binary/Java Bytecode file magic detected (file-identify.rules)
 * 1:23677 <-> ENABLED <-> FILE-IDENTIFY jarpack file magic detected (file-identify.rules)
 * 1:23678 <-> ENABLED <-> FILE-IDENTIFY PDF file magic detected (file-identify.rules)
 * 1:23679 <-> ENABLED <-> FILE-IDENTIFY compressed Adobe Shockwave Flash file magic detected (file-identify.rules)
 * 1:23680 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file magic detected (file-identify.rules)
 * 1:23681 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file magic detected (file-identify.rules)
 * 1:23682 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:23683 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:23684 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:23685 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:23687 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file magic detected (file-identify.rules)
 * 1:23691 <-> ENABLED <-> FILE-IDENTIFY dmg file magic detected (file-identify.rules)
 * 1:23695 <-> ENABLED <-> FILE-IDENTIFY Flac file magic detected (file-identify.rules)
 * 1:23696 <-> ENABLED <-> FILE-IDENTIFY VideoLAN VLC file magic detected (file-identify.rules)
 * 1:23697 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Excel xlw file magic detected (file-identify.rules)
 * 1:23698 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Media ASF file magic detected (file-identify.rules)
 * 1:23701 <-> ENABLED <-> FILE-IDENTIFY Microsoft SYmbolic LinK file magic detected (file-identify.rules)
 * 1:23703 <-> ENABLED <-> FILE-IDENTIFY Microsoft asf file magic detected (file-identify.rules)
 * 1:23707 <-> ENABLED <-> FILE-IDENTIFY Microsoft Compound File Binary v3 file magic detected (file-identify.rules)
 * 1:23709 <-> ENABLED <-> FILE-IDENTIFY Tiff little endian file magic detected (file-identify.rules)
 * 1:23710 <-> ENABLED <-> FILE-IDENTIFY Tiff big endian file magic detected (file-identify.rules)
 * 1:23711 <-> ENABLED <-> FILE-IDENTIFY OLE Document file magic detected (file-identify.rules)
 * 1:23712 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Excel file magic detected (file-identify.rules)
 * 1:23720 <-> ENABLED <-> FILE-IDENTIFY RealNetworks Realplayer REC file magic detected (file-identify.rules)
 * 1:23721 <-> ENABLED <-> FILE-IDENTIFY RealNetworks Realplayer .r1m file magic detected (file-identify.rules)
 * 1:23723 <-> ENABLED <-> FILE-IDENTIFY M3U file magic detected (file-identify.rules)
 * 1:23724 <-> ENABLED <-> FILE-IDENTIFY Adobe Director Movie file magic detected (file-identify.rules)
 * 1:23727 <-> ENABLED <-> FILE-IDENTIFY Adobe Flash Video file magic detected (file-identify.rules)
 * 1:23728 <-> ENABLED <-> FILE-IDENTIFY matroska file magic detected (file-identify.rules)
 * 1:23729 <-> ENABLED <-> FILE-IDENTIFY PICT file magic detected (file-identify.rules)
 * 1:23732 <-> ENABLED <-> FILE-IDENTIFY Microsoft Media Player .asf file magic detected (file-identify.rules)
 * 1:23735 <-> ENABLED <-> FILE-IDENTIFY MIDI file magic detected (file-identify.rules)
 * 1:23736 <-> ENABLED <-> FILE-IDENTIFY PLS file magic detected (file-identify.rules)
 * 1:23737 <-> ENABLED <-> FILE-IDENTIFY SMIL file magic detected (file-identify.rules)
 * 1:23738 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:23739 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:23740 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:23741 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:23742 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:23743 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:23744 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:23745 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:23746 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:23747 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:23748 <-> ENABLED <-> FILE-IDENTIFY TTF file magic detected (file-identify.rules)
 * 1:23749 <-> ENABLED <-> FILE-IDENTIFY SAMI file magic detected (file-identify.rules)
 * 1:23753 <-> ENABLED <-> FILE-IDENTIFY Visio file magic detected (file-identify.rules)
 * 1:23754 <-> ENABLED <-> FILE-IDENTIFY AVI Video file magic detected (file-identify.rules)
 * 1:23755 <-> ENABLED <-> FILE-IDENTIFY Cisco Webex Player .wrf file magic detected (file-identify.rules)
 * 1:23758 <-> ENABLED <-> FILE-IDENTIFY XML file magic detected (file-identify.rules)
 * 1:23759 <-> ENABLED <-> FILE-IDENTIFY XML file magic detected (file-identify.rules)
 * 1:23760 <-> ENABLED <-> FILE-IDENTIFY WAV file magic detected (file-identify.rules)
 * 1:23761 <-> ENABLED <-> FILE-IDENTIFY AVI file magic detected (file-identify.rules)
 * 1:23762 <-> ENABLED <-> FILE-IDENTIFY PFA file magic detected (file-identify.rules)
 * 1:23763 <-> ENABLED <-> FILE-IDENTIFY HPJ file magic detected (file-identify.rules)
 * 1:23764 <-> ENABLED <-> FILE-IDENTIFY Adobe Download Manager aom file magic detected (file-identify.rules)
 * 1:23765 <-> ENABLED <-> FILE-IDENTIFY Apple Quicktime FLIC file magic detected (file-identify.rules)
 * 1:23774 <-> ENABLED <-> FILE-IDENTIFY NAB file magic detected (file-identify.rules)
 * 1:23807 <-> ENABLED <-> FILE-IDENTIFY JPEG2000 file download request (file-identify.rules)
 * 1:23808 <-> ENABLED <-> FILE-IDENTIFY JPEG2000 file attachment detected (file-identify.rules)
 * 1:23809 <-> ENABLED <-> FILE-IDENTIFY JPEG2000 file attachment detected (file-identify.rules)
 * 1:23810 <-> ENABLED <-> FILE-IDENTIFY JPEG2000 file download request (file-identify.rules)
 * 1:23811 <-> ENABLED <-> FILE-IDENTIFY JPEG2000 file attachment detected (file-identify.rules)
 * 1:23812 <-> ENABLED <-> FILE-IDENTIFY JPEG2000 file attachment detected (file-identify.rules)
 * 1:23813 <-> ENABLED <-> FILE-IDENTIFY JPEG2000 file download request (file-identify.rules)
 * 1:23814 <-> ENABLED <-> FILE-IDENTIFY JPEG2000 file attachment detected (file-identify.rules)
 * 1:23815 <-> ENABLED <-> FILE-IDENTIFY JPEG2000 file attachment detected (file-identify.rules)
 * 1:23816 <-> ENABLED <-> FILE-IDENTIFY JPEG2000 file download request (file-identify.rules)
 * 1:23817 <-> ENABLED <-> FILE-IDENTIFY JPEG2000 file attachment detected (file-identify.rules)
 * 1:23818 <-> ENABLED <-> FILE-IDENTIFY JPEG2000 file attachment detected (file-identify.rules)
 * 1:23819 <-> ENABLED <-> FILE-IDENTIFY JPEG2000 file download request (file-identify.rules)
 * 1:23820 <-> ENABLED <-> FILE-IDENTIFY JPEG2000 file attachment detected (file-identify.rules)
 * 1:23821 <-> ENABLED <-> FILE-IDENTIFY JPEG2000 file attachment detected (file-identify.rules)
 * 1:23822 <-> ENABLED <-> FILE-IDENTIFY JPEG2000 file magic detected (file-identify.rules)
 * 1:23823 <-> ENABLED <-> FILE-IDENTIFY JPEG2000 file magic detected (file-identify.rules)
 * 1:23839 <-> ENABLED <-> OS-WINDOWS Microsoft Windows SMB RAP API NetServerEnum2 long server name buffer overflow attempt (os-windows.rules)
 * 1:24074 <-> ENABLED <-> FILE-IDENTIFY MP3 file download request (file-identify.rules)
 * 1:24075 <-> ENABLED <-> FILE-IDENTIFY MP3 file attachment detected (file-identify.rules)
 * 1:24076 <-> ENABLED <-> FILE-IDENTIFY MP3 file attachment detected (file-identify.rules)
 * 1:24078 <-> ENABLED <-> FILE-IDENTIFY RMF file attachment detected (file-identify.rules)
 * 1:24079 <-> ENABLED <-> FILE-IDENTIFY RMF file attachment detected (file-identify.rules)
 * 1:24080 <-> ENABLED <-> FILE-IDENTIFY Microsoft Works file attachment detected (file-identify.rules)
 * 1:24081 <-> ENABLED <-> FILE-IDENTIFY Microsoft Works file attachment detected (file-identify.rules)
 * 1:24100 <-> ENABLED <-> FILE-IDENTIFY PLF file attachment detected (file-identify.rules)
 * 1:24101 <-> ENABLED <-> FILE-IDENTIFY PLF file attachment detected (file-identify.rules)
 * 1:24172 <-> DISABLED <-> SQL use of concat function with select - likely SQL injection (sql.rules)
 * 1:2419 <-> ENABLED <-> FILE-IDENTIFY RealNetworks Realplayer .ram playlist file download request (file-identify.rules)
 * 1:24190 <-> ENABLED <-> FILE-IDENTIFY X PixMap file magic detected (file-identify.rules)
 * 1:2420 <-> ENABLED <-> FILE-IDENTIFY RealNetworks Realplayer .rmp playlist file download request (file-identify.rules)
 * 1:24206 <-> ENABLED <-> FILE-IDENTIFY LZH archive file magic detected (file-identify.rules)
 * 1:24213 <-> ENABLED <-> FILE-IDENTIFY MP4 file magic detected (file-identify.rules)
 * 1:24218 <-> ENABLED <-> FILE-IDENTIFY SMIL file magic detected (file-identify.rules)
 * 1:24219 <-> ENABLED <-> FILE-IDENTIFY SMIL file magic detected (file-identify.rules)
 * 1:2422 <-> ENABLED <-> FILE-IDENTIFY RealNetworks Realplayer .rt playlist file download request (file-identify.rules)
 * 1:2423 <-> ENABLED <-> FILE-IDENTIFY RealNetworks Realplayer .rp playlist file download request (file-identify.rules)
 * 1:24284 <-> ENABLED <-> FILE-OFFICE Microsoft Office Drawing object code execution attempt (file-office.rules)
 * 1:24313 <-> ENABLED <-> SERVER-WEBAPP HP OpenView Operations Agent request attempt (server-webapp.rules)
 * 1:2436 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Audio wmf file download request (file-identify.rules)
 * 1:24455 <-> ENABLED <-> FILE-IDENTIFY JPEG file magic detected (file-identify.rules)
 * 1:24456 <-> ENABLED <-> FILE-IDENTIFY JPEG file magic detected (file-identify.rules)
 * 1:24457 <-> ENABLED <-> FILE-IDENTIFY JPEG file magic detected (file-identify.rules)
 * 1:24458 <-> ENABLED <-> FILE-IDENTIFY JPEG file magic detected (file-identify.rules)
 * 1:24463 <-> ENABLED <-> FILE-IDENTIFY TIFF file attachment detected (file-identify.rules)
 * 1:24464 <-> ENABLED <-> FILE-IDENTIFY TIFF file attachment detected (file-identify.rules)
 * 1:24465 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Audio wmf file magic detected (file-identify.rules)
 * 1:24472 <-> ENABLED <-> FILE-IDENTIFY FLV file attachment detected (file-identify.rules)
 * 1:24473 <-> ENABLED <-> FILE-IDENTIFY FLV file attachment detected (file-identify.rules)
 * 1:24483 <-> ENABLED <-> FILE-IDENTIFY Embedded Open Type Font file magic detected (file-identify.rules)
 * 1:24484 <-> ENABLED <-> FILE-IDENTIFY Embedded Open Type Font file magic detected (file-identify.rules)
 * 1:24554 <-> ENABLED <-> FILE-IDENTIFY Apple QuickTime PICT v2.0 Image header (file-identify.rules)
 * 1:24555 <-> ENABLED <-> FILE-IDENTIFY Apple QuickTime PICT v2.0 Image header (file-identify.rules)
 * 1:24599 <-> ENABLED <-> FILE-IDENTIFY Alt-N MDaemon IMAP Server (file-identify.rules)
 * 1:24708 <-> ENABLED <-> FILE-IDENTIFY Netop Remote Control file download request (file-identify.rules)
 * 1:24709 <-> ENABLED <-> FILE-IDENTIFY Netop Remote Control file attachment detected (file-identify.rules)
 * 1:24710 <-> ENABLED <-> FILE-IDENTIFY Netop Remote Control file attachment detected (file-identify.rules)
 * 1:24719 <-> ENABLED <-> PROTOCOL-VOIP Digium Asterisk SCCP call state message offhook (protocol-voip.rules)
 * 1:24720 <-> DISABLED <-> PROTOCOL-VOIP Digium Asterisk SCCP keypad button message denial of service attempt (protocol-voip.rules)
 * 1:24816 <-> ENABLED <-> FILE-IDENTIFY MP4 file magic detected (file-identify.rules)
 * 1:17314 <-> ENABLED <-> FILE-IDENTIFY OLE document file magic detected (file-identify.rules)
 * 1:24817 <-> ENABLED <-> FILE-IDENTIFY MP4 file magic detected (file-identify.rules)
 * 1:24818 <-> ENABLED <-> FILE-IDENTIFY M4V file magic detected (file-identify.rules)
 * 1:24819 <-> ENABLED <-> FILE-IDENTIFY M4V file magic detected (file-identify.rules)
 * 1:24820 <-> ENABLED <-> FILE-IDENTIFY Computer Graphics Metafile file download request (file-identify.rules)
 * 1:24821 <-> ENABLED <-> FILE-IDENTIFY Computer Graphics Metafile file attachment detected (file-identify.rules)
 * 1:24822 <-> ENABLED <-> FILE-IDENTIFY Computer Graphics Metafile file attachment detected (file-identify.rules)
 * 1:16761 <-> ENABLED <-> NETBIOS SMB /PlughNTCommand unicode create tree attempt (netbios.rules)
 * 1:17116 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Media ASX file download request (file-identify.rules)
 * 1:17130 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer boundElements arbitrary code execution attempt (browser-ie.rules)
 * 1:17151 <-> ENABLED <-> NETBIOS SMB negotiate protocol request - ascii strings (netbios.rules)
 * 1:17229 <-> ENABLED <-> FILE-IDENTIFY Tiff little endian file magic detected (file-identify.rules)
 * 1:17241 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Media wmv file download request (file-identify.rules)
 * 1:17259 <-> ENABLED <-> FILE-IDENTIFY MOV file download request (file-identify.rules)
 * 1:21288 <-> ENABLED <-> FILE-IDENTIFY XML download detected (file-identify.rules)
 * 1:21749 <-> ENABLED <-> FILE-IDENTIFY HPJ file attachment detected (file-identify.rules)
 * 1:21809 <-> ENABLED <-> FILE-IDENTIFY Adobe Download Manager aom file attachment detected (file-identify.rules)
 * 1:21814 <-> ENABLED <-> FILE-IDENTIFY Apple Quicktime FLIC file magic detected (file-identify.rules)
 * 1:21856 <-> ENABLED <-> FILE-IDENTIFY ZIP file attachment detected (file-identify.rules)
 * 1:21864 <-> ENABLED <-> FILE-IDENTIFY Google Chrome extension file attachment detected (file-identify.rules)
 * 1:21868 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Fax Cover page document file attachment detected (file-identify.rules)
 * 1:21870 <-> ENABLED <-> FILE-IDENTIFY CNT file attachment detected (file-identify.rules)
 * 1:21871 <-> ENABLED <-> FILE-IDENTIFY CNT file attachment detected (file-identify.rules)
 * 1:21872 <-> ENABLED <-> FILE-IDENTIFY GIF file attachment detected (file-identify.rules)
 * 1:21873 <-> ENABLED <-> FILE-IDENTIFY GIF file attachment detected (file-identify.rules)
 * 1:21884 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Publisher file attachment detected (file-identify.rules)
 * 1:24901 <-> ENABLED <-> FILE-IDENTIFY JNLP file download request (file-identify.rules)
 * 1:25033 <-> ENABLED <-> FILE-IDENTIFY Microsoft Silverlight application file attachment detected (file-identify.rules)
 * 1:25305 <-> ENABLED <-> FILE-IDENTIFY Adobe Audition Session file magic detected (file-identify.rules)
 * 1:25513 <-> ENABLED <-> FILE-IDENTIFY Portable Executable download detected (file-identify.rules)
 * 1:25680 <-> ENABLED <-> FILE-IDENTIFY Adobe Flash Player embedded compact font detected (file-identify.rules)
 * 1:25801 <-> ENABLED <-> EXPLOIT-KIT Stamp exploit kit jar file request (exploit-kit.rules)
 * 1:26058 <-> ENABLED <-> FILE-IDENTIFY ZIP file attachment detected (file-identify.rules)
 * 1:26357 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows RDP ActiveX component mstscax use after free attempt (browser-plugins.rules)
 * 1:26361 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows RDP ActiveX component mstscax use after free attempt (browser-plugins.rules)
 * 1:26365 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows RDP ActiveX component mstscax use after free attempt (browser-plugins.rules)
 * 1:26465 <-> ENABLED <-> FILE-IDENTIFY XUL file attachment detected (file-identify.rules)
 * 1:26494 <-> ENABLED <-> FILE-IDENTIFY KingView KingMessage log file attachment detected (file-identify.rules)
 * 1:27113 <-> ENABLED <-> EXPLOIT-KIT DotkaChef/Rmayana/DotCache exploit kit Zeroaccess download attempt (exploit-kit.rules)
 * 1:27741 <-> ENABLED <-> EXPLOIT-KIT Zip file downloaded by Java (exploit-kit.rules)
 * 1:27876 <-> ENABLED <-> EXPLOIT-KIT DotkaChef/Rmayana/DotCache exploit kit Zeroaccess download (exploit-kit.rules)
 * 1:28111 <-> ENABLED <-> EXPLOIT-KIT Nuclear/Magnitude exploit kit post Java compromise download attempt (exploit-kit.rules)
 * 1:28199 <-> ENABLED <-> EXPLOIT-KIT Bleeding Life exploit kit module call (exploit-kit.rules)
 * 1:28476 <-> ENABLED <-> EXPLOIT-KIT Neutrino exploit kit outbound request by Java - generic detection (exploit-kit.rules)
 * 1:28629 <-> DISABLED <-> INDICATOR-OBFUSCATION obfuscated script encoding detected (indicator-obfuscation.rules)
 * 1:28896 <-> ENABLED <-> FILE-IDENTIFY eSignal .quo file attachment detected (file-identify.rules)
 * 1:28900 <-> ENABLED <-> FILE-IDENTIFY eSignal .sum file attachment detected (file-identify.rules)
 * 1:29165 <-> ENABLED <-> EXPLOIT-KIT CritX exploit kit outbound jar request (exploit-kit.rules)
 * 1:29384 <-> ENABLED <-> FILE-IDENTIFY Adobe AIR file download request (file-identify.rules)
 * 1:29406 <-> ENABLED <-> FILE-IDENTIFY Microsoft Internet Shortcut file attachment detected (file-identify.rules)
 * 1:29612 <-> ENABLED <-> FILE-IDENTIFY XPS file attachment detected (file-identify.rules)
 * 1:30002 <-> ENABLED <-> EXPLOIT-KIT Hello/LightsOut exploit kit Java download attempt (exploit-kit.rules)
 * 1:30017 <-> ENABLED <-> FILE-IDENTIFY OS/2 Metafile file magic detected (file-identify.rules)
 * 1:30768 <-> ENABLED <-> EXPLOIT-KIT Magnitude exploit kit Oracle Java payload request (exploit-kit.rules)
 * 1:31278 <-> ENABLED <-> EXPLOIT-KIT CottonCastle exploit kit Oracle java outbound connection (exploit-kit.rules)
 * 1:3137 <-> ENABLED <-> NETBIOS SMB-DS Trans2 QUERY_FILE_INFO attempt (netbios.rules)
 * 1:31407 <-> ENABLED <-> BROWSER-PLUGINS Adobe Reader 11 messageHandler ActiveX access attempt (browser-plugins.rules)
 * 1:31410 <-> ENABLED <-> BROWSER-PLUGINS Adobe Reader 11 messageHandler ActiveX access attempt (browser-plugins.rules)
 * 1:31525 <-> ENABLED <-> SERVER-OTHER HP AutoPass License Server CommunicationServlet directory traversal attempt (server-other.rules)
 * 1:31773 <-> ENABLED <-> FILE-IDENTIFY BitTorrent torrent file attachment detected (file-identify.rules)
 * 1:31823 <-> ENABLED <-> SERVER-WEBAPP AlienVault OSSIM remote_task command injection attempt (server-webapp.rules)
 * 1:32165 <-> ENABLED <-> FILE-IDENTIFY SVG file magic detected (file-identify.rules)
 * 1:32253 <-> ENABLED <-> FILE-IDENTIFY Basic Control Engine file download request (file-identify.rules)
 * 1:32378 <-> ENABLED <-> FILE-IDENTIFY bmp file attachment detected (file-identify.rules)
 * 1:32523 <-> DISABLED <-> BROWSER-OTHER FreeBSD tnftp fetch_url client side command injection attempt (browser-other.rules)
 * 1:32710 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer XSS filter bypass attempt (browser-ie.rules)
 * 1:32785 <-> ENABLED <-> FILE-FLASH Adobe Flash Player parseFloat stack overflow remote code execution attempt (file-flash.rules)
 * 1:33027 <-> ENABLED <-> FILE-IDENTIFY Publish-iT PUI file attachment detected (file-identify.rules)
 * 1:33072 <-> DISABLED <-> BROWSER-PLUGINS Attachmate Reflection FTP Client ActiveX clsid access attempt (browser-plugins.rules)
 * 1:33570 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CTableLayout memory corruption attempt (browser-ie.rules)
 * 1:34106 <-> DISABLED <-> SERVER-WEBAPP Novell ZENworks Configuration Management directory traversal attempt (server-webapp.rules)
 * 1:35432 <-> ENABLED <-> FILE-IDENTIFY M4A file magic detected (file-identify.rules)

2016-03-03 20:39:44 UTC

Snort Subscriber Rules Update

Date: 2016-03-03

This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 2976.

The format of the file is:

gid:sid <-> Default rule state <-> Message (rule group)

New Rules:


 * 1:38036 <-> DISABLED <-> POLICY-OTHER PDF containing Action key download detected (policy-other.rules)
 * 1:38039 <-> DISABLED <-> POLICY-OTHER PDF ActiveX CLSID access detected (policy-other.rules)
 * 1:38040 <-> DISABLED <-> POLICY-OTHER PDF containing mluc tag object download detected (policy-other.rules)
 * 1:38041 <-> DISABLED <-> POLICY-OTHER PDF containing U3D object download detected (policy-other.rules)
 * 1:38042 <-> DISABLED <-> POLICY-OTHER PDF containing Launch key download detected (policy-other.rules)
 * 1:38043 <-> DISABLED <-> POLICY-OTHER PDF containing Action key download detected (policy-other.rules)
 * 1:38044 <-> DISABLED <-> POLICY-OTHER PDF containing AcroForm key download detected (policy-other.rules)
 * 1:38045 <-> DISABLED <-> POLICY-OTHER PDF ActiveX CLSID access detected (policy-other.rules)
 * 1:38046 <-> DISABLED <-> POLICY-OTHER PDF ActiveX CLSID access detected (policy-other.rules)
 * 1:38047 <-> DISABLED <-> POLICY-OTHER PDF containing mluc tag object download detected (policy-other.rules)
 * 1:38048 <-> DISABLED <-> POLICY-OTHER PDF containing U3D object download detected (policy-other.rules)
 * 1:38049 <-> DISABLED <-> SERVER-WEBAPP Centreon Web Interface index.php command injection attempt (server-webapp.rules)
 * 1:38050 <-> DISABLED <-> POLICY-OTHER SWF containing defaultValue function download detected (policy-other.rules)
 * 1:38051 <-> DISABLED <-> POLICY-OTHER SWF containing domainMemory function download detected (policy-other.rules)
 * 1:38052 <-> DISABLED <-> POLICY-OTHER SWF containing parseFloat function download detected (policy-other.rules)
 * 1:38053 <-> DISABLED <-> POLICY-OTHER SWF containing getDefinitionByName function download detected (policy-other.rules)
 * 1:38054 <-> DISABLED <-> POLICY-OTHER SWF containing protoType.valueOf function download detected (policy-other.rules)
 * 1:38055 <-> DISABLED <-> POLICY-OTHER SWF containing defaultValue function download detected (policy-other.rules)
 * 1:38056 <-> DISABLED <-> POLICY-OTHER SWF containing domainMemory function download detected (policy-other.rules)
 * 1:38057 <-> DISABLED <-> POLICY-OTHER SWF containing parseFloat function download detected (policy-other.rules)
 * 1:38058 <-> DISABLED <-> POLICY-OTHER SWF containing getDefinitionByName function download detected (policy-other.rules)
 * 1:38059 <-> DISABLED <-> POLICY-OTHER SWF containing protoType.valueOf function download detected (policy-other.rules)
 * 1:38060 <-> DISABLED <-> POLICY-OTHER SSLv2 Client Hello attempt (policy-other.rules)
 * 1:38030 <-> DISABLED <-> POLICY-OTHER SWF containing ExternalInterface function download detected (policy-other.rules)
 * 1:38024 <-> DISABLED <-> FILE-FLASH suspicious SWF with large DefineBinaryData tag (file-flash.rules)
 * 1:38023 <-> DISABLED <-> FILE-FLASH CreateFileA shellcode found in flash file (file-flash.rules)
 * 1:37966 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer covered object memory corruption attempt (browser-ie.rules)
 * 1:38018 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Dridex outbound connection attempt (malware-cnc.rules)
 * 1:37904 <-> DISABLED <-> INDICATOR-OBFUSCATION fromCharcode known obfuscation attempt (indicator-obfuscation.rules)
 * 1:38013 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer getBoundingClientRect incorrect rebalancing attempt (browser-ie.rules)
 * 1:37892 <-> DISABLED <-> INDICATOR-OBFUSCATION DNS tunneling attempt (indicator-obfuscation.rules)
 * 1:37920 <-> DISABLED <-> FILE-OFFICE Microsoft Office Publisher pubconv.dll corruption attempt (file-office.rules)
 * 1:37941 <-> DISABLED <-> SERVER-WEBAPP AlienVault OSSIM a_deployment.php command injection attempt (server-webapp.rules)
 * 1:37939 <-> ENABLED <-> FILE-MULTIMEDIA Adobe Flash pixel bender buffer overflow attempt (file-multimedia.rules)
 * 1:37987 <-> DISABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules)
 * 1:37945 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer deleted object access memory corruption attempt (browser-ie.rules)
 * 1:37992 <-> DISABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules)
 * 1:37919 <-> ENABLED <-> EXPLOIT-KIT Gong da exploit kit landing page (exploit-kit.rules)
 * 1:37908 <-> DISABLED <-> INDICATOR-OBFUSCATION javascript with hex variable names (indicator-obfuscation.rules)
 * 1:37924 <-> ENABLED <-> FILE-FLASH Adobe Flash Player atomicCompareAndSwapLength integer overflow attempt (file-flash.rules)
 * 1:37932 <-> ENABLED <-> FILE-FLASH Adobe Flash Player atomicCompareAndSwapLength integer overflow attempt (file-flash.rules)
 * 1:37972 <-> DISABLED <-> INDICATOR-OBFUSCATION obfuscated script encoding detected (indicator-obfuscation.rules)
 * 1:37915 <-> DISABLED <-> POLICY-OTHER SSL/TLS weak RC4 cipher suite use attempt (policy-other.rules)
 * 1:37928 <-> ENABLED <-> FILE-FLASH Adobe Flash Player atomicCompareAndSwapLength integer overflow attempt (file-flash.rules)
 * 1:37898 <-> DISABLED <-> FILE-OTHER Oracle Outside In tag parsing buffer overflow attempt (file-other.rules)
 * 1:37936 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer malformed table tag memory corruption attempt (browser-ie.rules)
 * 1:37921 <-> DISABLED <-> FILE-OFFICE Microsoft Office Publisher tyo.oty field heap overflow attempt (file-office.rules)
 * 1:38007 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows RDP ActiveX component mstscax use after free attempt (browser-plugins.rules)
 * 1:37963 <-> DISABLED <-> INDICATOR-COMPROMISE malicious file download attempt (indicator-compromise.rules)
 * 1:37996 <-> DISABLED <-> BROWSER-PLUGINS IE MsRdpClient ActiveX attempt (browser-plugins.rules)
 * 1:37951 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer FTP client directory traversal attempt (browser-ie.rules)
 * 1:37969 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer DataView use-after-free attempt (browser-ie.rules)
 * 1:37882 <-> DISABLED <-> BROWSER-PLUGINS IBM SizerOne ActiveX clsid access attempt (browser-plugins.rules)
 * 1:37997 <-> DISABLED <-> BROWSER-PLUGINS IE MsRdpClient ActiveX attempt (browser-plugins.rules)
 * 1:37900 <-> DISABLED <-> BROWSER-PLUGINS Attachmate Reflection ActiveX buffer overflow clsid attempt (browser-plugins.rules)
 * 1:37946 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer invalid object access memory corruption attempt (browser-ie.rules)
 * 1:38000 <-> DISABLED <-> BROWSER-PLUGINS IE MsRdpClient ActiveX attempt (browser-plugins.rules)
 * 1:37958 <-> ENABLED <-> EXPLOIT-KIT Angler exploit kit viewthread uri request attempt (exploit-kit.rules)
 * 1:37937 <-> ENABLED <-> FILE-MULTIMEDIA Adobe Flash pixel bender buffer overflow attempt (file-multimedia.rules)
 * 1:37907 <-> DISABLED <-> INDICATOR-OBFUSCATION javascript unicode escape variable name attempt (indicator-obfuscation.rules)
 * 1:37979 <-> DISABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules)
 * 1:37918 <-> ENABLED <-> EXPLOIT-KIT Magnitude exploit kit Internet Explorer exploit attempt (exploit-kit.rules)
 * 1:37885 <-> DISABLED <-> BROWSER-PLUGINS IBM Tivoli Provisioning Manager Express ActiveX clsid access attempt (browser-plugins.rules)
 * 1:37895 <-> DISABLED <-> FILE-OTHER Oracle Outside In tag parsing buffer overflow attempt (file-other.rules)
 * 1:38006 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows RDP ActiveX component mstscax use after free attempt (browser-plugins.rules)
 * 1:37967 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer covered object memory corruption attempt (browser-ie.rules)
 * 1:37923 <-> ENABLED <-> FILE-FLASH Adobe Flash Player atomicCompareAndSwapLength integer overflow attempt (file-flash.rules)
 * 1:37978 <-> DISABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules)
 * 1:37881 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer DOM mergeAttributes memory corruption attempt (browser-ie.rules)
 * 1:37875 <-> DISABLED <-> BROWSER-PLUGINS Novell ZENworks LaunchHelp.dll ActiveX clsid access attempt (browser-plugins.rules)
 * 1:38010 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows RDP ActiveX component mstscax use after free attempt (browser-plugins.rules)
 * 1:37942 <-> DISABLED <-> SERVER-WEBAPP AlienVault OSSIM a_deployment.php command injection attempt (server-webapp.rules)
 * 1:37926 <-> ENABLED <-> FILE-FLASH Adobe Flash Player atomicCompareAndSwapLength integer overflow attempt (file-flash.rules)
 * 1:37956 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer boundElements arbitrary code execution attempt (browser-ie.rules)
 * 1:37887 <-> DISABLED <-> OS-WINDOWS DCERPC Plug and Play registry key access buffer overflow attempt (os-windows.rules)
 * 1:37952 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer FTP client directory traversal attempt (browser-ie.rules)
 * 1:37985 <-> DISABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules)
 * 1:37933 <-> ENABLED <-> FILE-FLASH Adobe Flash Player atomicCompareAndSwapLength integer overflow attempt (file-flash.rules)
 * 1:37968 <-> DISABLED <-> SERVER-WEBAPP Apache HTTP server potential cookie disclosure attempt (server-webapp.rules)
 * 1:37902 <-> DISABLED <-> BROWSER-PLUGINS Attachmate Reflection ActiveX buffer overflow function call attempt (browser-plugins.rules)
 * 1:37947 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer invalid object access memory corruption attempt (browser-ie.rules)
 * 1:37970 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer DataView use-after-free attempt (browser-ie.rules)
 * 1:37894 <-> DISABLED <-> FILE-OTHER Oracle Outside In tag parsing buffer overflow attempt (file-other.rules)
 * 1:37977 <-> DISABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules)
 * 1:37927 <-> ENABLED <-> FILE-FLASH Adobe Flash Player atomicCompareAndSwapLength integer overflow attempt (file-flash.rules)
 * 1:37886 <-> DISABLED <-> OS-WINDOWS DCERPC Plug and Play registry key access buffer overflow attempt (os-windows.rules)
 * 1:37891 <-> DISABLED <-> INDICATOR-OBFUSCATION DNS tunneling attempt (indicator-obfuscation.rules)
 * 1:37988 <-> DISABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules)
 * 1:37883 <-> DISABLED <-> BROWSER-PLUGINS IBM SizerOne ActiveX clsid access attempt (browser-plugins.rules)
 * 1:37877 <-> DISABLED <-> FILE-IMAGE Microsoft Windows GDI metafile integer overflow attempt (file-image.rules)
 * 1:37901 <-> DISABLED <-> BROWSER-PLUGINS Attachmate Reflection ActiveX buffer overflow function call attempt (browser-plugins.rules)
 * 1:37930 <-> ENABLED <-> FILE-FLASH Adobe Flash Player atomicCompareAndSwapLength integer overflow attempt (file-flash.rules)
 * 1:37890 <-> DISABLED <-> SERVER-WEBAPP Netgear ProSafe NMS arbitrary JSP file upload attempt (server-webapp.rules)
 * 1:37943 <-> DISABLED <-> SERVER-WEBAPP AlienVault OSSIM a_deployment.php command injection attempt (server-webapp.rules)
 * 1:37931 <-> ENABLED <-> FILE-FLASH Adobe Flash Player atomicCompareAndSwapLength integer overflow attempt (file-flash.rules)
 * 1:38002 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows RDP ActiveX component mstscax use after free attempt (browser-plugins.rules)
 * 1:37880 <-> DISABLED <-> POLICY-OTHER Symantec Workspace Streaming insecure java serialized data upload attempt (policy-other.rules)
 * 1:38011 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows RDP ActiveX component mstscax use after free attempt (browser-plugins.rules)
 * 1:37964 <-> DISABLED <-> DELETED INDICATOR-OBFUSCATION third party PDF compression detected (deleted.rules)
 * 1:38001 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows RDP ActiveX component mstscax use after free attempt (browser-plugins.rules)
 * 1:37879 <-> DISABLED <-> FILE-IMAGE Microsoft Windows GDI metafile integer overflow attempt (file-image.rules)
 * 1:38012 <-> DISABLED <-> SERVER-WEBAPP Alienvault OSSIM graph_geoloc.php SQL injection attempt (server-webapp.rules)
 * 1:37925 <-> ENABLED <-> FILE-FLASH Adobe Flash Player atomicCompareAndSwapLength integer overflow attempt (file-flash.rules)
 * 1:37990 <-> DISABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules)
 * 1:37980 <-> DISABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules)
 * 1:37961 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer long URL buffer overflow attempt (browser-ie.rules)
 * 1:37975 <-> DISABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules)
 * 1:38008 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows RDP ActiveX component mstscax use after free attempt (browser-plugins.rules)
 * 1:37989 <-> DISABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules)
 * 1:37971 <-> DISABLED <-> INDICATOR-OBFUSCATION obfuscated script encoding detected (indicator-obfuscation.rules)
 * 1:37935 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer malformed table tag memory corruption attempt (browser-ie.rules)
 * 1:37984 <-> DISABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules)
 * 1:37960 <-> DISABLED <-> SERVER-OTHER Pidgin MSN MSNP2P message integer overflow attempt (server-other.rules)
 * 1:37957 <-> ENABLED <-> EXPLOIT-KIT Angler exploit kit view uri request attempt (exploit-kit.rules)
 * 1:37955 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer boundElements arbitrary code execution attempt (browser-ie.rules)
 * 1:37874 <-> DISABLED <-> BROWSER-PLUGINS Novell ZENworks LaunchHelp.dll ActiveX clsid access attempt (browser-plugins.rules)
 * 1:37913 <-> DISABLED <-> POLICY-OTHER SSL/TLS weak RC4 cipher suite use attempt (policy-other.rules)
 * 1:37893 <-> DISABLED <-> FILE-OTHER Oracle Outside In tag parsing buffer overflow attempt (file-other.rules)
 * 1:37974 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer onscroll DOS attempt (browser-ie.rules)
 * 1:37922 <-> ENABLED <-> FILE-FLASH Adobe Flash Player atomicCompareAndSwapLength integer overflow attempt (file-flash.rules)
 * 1:37888 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer dynamic page reloading memory corruption attempt (browser-ie.rules)
 * 1:38005 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows RDP ActiveX component mstscax use after free attempt (browser-plugins.rules)
 * 1:37983 <-> DISABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules)
 * 1:37962 <-> DISABLED <-> SERVER-WEBAPP PHP htmlspecialchars htmlentities function buffer overflow attempt (server-webapp.rules)
 * 1:37994 <-> DISABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules)
 * 1:37905 <-> DISABLED <-> INDICATOR-OBFUSCATION javascript charset concatentation attempt (indicator-obfuscation.rules)
 * 1:37910 <-> DISABLED <-> FILE-PDF Adobe Acrobat and Reader U3D Buffer Overflow buffer overflow attempt (file-pdf.rules)
 * 1:37986 <-> DISABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules)
 * 1:37884 <-> DISABLED <-> BROWSER-PLUGINS IBM Tivoli Provisioning Manager Express ActiveX clsid access attempt (browser-plugins.rules)
 * 1:37973 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer onscroll DOS attempt (browser-ie.rules)
 * 1:37878 <-> DISABLED <-> FILE-IMAGE Microsoft Windows GDI metafile integer overflow attempt (file-image.rules)
 * 1:37953 <-> DISABLED <-> SERVER-WEBAPP Adobe RoboHelp r0 SQL injection attempt (server-webapp.rules)
 * 1:38003 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows RDP ActiveX component mstscax use after free attempt (browser-plugins.rules)
 * 1:37876 <-> DISABLED <-> FILE-IMAGE Microsoft Windows GDI metafile integer overflow attempt (file-image.rules)
 * 1:37914 <-> DISABLED <-> POLICY-OTHER SSL/TLS weak RC4 cipher suite use attempt (policy-other.rules)
 * 1:37995 <-> DISABLED <-> BROWSER-PLUGINS IE MsRdpClient ActiveX attempt (browser-plugins.rules)
 * 1:37938 <-> ENABLED <-> FILE-MULTIMEDIA Adobe Flash pixel bender buffer overflow attempt (file-multimedia.rules)
 * 1:37999 <-> DISABLED <-> BROWSER-PLUGINS IE MsRdpClient ActiveX attempt (browser-plugins.rules)
 * 1:37917 <-> DISABLED <-> SERVER-WEBAPP AMX backdoor username login attempt (server-webapp.rules)
 * 1:37903 <-> DISABLED <-> INDICATOR-OBFUSCATION fromCharcode known obfuscation attempt (indicator-obfuscation.rules)
 * 1:37981 <-> DISABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules)
 * 1:37940 <-> ENABLED <-> FILE-MULTIMEDIA Adobe Flash pixel bender buffer overflow attempt (file-multimedia.rules)
 * 1:37911 <-> DISABLED <-> FILE-PDF Adobe Acrobat and Reader U3D Buffer Overflow buffer overflow attempt (file-pdf.rules)
 * 1:38009 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows RDP ActiveX component mstscax use after free attempt (browser-plugins.rules)
 * 1:37954 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer boundElements arbitrary code execution attempt (browser-ie.rules)
 * 1:37993 <-> DISABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules)
 * 1:37896 <-> DISABLED <-> FILE-OTHER Oracle Outside In tag parsing buffer overflow attempt (file-other.rules)
 * 1:37909 <-> DISABLED <-> INDICATOR-OBFUSCATION known javascript packer detected (indicator-obfuscation.rules)
 * 1:37949 <-> DISABLED <-> INDICATOR-OBFUSCATION download of heavily compressed PDF attempt (indicator-obfuscation.rules)
 * 1:37944 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer invalid object access memory corruption attempt (browser-ie.rules)
 * 1:37899 <-> DISABLED <-> BROWSER-PLUGINS Attachmate Reflection ActiveX buffer overflow clsid attempt (browser-plugins.rules)
 * 1:37906 <-> DISABLED <-> INDICATOR-OBFUSCATION javascript known obfuscation method attempt (indicator-obfuscation.rules)
 * 1:37965 <-> DISABLED <-> DELETED INDICATOR-OBFUSCATION third party PDF compression detected (deleted.rules)
 * 1:37929 <-> ENABLED <-> FILE-FLASH Adobe Flash Player atomicCompareAndSwapLength integer overflow attempt (file-flash.rules)
 * 1:37959 <-> DISABLED <-> FILE-MULTIMEDIA Apple iTunes PLS file parsing buffer overflow attempt (file-multimedia.rules)
 * 1:37950 <-> DISABLED <-> INDICATOR-OBFUSCATION email of heavily compressed PDF attempt (indicator-obfuscation.rules)
 * 1:37897 <-> DISABLED <-> FILE-OTHER Oracle Outside In tag parsing buffer overflow attempt (file-other.rules)
 * 1:38004 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows RDP ActiveX component mstscax use after free attempt (browser-plugins.rules)
 * 1:37912 <-> DISABLED <-> POLICY-OTHER SSL/TLS weak RC4 cipher suite use attempt (policy-other.rules)
 * 1:37991 <-> DISABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules)
 * 1:37948 <-> DISABLED <-> INDICATOR-OBFUSCATION known malicious JavaScript decryption routine (indicator-obfuscation.rules)
 * 1:37916 <-> DISABLED <-> POLICY-OTHER SSL/TLS weak RC4 cipher suite use attempt (policy-other.rules)
 * 1:37982 <-> DISABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules)
 * 1:37976 <-> DISABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules)
 * 1:37998 <-> DISABLED <-> BROWSER-PLUGINS IE MsRdpClient ActiveX attempt (browser-plugins.rules)
 * 1:37889 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer dynamic page reloading memory corruption attempt (browser-ie.rules)
 * 1:38014 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer getBoundingClientRect incorrect rebalancing attempt (browser-ie.rules)
 * 1:38028 <-> DISABLED <-> POLICY-OTHER SWF containing loadBytes function download detected (policy-other.rules)
 * 1:38034 <-> DISABLED <-> POLICY-OTHER SWF containing allowLoadBytesCodeExecution function download detected (policy-other.rules)
 * 1:38035 <-> DISABLED <-> POLICY-OTHER PDF containing Launch key download detected (policy-other.rules)
 * 1:38033 <-> DISABLED <-> POLICY-OTHER SWF containing allowLoadBytesCodeExecution download detected  (policy-other.rules)
 * 1:38032 <-> DISABLED <-> POLICY-OTHER SWF containing atomicCompareAndSwapLength function download detected (policy-other.rules)
 * 1:38019 <-> DISABLED <-> DELETED EXPLOIT-KIT Angler exploit kit search uri request attempt (deleted.rules)
 * 1:38020 <-> DISABLED <-> FILE-FLASH CreateFileA shellcode found in flash file (file-flash.rules)
 * 1:38027 <-> DISABLED <-> POLICY-OTHER SWF containing ExternalInterface function download detected (policy-other.rules)
 * 1:38022 <-> DISABLED <-> FILE-FLASH SWF with RC4 decryption routine detected (file-flash.rules)
 * 1:38025 <-> DISABLED <-> FILE-FLASH suspicious SWF with large DefineBinaryData tag (file-flash.rules)
 * 1:38016 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer DOM manipulation memory corruption attempt (browser-ie.rules)
 * 1:38021 <-> DISABLED <-> FILE-FLASH suspicious SWF with large DefineBinaryData tag (file-flash.rules)
 * 1:38017 <-> ENABLED <-> MALWARE-CNC Win.Trojan.TeslaCrypt server reply (malware-cnc.rules)
 * 1:38015 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer DOM manipulation memory corruption attempt (browser-ie.rules)
 * 1:38031 <-> DISABLED <-> POLICY-OTHER SWF containing loadBytes function download detected (policy-other.rules)
 * 1:38026 <-> DISABLED <-> FILE-FLASH SWF with RC4 decryption routine detected (file-flash.rules)
 * 1:38029 <-> DISABLED <-> POLICY-OTHER SWF containing atomicCompareAndSwapLength function download detected (policy-other.rules)
 * 1:38037 <-> DISABLED <-> POLICY-OTHER PDF containing AcroForm key download detected (policy-other.rules)
 * 1:38038 <-> DISABLED <-> POLICY-OTHER PDF ActiveX CLSID access detected (policy-other.rules)

Modified Rules:


 * 1:16760 <-> ENABLED <-> NETBIOS SMB /PlughNTCommand unicode andx create tree attempt (netbios.rules)
 * 1:24902 <-> ENABLED <-> FILE-IDENTIFY JNLP file attachment detected (file-identify.rules)
 * 1:17314 <-> ENABLED <-> FILE-IDENTIFY OLE document file magic detected (file-identify.rules)
 * 1:17327 <-> ENABLED <-> SERVER-MAIL Qualcomm WorldMail Server Response (server-mail.rules)
 * 1:17359 <-> ENABLED <-> FILE-IDENTIFY XBM image file download request (file-identify.rules)
 * 1:17332 <-> ENABLED <-> SERVER-MAIL Content-Disposition attachment (server-mail.rules)
 * 1:17364 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Help Workshop CNT Help file download request (file-identify.rules)
 * 1:17370 <-> ENABLED <-> SERVER-WEBAPP Squid authentication headers handling denial of service attempt (server-webapp.rules)
 * 1:17380 <-> ENABLED <-> FILE-IDENTIFY PNG file download request (file-identify.rules)
 * 1:17396 <-> ENABLED <-> SERVER-OTHER VNC client authentication response (server-other.rules)
 * 1:17394 <-> ENABLED <-> FILE-IDENTIFY GIF file download request (file-identify.rules)
 * 1:17418 <-> ENABLED <-> SERVER-ORACLE Oracle connection established (server-oracle.rules)
 * 1:17426 <-> ENABLED <-> FILE-IDENTIFY RAT file download request (file-identify.rules)
 * 1:17441 <-> ENABLED <-> FILE-IDENTIFY LNK file download request (file-identify.rules)
 * 1:17509 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows .NET Manifest file download request (file-identify.rules)
 * 1:17494 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer long URL buffer overflow attempt (browser-ie.rules)
 * 1:17534 <-> ENABLED <-> SERVER-OTHER IPP Application Content (server-other.rules)
 * 1:17540 <-> ENABLED <-> FILE-IDENTIFY LZH file download request (file-identify.rules)
 * 1:17547 <-> ENABLED <-> FILE-IDENTIFY SMIL file download request (file-identify.rules)
 * 1:17552 <-> ENABLED <-> FILE-IDENTIFY Adobe Pagemaker file download request (file-identify.rules)
 * 1:17575 <-> DISABLED <-> BROWSER-PLUGINS IBM SizerOne ActiveX clsid access attempt (browser-plugins.rules)
 * 1:17598 <-> ENABLED <-> SERVER-OTHER IBM DB2 Universal Database accsec command without rdbnam (server-other.rules)
 * 1:17600 <-> ENABLED <-> FILE-IDENTIFY XUL file download request (file-identify.rules)
 * 1:17679 <-> ENABLED <-> FILE-IDENTIFY Apple disk image file download request (file-identify.rules)
 * 1:17732 <-> ENABLED <-> FILE-IDENTIFY TIFF file download request (file-identify.rules)
 * 1:17733 <-> ENABLED <-> FILE-IDENTIFY XML file download request (file-identify.rules)
 * 1:17739 <-> ENABLED <-> FILE-IDENTIFY FlashPix file download request (file-identify.rules)
 * 1:17745 <-> ENABLED <-> NETBIOS SMB TRANS2 Find_First2 request attempt (netbios.rules)
 * 1:17751 <-> ENABLED <-> FILE-IDENTIFY OpenType Font file download request (file-identify.rules)
 * 1:17801 <-> ENABLED <-> FILE-IDENTIFY Adobe Director Movie file magic detected (file-identify.rules)
 * 1:17802 <-> ENABLED <-> FILE-IDENTIFY Adobe Director Movie file download request (file-identify.rules)
 * 1:17809 <-> ENABLED <-> FILE-IDENTIFY Apple Quicktime qt file download request (file-identify.rules)
 * 1:18234 <-> ENABLED <-> FILE-IDENTIFY QuickDraw/PICT file download request (file-identify.rules)
 * 1:18516 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Word file download request (file-identify.rules)
 * 1:18239 <-> DISABLED <-> INDICATOR-OBFUSCATION known malicious JavaScript decryption routine (indicator-obfuscation.rules)
 * 1:18593 <-> ENABLED <-> FILE-IDENTIFY BitTorrent torrent file download request (file-identify.rules)
 * 1:18675 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Fax Cover page document file download request (file-identify.rules)
 * 1:19128 <-> ENABLED <-> FILE-IDENTIFY RealNetworks Realplayer REC file magic detected (file-identify.rules)
 * 1:19129 <-> ENABLED <-> FILE-IDENTIFY RealNetworks Realplayer .r1m file magic detected (file-identify.rules)
 * 1:19149 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer malformed table tag memory corruption attempt (browser-ie.rules)
 * 1:19150 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer malformed table tag memory corruption attempt (browser-ie.rules)
 * 1:19166 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Excel file magic detected (file-identify.rules)
 * 1:19190 <-> ENABLED <-> NETBIOS SMB-DS Trans2 Distributed File System GET_DFS_REFERRAL request (netbios.rules)
 * 1:19211 <-> ENABLED <-> FILE-IDENTIFY ZIP archive file download request (file-identify.rules)
 * 1:19218 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Fax Cover page document file download request (file-identify.rules)
 * 1:19215 <-> ENABLED <-> FILE-IDENTIFY Google Chrome extension file download request (file-identify.rules)
 * 1:19224 <-> ENABLED <-> FILE-IDENTIFY Cisco Webex wrf file download request (file-identify.rules)
 * 1:17230 <-> ENABLED <-> FILE-IDENTIFY Tiff big endian file magic detected (file-identify.rules)
 * 1:19289 <-> ENABLED <-> FILE-IDENTIFY MHTML file download request (file-identify.rules)
 * 1:19422 <-> ENABLED <-> FILE-IDENTIFY matroska file magic detected (file-identify.rules)
 * 1:19423 <-> ENABLED <-> FILE-IDENTIFY MKV file download request (file-identify.rules)
 * 1:19424 <-> ENABLED <-> FILE-IDENTIFY MKA file download request (file-identify.rules)
 * 1:19425 <-> ENABLED <-> FILE-IDENTIFY MKS file download request (file-identify.rules)
 * 1:19430 <-> ENABLED <-> FILE-IDENTIFY MIDI file download request (file-identify.rules)
 * 1:20032 <-> ENABLED <-> FILE-IDENTIFY MIME file type file download request (file-identify.rules)
 * 1:19907 <-> ENABLED <-> FILE-IDENTIFY PICT file magic detected (file-identify.rules)
 * 1:19560 <-> DISABLED <-> FILE-MULTIMEDIA Apple iTunes PLS file parsing buffer overflow attempt (file-multimedia.rules)
 * 1:20223 <-> ENABLED <-> FILE-IDENTIFY SMI file download request (file-identify.rules)
 * 1:20260 <-> ENABLED <-> FILE-IDENTIFY Microsoft Client Agent Helper JAR file download request (file-identify.rules)
 * 1:20429 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader U3D CLODMeshDeceleration code execution attempt (file-pdf.rules)
 * 1:24824 <-> ENABLED <-> FILE-IDENTIFY RealPlayer skin file download request (file-identify.rules)
 * 1:24901 <-> ENABLED <-> FILE-IDENTIFY JNLP file download request (file-identify.rules)
 * 1:20282 <-> ENABLED <-> FILE-IDENTIFY S3M file download request (file-identify.rules)
 * 1:25032 <-> ENABLED <-> FILE-IDENTIFY Microsoft Silverlight application file download request (file-identify.rules)
 * 1:20262 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer onscroll DOS attempt (browser-ie.rules)
 * 1:25033 <-> ENABLED <-> FILE-IDENTIFY Microsoft Silverlight application file attachment detected (file-identify.rules)
 * 1:25034 <-> ENABLED <-> FILE-IDENTIFY Microsoft Silverlight application file attachment detected (file-identify.rules)
 * 1:21061 <-> ENABLED <-> FILE-IDENTIFY AVI file attachment detected (file-identify.rules)
 * 1:25064 <-> DISABLED <-> SERVER-WEBAPP PHP htmlspecialchars htmlentities function buffer overflow attempt (server-webapp.rules)
 * 1:25137 <-> ENABLED <-> EXPLOIT-KIT Styx exploit kit jar outbound connection (exploit-kit.rules)
 * 1:20287 <-> ENABLED <-> FILE-IDENTIFY QCP file download request (file-identify.rules)
 * 1:20450 <-> ENABLED <-> FILE-IDENTIFY MPEG video stream file magic detected (file-identify.rules)
 * 1:20456 <-> ENABLED <-> FILE-IDENTIFY RealNetworks Real Media file magic detected (file-identify.rules)
 * 1:20451 <-> ENABLED <-> FILE-IDENTIFY MPEG sys stream file magic detected (file-identify.rules)
 * 1:20459 <-> ENABLED <-> FILE-IDENTIFY GIF file magic detected (file-identify.rules)
 * 1:20463 <-> ENABLED <-> FILE-IDENTIFY JAR/ZIP file magic detected (file-identify.rules)
 * 1:20460 <-> ENABLED <-> FILE-IDENTIFY MP3 file magic detected (file-identify.rules)
 * 1:20465 <-> ENABLED <-> FILE-IDENTIFY JAR/ZIP file magic detected (file-identify.rules)
 * 1:20464 <-> ENABLED <-> FILE-IDENTIFY JAR/ZIP file magic detected (file-identify.rules)
 * 1:20467 <-> ENABLED <-> FILE-IDENTIFY JAR/ZIP file magic detected (file-identify.rules)
 * 1:20466 <-> ENABLED <-> FILE-IDENTIFY JAR/ZIP file magic detected (file-identify.rules)
 * 1:20468 <-> ENABLED <-> FILE-IDENTIFY JAR/ZIP file magic detected (file-identify.rules)
 * 1:20471 <-> ENABLED <-> FILE-IDENTIFY RIFX file magic detected (file-identify.rules)
 * 1:20469 <-> ENABLED <-> FILE-IDENTIFY JAR/ZIP file magic detected (file-identify.rules)
 * 1:20472 <-> ENABLED <-> FILE-IDENTIFY RAR file magic detected (file-identify.rules)
 * 1:20480 <-> ENABLED <-> FILE-IDENTIFY JPEG file magic detection (file-identify.rules)
 * 1:20478 <-> ENABLED <-> FILE-IDENTIFY PNG file magic detected (file-identify.rules)
 * 1:20483 <-> ENABLED <-> FILE-IDENTIFY JPEG file magic detected (file-identify.rules)
 * 1:20481 <-> ENABLED <-> FILE-IDENTIFY MP3 file magic detected (file-identify.rules)
 * 1:20493 <-> ENABLED <-> FILE-IDENTIFY jarpack file magic detected (file-identify.rules)
 * 1:20486 <-> ENABLED <-> FILE-IDENTIFY RTF file magic detected (file-identify.rules)
 * 1:20492 <-> ENABLED <-> FILE-IDENTIFY Universal Binary/Java Bytecode file magic detected (file-identify.rules)
 * 1:20495 <-> ENABLED <-> FILE-IDENTIFY compressed Adobe Shockwave Flash file magic detected (file-identify.rules)
 * 1:20494 <-> ENABLED <-> FILE-IDENTIFY PDF file magic detected (file-identify.rules)
 * 1:20496 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file magic detected (file-identify.rules)
 * 1:20500 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:20497 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file magic detected (file-identify.rules)
 * 1:20502 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:20501 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:20503 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:20507 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file magic detected (file-identify.rules)
 * 1:20514 <-> ENABLED <-> FILE-IDENTIFY dmg file magic detected (file-identify.rules)
 * 1:20521 <-> ENABLED <-> FILE-IDENTIFY Flac file magic detected (file-identify.rules)
 * 1:20518 <-> ENABLED <-> FILE-IDENTIFY rmf file download request (file-identify.rules)
 * 1:20522 <-> ENABLED <-> FILE-IDENTIFY VideoLAN VLC file magic detected (file-identify.rules)
 * 1:20554 <-> ENABLED <-> PUA-OTHER Microsoft MSN Messenger and Windows Live Messenger Code Execution attempt (pua-other.rules)
 * 1:20544 <-> ENABLED <-> FILE-IDENTIFY Adobe Flash Player FLV file download request (file-identify.rules)
 * 1:20634 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer onscroll DOS attempt (browser-ie.rules)
 * 1:20621 <-> ENABLED <-> FILE-IDENTIFY JAR file download request (file-identify.rules)
 * 1:20723 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Word docx file download request (file-identify.rules)
 * 1:20733 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Media Player DVR file download request (file-identify.rules)
 * 1:20792 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Excel file attachment detected (file-identify.rules)
 * 1:20795 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Word file attachment detected (file-identify.rules)
 * 1:20793 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Excel file attachment detected (file-identify.rules)
 * 1:20796 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Word file attachment detected (file-identify.rules)
 * 1:20799 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file attachment detected (file-identify.rules)
 * 1:20798 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file attachment detected (file-identify.rules)
 * 1:20801 <-> ENABLED <-> FILE-IDENTIFY MIME file type file attachment detected (file-identify.rules)
 * 1:20800 <-> ENABLED <-> FILE-IDENTIFY MIME file type file attachment detected (file-identify.rules)
 * 1:20834 <-> DISABLED <-> BROWSER-PLUGINS Novell ZENworks LaunchHelp.dll ActiveX clsid access attempt (browser-plugins.rules)
 * 1:20835 <-> DISABLED <-> BROWSER-PLUGINS Novell ZENworks LaunchHelp.dll ActiveX clsid access attempt (browser-plugins.rules)
 * 1:20839 <-> ENABLED <-> FILE-IDENTIFY eSignal .quo file download request (file-identify.rules)
 * 1:20841 <-> ENABLED <-> FILE-IDENTIFY eSignal .sum file download request (file-identify.rules)
 * 1:20840 <-> ENABLED <-> FILE-IDENTIFY eSignal .por file download request (file-identify.rules)
 * 1:20854 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Visio file attachment detected (file-identify.rules)
 * 1:20874 <-> ENABLED <-> SERVER-OTHER IBM Tivoli Storage Manager Express Backup initialization packet (server-other.rules)
 * 1:20855 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Visio file attachment detected (file-identify.rules)
 * 1:20898 <-> ENABLED <-> FILE-IDENTIFY MIDI file attachment detected (file-identify.rules)
 * 1:20897 <-> ENABLED <-> FILE-IDENTIFY MIDI file magic detected (file-identify.rules)
 * 1:20899 <-> ENABLED <-> FILE-IDENTIFY MIDI file attachment detected (file-identify.rules)
 * 1:20906 <-> ENABLED <-> FILE-IDENTIFY X PixMap file attachment detected (file-identify.rules)
 * 1:20905 <-> ENABLED <-> FILE-IDENTIFY X PixMap file attachment detected (file-identify.rules)
 * 1:20908 <-> ENABLED <-> FILE-IDENTIFY DXF file attachment detected (file-identify.rules)
 * 1:20907 <-> ENABLED <-> FILE-IDENTIFY DXF file attachment detected (file-identify.rules)
 * 1:20909 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Media ASF file attachment detected (file-identify.rules)
 * 1:20910 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Media ASF file attachment detected (file-identify.rules)
 * 1:20913 <-> ENABLED <-> FILE-IDENTIFY XML Shareable Playlist Format file attachment detected (file-identify.rules)
 * 1:20924 <-> ENABLED <-> FILE-IDENTIFY PLS file magic detected (file-identify.rules)
 * 1:20914 <-> ENABLED <-> FILE-IDENTIFY XML Shareable Playlist Format file attachment detected (file-identify.rules)
 * 1:20928 <-> ENABLED <-> FILE-IDENTIFY SMIL file magic detected (file-identify.rules)
 * 1:20925 <-> ENABLED <-> FILE-IDENTIFY Adobe Pagemaker file attachment detected (file-identify.rules)
 * 1:20926 <-> ENABLED <-> FILE-IDENTIFY Adobe Pagemaker file attachment detected (file-identify.rules)
 * 1:20930 <-> ENABLED <-> FILE-IDENTIFY MKV file attachment detected (file-identify.rules)
 * 1:20929 <-> ENABLED <-> FILE-IDENTIFY MKV file attachment detected (file-identify.rules)
 * 1:20932 <-> ENABLED <-> FILE-IDENTIFY MKS file attachment detected (file-identify.rules)
 * 1:20933 <-> ENABLED <-> FILE-IDENTIFY MKA file attachment detected (file-identify.rules)
 * 1:20934 <-> ENABLED <-> FILE-IDENTIFY MKA file attachment detected (file-identify.rules)
 * 1:20935 <-> ENABLED <-> FILE-IDENTIFY QCP file attachment detected (file-identify.rules)
 * 1:20936 <-> ENABLED <-> FILE-IDENTIFY QCP file attachment detected (file-identify.rules)
 * 1:20937 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file download request (file-identify.rules)
 * 1:20938 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file download request (file-identify.rules)
 * 1:20940 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file download request (file-identify.rules)
 * 1:20939 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file download request (file-identify.rules)
 * 1:20941 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file attachment detected (file-identify.rules)
 * 1:20942 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file attachment detected (file-identify.rules)
 * 1:20943 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file attachment detected (file-identify.rules)
 * 1:20945 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file attachment detected (file-identify.rules)
 * 1:20944 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file attachment detected (file-identify.rules)
 * 1:20946 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file attachment detected (file-identify.rules)
 * 1:20947 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file attachment detected (file-identify.rules)
 * 1:20948 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file attachment detected (file-identify.rules)
 * 1:20951 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:20950 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:20952 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:20953 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:20954 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:20955 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:20956 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:20957 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:20958 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:20959 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:20961 <-> ENABLED <-> FILE-IDENTIFY TTE file download request (file-identify.rules)
 * 1:20960 <-> ENABLED <-> FILE-IDENTIFY Flac file download request (file-identify.rules)
 * 1:20962 <-> ENABLED <-> FILE-IDENTIFY OTF file download request (file-identify.rules)
 * 1:20963 <-> ENABLED <-> FILE-IDENTIFY DIB file download request (file-identify.rules)
 * 1:20964 <-> ENABLED <-> FILE-IDENTIFY SAMI file download request (file-identify.rules)
 * 1:20966 <-> ENABLED <-> FILE-IDENTIFY JPEG file download request (file-identify.rules)
 * 1:20965 <-> ENABLED <-> FILE-IDENTIFY JPEG file download request (file-identify.rules)
 * 1:20967 <-> ENABLED <-> FILE-IDENTIFY JPEG file download request (file-identify.rules)
 * 1:20968 <-> ENABLED <-> FILE-IDENTIFY Apple disk image file download request (file-identify.rules)
 * 1:20969 <-> ENABLED <-> FILE-IDENTIFY M4A file download request (file-identify.rules)
 * 1:20970 <-> ENABLED <-> FILE-IDENTIFY M4P file download request (file-identify.rules)
 * 1:20971 <-> ENABLED <-> FILE-IDENTIFY M4R file download request (file-identify.rules)
 * 1:20972 <-> ENABLED <-> FILE-IDENTIFY M4V file magic request (file-identify.rules)
 * 1:20973 <-> ENABLED <-> FILE-IDENTIFY M4B file download request (file-identify.rules)
 * 1:20974 <-> ENABLED <-> FILE-IDENTIFY 3GP file download request (file-identify.rules)
 * 1:20976 <-> ENABLED <-> FILE-IDENTIFY K3G file download request (file-identify.rules)
 * 1:20975 <-> ENABLED <-> FILE-IDENTIFY 3G2 file download request (file-identify.rules)
 * 1:20977 <-> ENABLED <-> FILE-IDENTIFY SKM file download request (file-identify.rules)
 * 1:20978 <-> ENABLED <-> FILE-IDENTIFY TTE file attachment detected (file-identify.rules)
 * 1:20931 <-> ENABLED <-> FILE-IDENTIFY MKS file attachment detected (file-identify.rules)
 * 1:25305 <-> ENABLED <-> FILE-IDENTIFY Adobe Audition Session file magic detected (file-identify.rules)
 * 1:25306 <-> ENABLED <-> FILE-IDENTIFY Adobe Audition Session file download request (file-identify.rules)
 * 1:20979 <-> ENABLED <-> FILE-IDENTIFY TTE file attachment detected (file-identify.rules)
 * 1:25307 <-> ENABLED <-> FILE-IDENTIFY Adobe Audition Session file attachment detected (file-identify.rules)
 * 1:25308 <-> ENABLED <-> FILE-IDENTIFY Adobe Audition Session file attachment detected (file-identify.rules)
 * 1:25513 <-> ENABLED <-> FILE-IDENTIFY Portable Executable download detected (file-identify.rules)
 * 1:25514 <-> ENABLED <-> FILE-IDENTIFY Portable Executable download detected (file-identify.rules)
 * 1:25515 <-> ENABLED <-> FILE-IDENTIFY Portable Executable binary file magic detected (file-identify.rules)
 * 1:25539 <-> ENABLED <-> EXPLOIT-KIT Red Dot java retrieval attempt (exploit-kit.rules)
 * 1:20981 <-> ENABLED <-> FILE-IDENTIFY OTF file attachment detected (file-identify.rules)
 * 1:25680 <-> ENABLED <-> FILE-IDENTIFY Adobe Flash Player embedded compact font detected (file-identify.rules)
 * 1:20980 <-> ENABLED <-> FILE-IDENTIFY OTF file attachment detected (file-identify.rules)
 * 1:25682 <-> ENABLED <-> FILE-IDENTIFY Adobe Flash Player embedded compact font detected (file-identify.rules)
 * 1:25764 <-> ENABLED <-> EXPLOIT-KIT Zuponcic exploit kit Oracle Java file download (exploit-kit.rules)
 * 1:25798 <-> ENABLED <-> EXPLOIT-KIT Multiple exploit kit 32-alpha jar request (exploit-kit.rules)
 * 1:25801 <-> ENABLED <-> EXPLOIT-KIT Stamp exploit kit jar file request (exploit-kit.rules)
 * 1:25804 <-> ENABLED <-> EXPLOIT-KIT Whitehole exploit kit malicious jar download attempt (exploit-kit.rules)
 * 1:20982 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office PowerPoint file attachment detected (file-identify.rules)
 * 1:26022 <-> DISABLED <-> FILE-PDF EmbeddedFile contained within a PDF (file-pdf.rules)
 * 1:26057 <-> ENABLED <-> FILE-IDENTIFY ZIP file download detected (file-identify.rules)
 * 1:26058 <-> ENABLED <-> FILE-IDENTIFY ZIP file attachment detected (file-identify.rules)
 * 1:26251 <-> ENABLED <-> FILE-IDENTIFY JPEG file magic detected (file-identify.rules)
 * 1:20983 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office PowerPoint file attachment detected (file-identify.rules)
 * 1:26355 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows RDP ActiveX component mstscax use after free attempt (browser-plugins.rules)
 * 1:26356 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows RDP ActiveX component mstscax use after free attempt (browser-plugins.rules)
 * 1:26357 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows RDP ActiveX component mstscax use after free attempt (browser-plugins.rules)
 * 1:26358 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows RDP ActiveX component mstscax use after free attempt (browser-plugins.rules)
 * 1:20986 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Word docx file attachment detected (file-identify.rules)
 * 1:26359 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows RDP ActiveX component mstscax use after free attempt (browser-plugins.rules)
 * 1:26360 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows RDP ActiveX component mstscax use after free attempt (browser-plugins.rules)
 * 1:26361 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows RDP ActiveX component mstscax use after free attempt (browser-plugins.rules)
 * 1:26362 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows RDP ActiveX component mstscax use after free attempt (browser-plugins.rules)
 * 1:26363 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows RDP ActiveX component mstscax use after free attempt (browser-plugins.rules)
 * 1:26364 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows RDP ActiveX component mstscax use after free attempt (browser-plugins.rules)
 * 1:26365 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows RDP ActiveX component mstscax use after free attempt (browser-plugins.rules)
 * 1:20991 <-> ENABLED <-> FILE-IDENTIFY TTF file magic detected (file-identify.rules)
 * 1:26456 <-> ENABLED <-> FILE-IDENTIFY Stream redirector file attachment detected (file-identify.rules)
 * 1:20987 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Word docx file attachment detected (file-identify.rules)
 * 1:26457 <-> ENABLED <-> FILE-IDENTIFY Stream redirector file attachment detected (file-identify.rules)
 * 1:26458 <-> ENABLED <-> FILE-IDENTIFY Stream redirector file download request (file-identify.rules)
 * 1:26465 <-> ENABLED <-> FILE-IDENTIFY XUL file attachment detected (file-identify.rules)
 * 1:26466 <-> ENABLED <-> FILE-IDENTIFY XUL file attachment detected (file-identify.rules)
 * 1:20992 <-> ENABLED <-> FILE-IDENTIFY SAMI file magic detected (file-identify.rules)
 * 1:26492 <-> ENABLED <-> FILE-IDENTIFY KingView KingMessage log file download request (file-identify.rules)
 * 1:26493 <-> ENABLED <-> FILE-IDENTIFY KingView KingMessage log file attachment detected (file-identify.rules)
 * 1:26494 <-> ENABLED <-> FILE-IDENTIFY KingView KingMessage log file attachment detected (file-identify.rules)
 * 1:21035 <-> ENABLED <-> FILE-IDENTIFY PDF file attachment detected (file-identify.rules)
 * 1:26593 <-> DISABLED <-> SERVER-WEBAPP PHP htmlspecialchars htmlentities function buffer overflow attempt (server-webapp.rules)
 * 1:26661 <-> DISABLED <-> FILE-PDF PDF with click-to-launch executable (file-pdf.rules)
 * 1:26950 <-> ENABLED <-> EXPLOIT-KIT DotkaChef/Rmayana/DotCache exploit kit Zeroaccess download attempt (exploit-kit.rules)
 * 1:27113 <-> ENABLED <-> EXPLOIT-KIT DotkaChef/Rmayana/DotCache exploit kit Zeroaccess download attempt (exploit-kit.rules)
 * 1:21036 <-> ENABLED <-> FILE-IDENTIFY PDF file attachment detected (file-identify.rules)
 * 1:27121 <-> ENABLED <-> SERVER-OTHER HP OpenView Storage Data Protector - initiate connection (server-other.rules)
 * 1:27704 <-> ENABLED <-> EXPLOIT-KIT Gong Da exploit kit Java exploit requested (exploit-kit.rules)
 * 1:27705 <-> ENABLED <-> EXPLOIT-KIT Gong Da exploit kit Java exploit requested (exploit-kit.rules)
 * 1:27741 <-> ENABLED <-> EXPLOIT-KIT Zip file downloaded by Java (exploit-kit.rules)
 * 1:27813 <-> ENABLED <-> EXPLOIT-KIT Styx exploit kit landing page with payload (exploit-kit.rules)
 * 1:27866 <-> ENABLED <-> EXPLOIT-KIT Blackholev2/Darkleech exploit kit landing page (exploit-kit.rules)
 * 1:27873 <-> ENABLED <-> EXPLOIT-KIT Kore exploit kit outbound payload download attempt (exploit-kit.rules)
 * 1:12182 <-> ENABLED <-> FILE-IDENTIFY Adobe Flash Video file magic detected (file-identify.rules)
 * 1:12283 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Excel xlw file magic detected (file-identify.rules)
 * 1:12972 <-> ENABLED <-> FILE-IDENTIFY Microsoft Media Player asf/wmv/wma file magic detected (file-identify.rules)
 * 1:21059 <-> ENABLED <-> FILE-IDENTIFY AVI Video file magic detected (file-identify.rules)
 * 1:27876 <-> ENABLED <-> EXPLOIT-KIT DotkaChef/Rmayana/DotCache exploit kit Zeroaccess download (exploit-kit.rules)
 * 1:27877 <-> ENABLED <-> EXPLOIT-KIT Blackholev2/Cool exploit kit landing page (exploit-kit.rules)
 * 1:27878 <-> ENABLED <-> EXPLOIT-KIT Blackholev2/Cool exploit kit landing page (exploit-kit.rules)
 * 1:28109 <-> ENABLED <-> EXPLOIT-KIT Nuclear/Magnitude exploit kit Oracle Java exploit download attempt (exploit-kit.rules)
 * 1:21062 <-> ENABLED <-> FILE-IDENTIFY AVI file attachment detected (file-identify.rules)
 * 1:28111 <-> ENABLED <-> EXPLOIT-KIT Nuclear/Magnitude exploit kit post Java compromise download attempt (exploit-kit.rules)
 * 1:28196 <-> ENABLED <-> EXPLOIT-KIT Bleeding Life exploit kit module call (exploit-kit.rules)
 * 1:28197 <-> ENABLED <-> EXPLOIT-KIT Bleeding Life exploit kit module call (exploit-kit.rules)
 * 1:21109 <-> ENABLED <-> FILE-IDENTIFY MPEG video stream file download request (file-identify.rules)
 * 1:28198 <-> ENABLED <-> EXPLOIT-KIT Bleeding Life exploit kit module call (exploit-kit.rules)
 * 1:28199 <-> ENABLED <-> EXPLOIT-KIT Bleeding Life exploit kit module call (exploit-kit.rules)
 * 1:28414 <-> ENABLED <-> EXPLOIT-KIT Nuclear/Magnitude exploit kit Oracle Java exploit download attempt (exploit-kit.rules)
 * 1:28425 <-> ENABLED <-> OS-WINDOWS Microsoft Windows SMB Microsoft Windows Remote Administration Protocol usage attempt (os-windows.rules)
 * 1:21110 <-> ENABLED <-> FILE-IDENTIFY MPEG video stream file attachment detected (file-identify.rules)
 * 1:28449 <-> ENABLED <-> EXPLOIT-KIT Sakura exploit outbound connection attempt (exploit-kit.rules)
 * 1:28476 <-> ENABLED <-> EXPLOIT-KIT Neutrino exploit kit outbound request by Java - generic detection (exploit-kit.rules)
 * 1:28595 <-> ENABLED <-> EXPLOIT-KIT Nuclear exploit kit Oracle Java jar file retrieval (exploit-kit.rules)
 * 1:28611 <-> ENABLED <-> EXPLOIT-KIT Sakura exploit kit outbound connection attempt (exploit-kit.rules)
 * 1:28615 <-> ENABLED <-> EXPLOIT-KIT Angler exploit kit exploit download attempt (exploit-kit.rules)
 * 1:28629 <-> DISABLED <-> INDICATOR-OBFUSCATION obfuscated script encoding detected (indicator-obfuscation.rules)
 * 1:28630 <-> DISABLED <-> INDICATOR-OBFUSCATION obfuscated script encoding detected (indicator-obfuscation.rules)
 * 1:21113 <-> ENABLED <-> FILE-IDENTIFY Cisco Webex Player .wrf file magic detected (file-identify.rules)
 * 1:28894 <-> ENABLED <-> FILE-IDENTIFY eSignal .ets file attachment detected (file-identify.rules)
 * 1:21111 <-> ENABLED <-> FILE-IDENTIFY MPEG video stream file attachment detected (file-identify.rules)
 * 1:28895 <-> ENABLED <-> FILE-IDENTIFY eSignal .por file attachment detected (file-identify.rules)
 * 1:28896 <-> ENABLED <-> FILE-IDENTIFY eSignal .quo file attachment detected (file-identify.rules)
 * 1:28897 <-> ENABLED <-> FILE-IDENTIFY eSignal .sum file attachment detected (file-identify.rules)
 * 1:28898 <-> ENABLED <-> FILE-IDENTIFY eSignal .ets file attachment detected (file-identify.rules)
 * 1:28899 <-> ENABLED <-> FILE-IDENTIFY eSignal .por file attachment detected (file-identify.rules)
 * 1:21152 <-> ENABLED <-> FILE-IDENTIFY S3M file attachment detected (file-identify.rules)
 * 1:28900 <-> ENABLED <-> FILE-IDENTIFY eSignal .sum file attachment detected (file-identify.rules)
 * 1:28901 <-> ENABLED <-> FILE-IDENTIFY eSignal .ets file download request (file-identify.rules)
 * 1:29003 <-> ENABLED <-> EXPLOIT-KIT SPL2 exploit kit jar exploit download (exploit-kit.rules)
 * 1:29129 <-> ENABLED <-> EXPLOIT-KIT Stamp exploit kit jar exploit download - specific structure (exploit-kit.rules)
 * 1:21153 <-> ENABLED <-> FILE-IDENTIFY S3M file attachment detected (file-identify.rules)
 * 1:29165 <-> ENABLED <-> EXPLOIT-KIT CritX exploit kit outbound jar request (exploit-kit.rules)
 * 1:29274 <-> ENABLED <-> FILE-IDENTIFY XFDL file attachment detected (file-identify.rules)
 * 1:29275 <-> ENABLED <-> FILE-IDENTIFY XFDL file attachment detected (file-identify.rules)
 * 1:29276 <-> ENABLED <-> FILE-IDENTIFY XFDL file download request (file-identify.rules)
 * 1:21174 <-> ENABLED <-> FILE-IDENTIFY RealNetworks RealPlayer realtext file download request (file-identify.rules)
 * 1:29384 <-> ENABLED <-> FILE-IDENTIFY Adobe AIR file download request (file-identify.rules)
 * 1:29385 <-> ENABLED <-> FILE-IDENTIFY Adobe AIR file attachment detected (file-identify.rules)
 * 1:16755 <-> ENABLED <-> NETBIOS SMB /PlughNTCommand create tree attempt (netbios.rules)
 * 1:29386 <-> ENABLED <-> FILE-IDENTIFY Adobe AIR file attachment detected (file-identify.rules)
 * 1:29405 <-> ENABLED <-> FILE-IDENTIFY Microsoft Internet Shortcut file attachment detected (file-identify.rules)
 * 1:29406 <-> ENABLED <-> FILE-IDENTIFY Microsoft Internet Shortcut file attachment detected (file-identify.rules)
 * 1:29407 <-> ENABLED <-> FILE-IDENTIFY Microsoft Internet Shortcut file download request (file-identify.rules)
 * 1:21283 <-> ENABLED <-> FILE-IDENTIFY XSL file attachment detected (file-identify.rules)
 * 1:29446 <-> ENABLED <-> EXPLOIT-KIT Styx exploit kit jar outbound connection (exploit-kit.rules)
 * 1:29514 <-> ENABLED <-> OS-WINDOWS Microsoft Windows SMB Microsoft Windows Remote Administration Protocol usage attempt (os-windows.rules)
 * 1:21282 <-> ENABLED <-> FILE-IDENTIFY XSL file download request (file-identify.rules)
 * 1:29612 <-> ENABLED <-> FILE-IDENTIFY XPS file attachment detected (file-identify.rules)
 * 1:29613 <-> ENABLED <-> FILE-IDENTIFY XPS file attachment detected (file-identify.rules)
 * 1:29614 <-> ENABLED <-> FILE-IDENTIFY XPS file download request (file-identify.rules)
 * 1:29749 <-> DISABLED <-> BROWSER-PLUGINS IBM SizerOne ActiveX clsid access attempt (browser-plugins.rules)
 * 1:21284 <-> ENABLED <-> FILE-IDENTIFY XSL file attachment detected (file-identify.rules)
 * 1:30002 <-> ENABLED <-> EXPLOIT-KIT Hello/LightsOut exploit kit Java download attempt (exploit-kit.rules)
 * 1:30014 <-> ENABLED <-> FILE-IDENTIFY OS/2 Metafile file magic detected (file-identify.rules)
 * 1:30015 <-> ENABLED <-> FILE-IDENTIFY OS/2 Metafile file attachment detected (file-identify.rules)
 * 1:21285 <-> ENABLED <-> FILE-IDENTIFY XSLT file download request (file-identify.rules)
 * 1:30016 <-> ENABLED <-> FILE-IDENTIFY OS/2 Metafile file attachment detected (file-identify.rules)
 * 1:30017 <-> ENABLED <-> FILE-IDENTIFY OS/2 Metafile file magic detected (file-identify.rules)
 * 1:30018 <-> ENABLED <-> FILE-IDENTIFY OS/2 Metafile file download request (file-identify.rules)
 * 1:30219 <-> ENABLED <-> EXPLOIT-KIT Nuclear exploit kit outbound jar request (exploit-kit.rules)
 * 1:30767 <-> ENABLED <-> EXPLOIT-KIT Magnitude exploit kit Oracle Java payload request (exploit-kit.rules)
 * 1:21286 <-> ENABLED <-> FILE-IDENTIFY XSLT file attachment detected (file-identify.rules)
 * 1:30768 <-> ENABLED <-> EXPLOIT-KIT Magnitude exploit kit Oracle Java payload request (exploit-kit.rules)
 * 1:30944 <-> DISABLED <-> SERVER-APACHE Apache Struts CookieInterceptor classloader access attempt (server-apache.rules)
 * 1:31232 <-> ENABLED <-> EXPLOIT-KIT Bleeding Life exploit kit outbound jar request (exploit-kit.rules)
 * 1:31277 <-> ENABLED <-> EXPLOIT-KIT CottonCastle exploit kit Oracle Java outbound connection (exploit-kit.rules)
 * 1:31278 <-> ENABLED <-> EXPLOIT-KIT CottonCastle exploit kit Oracle java outbound connection (exploit-kit.rules)
 * 1:31299 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Necurs or Win.Trojan Locky variant outbound detection (malware-cnc.rules)
 * 1:3135 <-> ENABLED <-> NETBIOS SMB Trans2 QUERY_FILE_INFO attempt (netbios.rules)
 * 1:21288 <-> ENABLED <-> FILE-IDENTIFY XML download detected (file-identify.rules)
 * 1:21287 <-> ENABLED <-> FILE-IDENTIFY XSLT file attachment detected (file-identify.rules)
 * 1:3136 <-> ENABLED <-> NETBIOS SMB Trans2 QUERY_FILE_INFO andx attempt (netbios.rules)
 * 1:3137 <-> ENABLED <-> NETBIOS SMB-DS Trans2 QUERY_FILE_INFO attempt (netbios.rules)
 * 1:3138 <-> ENABLED <-> NETBIOS SMB-DS Trans2 QUERY_FILE_INFO andx attempt (netbios.rules)
 * 1:3139 <-> ENABLED <-> NETBIOS SMB Trans2 FIND_FIRST2 attempt (netbios.rules)
 * 1:3140 <-> ENABLED <-> NETBIOS SMB Trans2 FIND_FIRST2 andx attempt (netbios.rules)
 * 1:21410 <-> ENABLED <-> FILE-IDENTIFY paq8o file download request (file-identify.rules)
 * 1:31407 <-> ENABLED <-> BROWSER-PLUGINS Adobe Reader 11 messageHandler ActiveX access attempt (browser-plugins.rules)
 * 1:31408 <-> ENABLED <-> BROWSER-PLUGINS Adobe Reader 11 messageHandler ActiveX access attempt (browser-plugins.rules)
 * 1:31409 <-> ENABLED <-> BROWSER-PLUGINS Adobe Reader 11 messageHandler ActiveX access attempt (browser-plugins.rules)
 * 1:21411 <-> ENABLED <-> FILE-IDENTIFY paq8o file attachment detected (file-identify.rules)
 * 1:3141 <-> ENABLED <-> NETBIOS SMB-DS Trans2 FIND_FIRST2 attempt (netbios.rules)
 * 1:31410 <-> ENABLED <-> BROWSER-PLUGINS Adobe Reader 11 messageHandler ActiveX access attempt (browser-plugins.rules)
 * 1:3142 <-> ENABLED <-> NETBIOS SMB-DS Trans2 FIND_FIRST2 andx attempt (netbios.rules)
 * 1:31505 <-> ENABLED <-> SERVER-WEBAPP AlienVault OSSIM av-centerd get_license command injection attempt (server-webapp.rules)
 * 1:31506 <-> ENABLED <-> SERVER-WEBAPP AlienVault OSSIM av-centerd get_log_line command injection attempt (server-webapp.rules)
 * 1:21412 <-> ENABLED <-> FILE-IDENTIFY paq8o file attachment detected (file-identify.rules)
 * 1:31525 <-> ENABLED <-> SERVER-OTHER HP AutoPass License Server CommunicationServlet directory traversal attempt (server-other.rules)
 * 1:31526 <-> ENABLED <-> SERVER-OTHER HP AutoPass License Server CommunicationServlet directory traversal attempt (server-other.rules)
 * 1:31702 <-> ENABLED <-> FILE-IDENTIFY Microsoft Silverlight application file magic detected (file-identify.rules)
 * 1:31703 <-> ENABLED <-> FILE-IDENTIFY Microsoft Silverlight application file magic detected (file-identify.rules)
 * 1:31773 <-> ENABLED <-> FILE-IDENTIFY BitTorrent torrent file attachment detected (file-identify.rules)
 * 1:31774 <-> ENABLED <-> FILE-IDENTIFY BitTorrent torrent file attachment detected (file-identify.rules)
 * 1:21498 <-> ENABLED <-> FILE-IDENTIFY XML file magic detected (file-identify.rules)
 * 1:31775 <-> ENABLED <-> FILE-IDENTIFY BitTorrent torrent file attachment detected (file-identify.rules)
 * 1:31776 <-> ENABLED <-> FILE-IDENTIFY BitTorrent torrent file attachment detected (file-identify.rules)
 * 1:21480 <-> ENABLED <-> FILE-IDENTIFY XML file magic detected (file-identify.rules)
 * 1:15464 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Excel file download request (file-identify.rules)
 * 1:16534 <-> DISABLED <-> SERVER-OTHER Windows Server2000/2003/2008 SMTP service DNS MX lookup denial of service attempt  (server-other.rules)
 * 1:14038 <-> DISABLED <-> BROWSER-PLUGINS Novell iPrint ActiveX function call access (browser-plugins.rules)
 * 1:15483 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file download request (file-identify.rules)
 * 1:15870 <-> ENABLED <-> FILE-IDENTIFY 4XM file download request (file-identify.rules)
 * 1:15158 <-> ENABLED <-> FILE-IDENTIFY XML Shareable Playlist Format file download request (file-identify.rules)
 * 1:15922 <-> ENABLED <-> FILE-IDENTIFY MP3 file download request (file-identify.rules)
 * 1:16523 <-> DISABLED <-> FILE-PDF PDF with click-to-launch executable (file-pdf.rules)
 * 1:16473 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Movie Maker project file download request (file-identify.rules)
 * 1:15013 <-> ENABLED <-> FILE-IDENTIFY PDF file download request (file-identify.rules)
 * 1:16377 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer DOM mergeAttributes memory corruption attempt (browser-ie.rules)
 * 1:16369 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer deleted object access memory corruption attempt (browser-ie.rules)
 * 1:13515 <-> ENABLED <-> FILE-MULTIMEDIA Apple QuickTime user agent (file-multimedia.rules)
 * 1:13801 <-> ENABLED <-> FILE-IDENTIFY RTF file download request (file-identify.rules)
 * 1:13473 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Publisher file download request (file-identify.rules)
 * 1:13583 <-> ENABLED <-> FILE-IDENTIFY Microsoft SYmbolic LinK file download request (file-identify.rules)
 * 1:16407 <-> ENABLED <-> FILE-IDENTIFY JPEG file download request (file-identify.rules)
 * 1:14018 <-> ENABLED <-> FILE-IDENTIFY PLS multimedia playlist file download request (file-identify.rules)
 * 1:14037 <-> DISABLED <-> BROWSER-PLUGINS Novell iPrint ActiveX clsid access (browser-plugins.rules)
 * 1:15587 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Word file download request (file-identify.rules)
 * 1:16061 <-> ENABLED <-> FILE-IDENTIFY X PixMap file download request (file-identify.rules)
 * 1:16529 <-> ENABLED <-> FILE-IDENTIFY JPEG file download request (file-identify.rules)
 * 1:16286 <-> ENABLED <-> FILE-IDENTIFY TrueType font file download request (file-identify.rules)
 * 1:16219 <-> ENABLED <-> FILE-IDENTIFY Adobe Director Movie file download request (file-identify.rules)
 * 1:15945 <-> ENABLED <-> FILE-IDENTIFY RSS file download request (file-identify.rules)
 * 1:16594 <-> ENABLED <-> PROTOCOL-POP STAT command (protocol-pop.rules)
 * 1:15079 <-> ENABLED <-> FILE-IDENTIFY WAV file download request (file-identify.rules)
 * 1:15240 <-> ENABLED <-> FILE-IDENTIFY RealNetworks RealMedia format file download request (file-identify.rules)
 * 1:15239 <-> ENABLED <-> FILE-IDENTIFY RealNetworks RealMedia format file download request (file-identify.rules)
 * 1:15518 <-> ENABLED <-> FILE-IDENTIFY Embedded Open Type Font file download request (file-identify.rules)
 * 1:16367 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer invalid object access memory corruption attempt (browser-ie.rules)
 * 1:15900 <-> ENABLED <-> FILE-IDENTIFY Audio Interchange file download request (file-identify.rules)
 * 1:15468 <-> ENABLED <-> BROWSER-IE Apple Safari-Internet Explorer SearchPath blended threat dll request (browser-ie.rules)
 * 1:13928 <-> DISABLED <-> SERVER-WEBAPP Adobe RoboHelp r0 SQL injection attempt (server-webapp.rules)
 * 1:16474 <-> ENABLED <-> FILE-IDENTIFY Microsoft Compound File Binary v3 file magic detected (file-identify.rules)
 * 1:13585 <-> ENABLED <-> FILE-IDENTIFY Microsoft SYmbolic LinK file magic detected (file-identify.rules)
 * 1:15516 <-> ENABLED <-> FILE-IDENTIFY AVI multimedia file download request (file-identify.rules)
 * 1:16406 <-> ENABLED <-> FILE-IDENTIFY JPEG file download request (file-identify.rules)
 * 1:15237 <-> ENABLED <-> FILE-IDENTIFY Java .class file download request (file-identify.rules)
 * 1:14017 <-> ENABLED <-> FILE-IDENTIFY MPEG Layer 3 playlist file download request (file-identify.rules)
 * 1:16143 <-> ENABLED <-> FILE-IDENTIFY Microsoft asf file magic detected (file-identify.rules)
 * 1:16381 <-> ENABLED <-> NETBIOS SMB session negotiation request (netbios.rules)
 * 1:15865 <-> ENABLED <-> FILE-IDENTIFY MP4 file download request (file-identify.rules)
 * 1:16373 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader U3D CLODMeshContinuation code execution attempt (file-pdf.rules)
 * 1:16691 <-> ENABLED <-> FILE-IDENTIFY PLF playlist file download request (file-identify.rules)
 * 1:13525 <-> DISABLED <-> BROWSER-PLUGINS Novell iPrint ActiveX function call access (browser-plugins.rules)
 * 1:16205 <-> ENABLED <-> FILE-IDENTIFY BMP file download request (file-identify.rules)
 * 1:15586 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office PowerPoint file download request (file-identify.rules)
 * 1:15463 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Excel file download request (file-identify.rules)
 * 1:15987 <-> ENABLED <-> FILE-IDENTIFY DXF file download request (file-identify.rules)
 * 1:15427 <-> ENABLED <-> FILE-IDENTIFY SVG file download request (file-identify.rules)
 * 1:16425 <-> ENABLED <-> FILE-IDENTIFY Portable Executable binary file download request (file-identify.rules)
 * 1:15294 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Visio file download request (file-identify.rules)
 * 1:12455 <-> ENABLED <-> FILE-IDENTIFY SAP Crystal Reports file download request (file-identify.rules)
 * 1:12454 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Media ASF file magic detected (file-identify.rules)
 * 1:11835 <-> ENABLED <-> FILE-IDENTIFY Visio file magic detected (file-identify.rules)
 * 1:13465 <-> ENABLED <-> FILE-IDENTIFY Microsoft Works file download request (file-identify.rules)
 * 1:31823 <-> ENABLED <-> SERVER-WEBAPP AlienVault OSSIM remote_task command injection attempt (server-webapp.rules)
 * 1:31871 <-> ENABLED <-> FILE-IDENTIFY JPEG file magic detection (file-identify.rules)
 * 1:32134 <-> ENABLED <-> FILE-IDENTIFY XBM file attachment detected (file-identify.rules)
 * 1:21499 <-> ENABLED <-> FILE-IDENTIFY XML file attachment detected (file-identify.rules)
 * 1:32135 <-> ENABLED <-> FILE-IDENTIFY XBM file attachment detected (file-identify.rules)
 * 1:32165 <-> ENABLED <-> FILE-IDENTIFY SVG file magic detected (file-identify.rules)
 * 1:32203 <-> DISABLED <-> SERVER-WEBAPP PineApp Mail-SeCure ldapsyncnow.php command injection attempt (server-webapp.rules)
 * 1:32251 <-> ENABLED <-> FILE-IDENTIFY Basic Control Engine file attachment detected (file-identify.rules)
 * 1:21500 <-> ENABLED <-> FILE-IDENTIFY XML file attachment detected (file-identify.rules)
 * 1:32252 <-> ENABLED <-> FILE-IDENTIFY Basic Control Engine file attachment detected (file-identify.rules)
 * 1:32253 <-> ENABLED <-> FILE-IDENTIFY Basic Control Engine file download request (file-identify.rules)
 * 1:32342 <-> ENABLED <-> SERVER-OTHER AlienVault OSSIM framework backup_restore action command injection attempt (server-other.rules)
 * 1:32345 <-> ENABLED <-> SERVER-OTHER HP OpenView Storage Data Protector - initiate connection (server-other.rules)
 * 1:21611 <-> ENABLED <-> FILE-IDENTIFY RAT file attachment detected (file-identify.rules)
 * 1:32355 <-> DISABLED <-> INDICATOR-OBFUSCATION Javascript variable obfuscation (indicator-obfuscation.rules)
 * 1:32378 <-> ENABLED <-> FILE-IDENTIFY bmp file attachment detected (file-identify.rules)
 * 1:32380 <-> ENABLED <-> FILE-IDENTIFY dib file attachment detected (file-identify.rules)
 * 1:32389 <-> ENABLED <-> EXPLOIT-KIT Nuclear exploit kit outbound Oracle Java request (exploit-kit.rules)
 * 1:32481 <-> DISABLED <-> POLICY-OTHER Remote non-JavaScript file found in script tag src attribute (policy-other.rules)
 * 1:32523 <-> DISABLED <-> BROWSER-OTHER FreeBSD tnftp fetch_url client side command injection attempt (browser-other.rules)
 * 1:32524 <-> DISABLED <-> BROWSER-OTHER FreeBSD tnftp fetch_url client side command injection attempt (browser-other.rules)
 * 1:32525 <-> ENABLED <-> BROWSER-OTHER FreeBSD tnftp client detected (browser-other.rules)
 * 1:21613 <-> ENABLED <-> FILE-IDENTIFY PNG file attachment detected (file-identify.rules)
 * 1:32555 <-> ENABLED <-> EXPLOIT-KIT Hellspawn exploit kit outbound Oracle Java jar request (exploit-kit.rules)
 * 1:21612 <-> ENABLED <-> FILE-IDENTIFY RAT file attachment detected (file-identify.rules)
 * 1:32710 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer XSS filter bypass attempt (browser-ie.rules)
 * 1:32782 <-> ENABLED <-> FILE-FLASH Adobe Flash Player parseFloat stack overflow remote code execution attempt (file-flash.rules)
 * 1:32783 <-> ENABLED <-> FILE-FLASH Adobe Flash Player parseFloat stack overflow remote code execution attempt (file-flash.rules)
 * 1:32784 <-> ENABLED <-> FILE-FLASH Adobe Flash Player parseFloat stack overflow remote code execution attempt (file-flash.rules)
 * 1:21614 <-> ENABLED <-> FILE-IDENTIFY PNG file attachment detected (file-identify.rules)
 * 1:32785 <-> ENABLED <-> FILE-FLASH Adobe Flash Player parseFloat stack overflow remote code execution attempt (file-flash.rules)
 * 1:32991 <-> DISABLED <-> SERVER-OTHER SAP NetWeaver SXPG_COMMAND_EXECUTE remote command execution attempt (server-other.rules)
 * 1:32992 <-> DISABLED <-> SERVER-OTHER SAP NetWeaver SXPG_COMMAND_EXECUTE remote command execution attempt (server-other.rules)
 * 1:33026 <-> ENABLED <-> FILE-IDENTIFY Publish-iT PUI file attachment detected (file-identify.rules)
 * 1:21615 <-> ENABLED <-> FILE-IDENTIFY WMF file attachment detected (file-identify.rules)
 * 1:33027 <-> ENABLED <-> FILE-IDENTIFY Publish-iT PUI file attachment detected (file-identify.rules)
 * 1:33028 <-> ENABLED <-> FILE-IDENTIFY Publish-iT PUI file download request (file-identify.rules)
 * 1:33070 <-> DISABLED <-> BROWSER-PLUGINS Attachmate Reflection FTP Client ActiveX clsid access attempt (browser-plugins.rules)
 * 1:21616 <-> ENABLED <-> FILE-IDENTIFY WMF file attachment detected (file-identify.rules)
 * 1:33071 <-> DISABLED <-> BROWSER-PLUGINS Attachmate Reflection FTP Client ActiveX clsid access attempt (browser-plugins.rules)
 * 1:33072 <-> DISABLED <-> BROWSER-PLUGINS Attachmate Reflection FTP Client ActiveX clsid access attempt (browser-plugins.rules)
 * 1:33073 <-> DISABLED <-> BROWSER-PLUGINS Attachmate Reflection FTP Client ActiveX clsid access attempt (browser-plugins.rules)
 * 1:33247 <-> DISABLED <-> BLACKLIST User-Agent known malicious user-agent string - PPKHandler - Win.Backdoor.Upatre (blacklist.rules)
 * 1:33569 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CTableLayout memory corruption attempt (browser-ie.rules)
 * 1:33570 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CTableLayout memory corruption attempt (browser-ie.rules)
 * 1:33785 <-> DISABLED <-> SERVER-OTHER SSL request for export grade cipher suite attempt (server-other.rules)
 * 1:34104 <-> DISABLED <-> SERVER-WEBAPP Novell ZENworks Configuration Management directory traversal attempt (server-webapp.rules)
 * 1:21618 <-> ENABLED <-> FILE-IDENTIFY RT file attachment detected (file-identify.rules)
 * 1:34105 <-> DISABLED <-> SERVER-WEBAPP Novell ZENworks Configuration Management directory traversal attempt (server-webapp.rules)
 * 1:21617 <-> ENABLED <-> FILE-IDENTIFY RT file attachment detected (file-identify.rules)
 * 1:34106 <-> DISABLED <-> SERVER-WEBAPP Novell ZENworks Configuration Management directory traversal attempt (server-webapp.rules)
 * 1:34332 <-> ENABLED <-> EXPLOIT-KIT Fiesta exploit kit Oracle Java exploit download (exploit-kit.rules)
 * 1:34727 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer DataView use-after-free attempt (browser-ie.rules)
 * 1:21620 <-> ENABLED <-> FILE-IDENTIFY WAV file magic detected (file-identify.rules)
 * 1:34728 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer DataView use-after-free attempt (browser-ie.rules)
 * 1:35432 <-> ENABLED <-> FILE-IDENTIFY M4A file magic detected (file-identify.rules)
 * 1:35433 <-> ENABLED <-> FILE-IDENTIFY M4A file magic detected (file-identify.rules)
 * 1:35455 <-> ENABLED <-> FILE-IDENTIFY Adobe LZMA compressed Flash file magic detected (file-identify.rules)
 * 1:24826 <-> ENABLED <-> FILE-IDENTIFY RealPlayer skin file attachment detected (file-identify.rules)
 * 1:21621 <-> ENABLED <-> FILE-IDENTIFY AVI file magic detected (file-identify.rules)
 * 1:21623 <-> ENABLED <-> FILE-IDENTIFY QUO file attachment detected (file-identify.rules)
 * 1:21625 <-> ENABLED <-> FILE-IDENTIFY POR file attachment detected (file-identify.rules)
 * 1:21624 <-> ENABLED <-> FILE-IDENTIFY QUO file attachment detected (file-identify.rules)
 * 1:21626 <-> ENABLED <-> FILE-IDENTIFY POR file attachment detected (file-identify.rules)
 * 1:21627 <-> ENABLED <-> FILE-IDENTIFY SUM file attachment detected (file-identify.rules)
 * 1:21628 <-> ENABLED <-> FILE-IDENTIFY SUM file attachment detected (file-identify.rules)
 * 1:21649 <-> ENABLED <-> FILE-IDENTIFY QuickDraw/PICT file attachment detected (file-identify.rules)
 * 1:21648 <-> ENABLED <-> FILE-IDENTIFY QuickDraw/PICT file attachment detected (file-identify.rules)
 * 1:21650 <-> ENABLED <-> FILE-IDENTIFY QuickDraw/PICT file download request (file-identify.rules)
 * 1:21651 <-> ENABLED <-> FILE-IDENTIFY QuickDraw/PICT file attachment detected (file-identify.rules)
 * 1:21652 <-> ENABLED <-> FILE-IDENTIFY QuickDraw/PICT file attachment detected (file-identify.rules)
 * 1:21687 <-> ENABLED <-> FILE-IDENTIFY PLS file attachment detected (file-identify.rules)
 * 1:21688 <-> ENABLED <-> FILE-IDENTIFY PLS file attachment detected (file-identify.rules)
 * 1:21691 <-> ENABLED <-> FILE-IDENTIFY SMIL file attachment detected (file-identify.rules)
 * 1:21692 <-> ENABLED <-> FILE-IDENTIFY SMIL file attachment detected (file-identify.rules)
 * 1:21693 <-> ENABLED <-> FILE-IDENTIFY FLAC file attachment detected (file-identify.rules)
 * 1:21695 <-> ENABLED <-> FILE-IDENTIFY SMI file attachment detected (file-identify.rules)
 * 1:21694 <-> ENABLED <-> FILE-IDENTIFY FLAC file attachment detected (file-identify.rules)
 * 1:21696 <-> ENABLED <-> FILE-IDENTIFY SMI file attachment detected (file-identify.rules)
 * 1:21697 <-> ENABLED <-> FILE-IDENTIFY SAMI file attachment detected (file-identify.rules)
 * 1:21698 <-> ENABLED <-> FILE-IDENTIFY SAMI file attachment detected (file-identify.rules)
 * 1:21700 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Excel xlw file attachment detected (file-identify.rules)
 * 1:21699 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Excel xlw file attachment detected (file-identify.rules)
 * 1:21701 <-> ENABLED <-> FILE-IDENTIFY FlashPix file attachment detected (file-identify.rules)
 * 1:21702 <-> ENABLED <-> FILE-IDENTIFY FlashPix file attachment detected (file-identify.rules)
 * 1:9845 <-> ENABLED <-> FILE-IDENTIFY M3U file magic detected (file-identify.rules)
 * 1:6404 <-> ENABLED <-> SERVER-OTHER Veritas NetBackup Volume Manager connection attempt (server-other.rules)
 * 1:6010 <-> ENABLED <-> SERVER-OTHER VERITAS NetBackup vnetd connection attempt (server-other.rules)
 * 1:5713 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Metafile invalid header size integer overflow attempt (os-windows.rules)
 * 1:4143 <-> ENABLED <-> SERVER-OTHER lpd receive printer job cascade adaptor protocol request (server-other.rules)
 * 1:37728 <-> DISABLED <-> INDICATOR-OBFUSCATION SWF with large DefineBinaryData tag (indicator-obfuscation.rules)
 * 1:37723 <-> ENABLED <-> FILE-FLASH Adobe Flash Player atomicCompareAndSwapLength integer overflow attempt (file-flash.rules)
 * 1:37722 <-> ENABLED <-> FILE-FLASH Adobe Flash Player atomicCompareAndSwapLength integer overflow attempt (file-flash.rules)
 * 1:37716 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer onscroll DOS attempt (browser-ie.rules)
 * 1:37715 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer onscroll DOS attempt (browser-ie.rules)
 * 1:37546 <-> ENABLED <-> SERVER-OTHER Veritas NetBackup Volume Manager connection attempt (server-other.rules)
 * 1:37026 <-> DISABLED <-> POLICY-OTHER SSL/TLS weak RC4 cipher suite use attempt (policy-other.rules)
 * 1:37025 <-> DISABLED <-> POLICY-OTHER SSL/TLS weak RC4 cipher suite use attempt (policy-other.rules)
 * 1:36748 <-> ENABLED <-> FILE-IDENTIFY TTF file attachment detected (file-identify.rules)
 * 1:36058 <-> ENABLED <-> FILE-IDENTIFY OLE Document upload detected (file-identify.rules)
 * 1:24903 <-> ENABLED <-> FILE-IDENTIFY JNLP file attachment detected (file-identify.rules)
 * 1:36036 <-> DISABLED <-> INDICATOR-OBFUSCATION Adobe Flash file with SecureSwfLoader packer detected (indicator-obfuscation.rules)
 * 1:35852 <-> ENABLED <-> FILE-IDENTIFY JPEG file upload detected (file-identify.rules)
 * 1:35459 <-> ENABLED <-> FILE-IDENTIFY Adobe LZMA compressed Flash file download request (file-identify.rules)
 * 1:35458 <-> ENABLED <-> FILE-IDENTIFY Adobe LZMA compressed Flash file magic detected (file-identify.rules)
 * 1:16759 <-> ENABLED <-> NETBIOS SMB /PlughNTCommand create tree attempt (netbios.rules)
 * 1:35457 <-> ENABLED <-> FILE-IDENTIFY Adobe LZMA compressed Flash file attachment detected (file-identify.rules)
 * 1:35456 <-> ENABLED <-> FILE-IDENTIFY Adobe LZMA compressed Flash file attachment detected (file-identify.rules)
 * 1:24825 <-> ENABLED <-> FILE-IDENTIFY RealPlayer skin file attachment detected (file-identify.rules)
 * 1:16756 <-> ENABLED <-> NETBIOS SMB /PlughNTCommand unicode andx create tree attempt (netbios.rules)
 * 1:16757 <-> ENABLED <-> NETBIOS SMB /PlughNTCommand unicode create tree attempt (netbios.rules)
 * 1:16758 <-> ENABLED <-> NETBIOS SMB /PlughNTCommand andx create tree attempt (netbios.rules)
 * 1:16754 <-> ENABLED <-> NETBIOS SMB /PlughNTCommand andx create tree attempt (netbios.rules)
 * 1:21703 <-> ENABLED <-> FILE-IDENTIFY 4XM file attachment detected (file-identify.rules)
 * 1:21704 <-> ENABLED <-> FILE-IDENTIFY 4XM file attachment detected (file-identify.rules)
 * 1:21705 <-> ENABLED <-> FILE-IDENTIFY BitTorrent torrent file attachment detected (file-identify.rules)
 * 1:21706 <-> ENABLED <-> FILE-IDENTIFY BitTorrent torrent file attachment detected (file-identify.rules)
 * 1:21709 <-> ENABLED <-> FILE-IDENTIFY AIFF file attachment detected (file-identify.rules)
 * 1:21710 <-> ENABLED <-> FILE-IDENTIFY AIFF file attachment detected (file-identify.rules)
 * 1:21711 <-> ENABLED <-> FILE-IDENTIFY PFA file download request (file-identify.rules)
 * 1:21712 <-> ENABLED <-> FILE-IDENTIFY PFA file magic detected (file-identify.rules)
 * 1:21713 <-> ENABLED <-> FILE-IDENTIFY PFA file attachment detected (file-identify.rules)
 * 1:21714 <-> ENABLED <-> FILE-IDENTIFY PFA file attachment detected (file-identify.rules)
 * 1:21715 <-> ENABLED <-> FILE-IDENTIFY PFB file download request (file-identify.rules)
 * 1:21716 <-> ENABLED <-> FILE-IDENTIFY PFB file attachment detected (file-identify.rules)
 * 1:21717 <-> ENABLED <-> FILE-IDENTIFY PFB file attachment detected (file-identify.rules)
 * 1:21718 <-> ENABLED <-> FILE-IDENTIFY PFM file download request (file-identify.rules)
 * 1:21719 <-> ENABLED <-> FILE-IDENTIFY PFM file attachment detected (file-identify.rules)
 * 1:21720 <-> ENABLED <-> FILE-IDENTIFY PFM file attachment detected (file-identify.rules)
 * 1:21721 <-> ENABLED <-> FILE-IDENTIFY AFM file download request (file-identify.rules)
 * 1:21722 <-> ENABLED <-> FILE-IDENTIFY AFM file attachment detected (file-identify.rules)
 * 1:21723 <-> ENABLED <-> FILE-IDENTIFY AFM file attachment detected (file-identify.rules)
 * 1:21724 <-> ENABLED <-> FILE-IDENTIFY ANI file download request (file-identify.rules)
 * 1:21725 <-> ENABLED <-> FILE-IDENTIFY ANI file attachment detected (file-identify.rules)
 * 1:21726 <-> ENABLED <-> FILE-IDENTIFY ANI file attachment detected (file-identify.rules)
 * 1:21727 <-> ENABLED <-> FILE-IDENTIFY ANI file magic detection (file-identify.rules)
 * 1:21728 <-> ENABLED <-> FILE-IDENTIFY JPG file attachment detected (file-identify.rules)
 * 1:21729 <-> ENABLED <-> FILE-IDENTIFY JPG file attachment detected (file-identify.rules)
 * 1:21730 <-> ENABLED <-> FILE-IDENTIFY JPG file attachment detected (file-identify.rules)
 * 1:21731 <-> ENABLED <-> FILE-IDENTIFY JPG file attachment detected (file-identify.rules)
 * 1:21732 <-> ENABLED <-> FILE-IDENTIFY JPG file attachment detected (file-identify.rules)
 * 1:21733 <-> ENABLED <-> FILE-IDENTIFY JPG file attachment detected (file-identify.rules)
 * 1:21734 <-> ENABLED <-> FILE-IDENTIFY JPG file attachment detected (file-identify.rules)
 * 1:21735 <-> ENABLED <-> FILE-IDENTIFY JPG file attachment detected (file-identify.rules)
 * 1:21736 <-> ENABLED <-> FILE-IDENTIFY JPG file attachment detected (file-identify.rules)
 * 1:21737 <-> ENABLED <-> FILE-IDENTIFY JPG file attachment detected (file-identify.rules)
 * 1:21738 <-> ENABLED <-> FILE-IDENTIFY JPG file attachment detected (file-identify.rules)
 * 1:21739 <-> ENABLED <-> FILE-IDENTIFY JPG file attachment detected (file-identify.rules)
 * 1:21740 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Media asx file attachment detected (file-identify.rules)
 * 1:21741 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Media asx file attachment detected (file-identify.rules)
 * 1:21742 <-> ENABLED <-> FILE-IDENTIFY Embedded Open Type Font file attachment detected (file-identify.rules)
 * 1:21743 <-> ENABLED <-> FILE-IDENTIFY Embedded Open Type Font file attachment detected (file-identify.rules)
 * 1:21744 <-> ENABLED <-> FILE-IDENTIFY AVI file attachment detected (file-identify.rules)
 * 1:21745 <-> ENABLED <-> FILE-IDENTIFY AVI file attachment detected (file-identify.rules)
 * 1:21746 <-> ENABLED <-> FILE-IDENTIFY RTF file attachment detected (file-identify.rules)
 * 1:21747 <-> ENABLED <-> FILE-IDENTIFY RTF file attachment detected (file-identify.rules)
 * 1:21748 <-> ENABLED <-> FILE-IDENTIFY HPJ file download request (file-identify.rules)
 * 1:21749 <-> ENABLED <-> FILE-IDENTIFY HPJ file attachment detected (file-identify.rules)
 * 1:21750 <-> ENABLED <-> FILE-IDENTIFY HPJ file attachment detected (file-identify.rules)
 * 1:21751 <-> ENABLED <-> FILE-IDENTIFY HPJ file magic detected (file-identify.rules)
 * 1:21807 <-> ENABLED <-> FILE-IDENTIFY Adobe Download Manager aom file download request (file-identify.rules)
 * 1:21808 <-> ENABLED <-> FILE-IDENTIFY Adobe Download Manager aom file attachment detected (file-identify.rules)
 * 1:21809 <-> ENABLED <-> FILE-IDENTIFY Adobe Download Manager aom file attachment detected (file-identify.rules)
 * 1:21810 <-> ENABLED <-> FILE-IDENTIFY Adobe Download Manager aom file magic detected (file-identify.rules)
 * 1:21811 <-> ENABLED <-> FILE-IDENTIFY Apple Quicktime FLIC animation file file download request (file-identify.rules)
 * 1:21812 <-> ENABLED <-> FILE-IDENTIFY Apple Quicktime FLIC animation file file attachment detected (file-identify.rules)
 * 1:21813 <-> ENABLED <-> FILE-IDENTIFY Apple Quicktime FLIC animation file file attachment detected (file-identify.rules)
 * 1:21814 <-> ENABLED <-> FILE-IDENTIFY Apple Quicktime FLIC file magic detected (file-identify.rules)
 * 1:21815 <-> ENABLED <-> FILE-IDENTIFY LZH file attachment detected (file-identify.rules)
 * 1:21816 <-> ENABLED <-> FILE-IDENTIFY LZH file attachment detected (file-identify.rules)
 * 1:21854 <-> ENABLED <-> FILE-IDENTIFY LNK file attachment detected (file-identify.rules)
 * 1:21855 <-> ENABLED <-> FILE-IDENTIFY LNK file attachment detected (file-identify.rules)
 * 1:21856 <-> ENABLED <-> FILE-IDENTIFY ZIP file attachment detected (file-identify.rules)
 * 1:21857 <-> ENABLED <-> FILE-IDENTIFY ZIP file attachment detected (file-identify.rules)
 * 1:21861 <-> ENABLED <-> FILE-IDENTIFY WRF file attachment detected (file-identify.rules)
 * 1:21862 <-> ENABLED <-> FILE-IDENTIFY WRF file attachment detected (file-identify.rules)
 * 1:21863 <-> ENABLED <-> FILE-IDENTIFY Google Chrome extension file attachment detected (file-identify.rules)
 * 1:21864 <-> ENABLED <-> FILE-IDENTIFY Google Chrome extension file attachment detected (file-identify.rules)
 * 1:21865 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Fax Cover page document file attachment detected (file-identify.rules)
 * 1:21866 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Fax Cover page document file attachment detected (file-identify.rules)
 * 1:21867 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Fax Cover page document file attachment detected (file-identify.rules)
 * 1:21868 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Fax Cover page document file attachment detected (file-identify.rules)
 * 1:21870 <-> ENABLED <-> FILE-IDENTIFY CNT file attachment detected (file-identify.rules)
 * 1:21871 <-> ENABLED <-> FILE-IDENTIFY CNT file attachment detected (file-identify.rules)
 * 1:21872 <-> ENABLED <-> FILE-IDENTIFY GIF file attachment detected (file-identify.rules)
 * 1:21873 <-> ENABLED <-> FILE-IDENTIFY GIF file attachment detected (file-identify.rules)
 * 1:21884 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Publisher file attachment detected (file-identify.rules)
 * 1:21885 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Publisher file attachment detected (file-identify.rules)
 * 1:21886 <-> ENABLED <-> FILE-IDENTIFY OpenType Font file attachment detected (file-identify.rules)
 * 1:21887 <-> ENABLED <-> FILE-IDENTIFY OpenType Font file attachment detected (file-identify.rules)
 * 1:21888 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Movie Maker file attachment detected (file-identify.rules)
 * 1:21889 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Movie Maker file attachment detected (file-identify.rules)
 * 1:21890 <-> ENABLED <-> FILE-IDENTIFY Adobe Director Movie file attachment detected (file-identify.rules)
 * 1:21891 <-> ENABLED <-> FILE-IDENTIFY Adobe Director Movie file attachment detected (file-identify.rules)
 * 1:21892 <-> ENABLED <-> FILE-IDENTIFY Adobe Director Movie file attachment detected (file-identify.rules)
 * 1:21893 <-> ENABLED <-> FILE-IDENTIFY Adobe Director Movie file attachment detected (file-identify.rules)
 * 1:21894 <-> ENABLED <-> FILE-IDENTIFY SVG file attachment detected (file-identify.rules)
 * 1:21895 <-> ENABLED <-> FILE-IDENTIFY SVG file attachment detected (file-identify.rules)
 * 1:21908 <-> ENABLED <-> FILE-IDENTIFY Portable Executable file attachment detected (file-identify.rules)
 * 1:21909 <-> ENABLED <-> FILE-IDENTIFY Portable Executable file attachment detected (file-identify.rules)
 * 1:21915 <-> ENABLED <-> SERVER-OTHER Novell Groupwise HTTP login request (server-other.rules)
 * 1:21916 <-> ENABLED <-> SERVER-OTHER Novell Groupwise HTTP login request (server-other.rules)
 * 1:21918 <-> DISABLED <-> BROWSER-PLUGINS IBM Tivoli Provisioning Manager Express ActiveX clsid access attempt (browser-plugins.rules)
 * 1:21919 <-> DISABLED <-> BROWSER-PLUGINS IBM Tivoli Provisioning Manager Express ActiveX clsid access attempt (browser-plugins.rules)
 * 1:21999 <-> ENABLED <-> FILE-IDENTIFY OpenType Font file magic detection (file-identify.rules)
 * 1:22943 <-> ENABLED <-> FILE-IDENTIFY NAB file download request (file-identify.rules)
 * 1:22944 <-> ENABLED <-> FILE-IDENTIFY NAB file attachment detected (file-identify.rules)
 * 1:22945 <-> ENABLED <-> FILE-IDENTIFY NAB file attachment detected (file-identify.rules)
 * 1:22946 <-> ENABLED <-> FILE-IDENTIFY NAB file magic detected (file-identify.rules)
 * 1:22961 <-> ENABLED <-> FILE-IDENTIFY RealNetworks RealPlayer RAM file attachment detected (file-identify.rules)
 * 1:22962 <-> ENABLED <-> FILE-IDENTIFY RealNetworks RealPlayer RAM file attachment detected (file-identify.rules)
 * 1:22965 <-> ENABLED <-> FILE-IDENTIFY RealNetworks RealPlayer RT file attachment detected (file-identify.rules)
 * 1:22966 <-> ENABLED <-> FILE-IDENTIFY RealNetworks RealPlayer RT file attachment detected (file-identify.rules)
 * 1:22971 <-> ENABLED <-> FILE-IDENTIFY MPEG Layer 3 playlist file attachment detected (file-identify.rules)
 * 1:22972 <-> ENABLED <-> FILE-IDENTIFY m3u playlist file file attachment detected (file-identify.rules)
 * 1:22979 <-> ENABLED <-> FILE-IDENTIFY M4V file attachment detected (file-identify.rules)
 * 1:22980 <-> ENABLED <-> FILE-IDENTIFY M4V file attachment detected (file-identify.rules)
 * 1:22993 <-> ENABLED <-> FILE-IDENTIFY MP4 file attachment detected (file-identify.rules)
 * 1:22994 <-> ENABLED <-> FILE-IDENTIFY MP4 file attachment detected (file-identify.rules)
 * 1:22995 <-> ENABLED <-> FILE-IDENTIFY Apple QuickTime Movie file attachment detected (file-identify.rules)
 * 1:22996 <-> ENABLED <-> FILE-IDENTIFY Apple QuickTime Movie file attachment detected (file-identify.rules)
 * 1:22997 <-> ENABLED <-> FILE-IDENTIFY MHTML file attachment detected (file-identify.rules)
 * 1:22998 <-> ENABLED <-> FILE-IDENTIFY MHTML file attachment detected (file-identify.rules)
 * 1:22999 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Audio wmf file magic detected (file-identify.rules)
 * 1:23000 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Media Player DVR file attachment detected (file-identify.rules)
 * 1:23001 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Media Player DVR file attachment detected (file-identify.rules)
 * 1:23011 <-> ENABLED <-> FILE-IDENTIFY Collada file download request (file-identify.rules)
 * 1:23012 <-> ENABLED <-> FILE-IDENTIFY Collada file attachment detected (file-identify.rules)
 * 1:23013 <-> ENABLED <-> FILE-IDENTIFY Collada file attachment detected (file-identify.rules)
 * 1:23167 <-> ENABLED <-> FILE-IDENTIFY MPG video stream file download request (file-identify.rules)
 * 1:23168 <-> ENABLED <-> FILE-IDENTIFY MPG video stream file attachment detected (file-identify.rules)
 * 1:23169 <-> ENABLED <-> FILE-IDENTIFY MPG video stream file attachment detected (file-identify.rules)
 * 1:23190 <-> ENABLED <-> FILE-IDENTIFY Windows Media Metafile file download request (file-identify.rules)
 * 1:23191 <-> ENABLED <-> FILE-IDENTIFY Windows Media Metafile file attachment detected (file-identify.rules)
 * 1:23192 <-> ENABLED <-> FILE-IDENTIFY Windows Media Metafile file attachment detected (file-identify.rules)
 * 1:23193 <-> ENABLED <-> FILE-IDENTIFY Windows Media Metafile file download request (file-identify.rules)
 * 1:23194 <-> ENABLED <-> FILE-IDENTIFY Windows Media Metafile file attachment detected (file-identify.rules)
 * 1:23195 <-> ENABLED <-> FILE-IDENTIFY Windows Media Metafile file attachment detected (file-identify.rules)
 * 1:23196 <-> ENABLED <-> FILE-IDENTIFY Windows Media Metafile file download request (file-identify.rules)
 * 1:23197 <-> ENABLED <-> FILE-IDENTIFY Windows Media Metafile file attachment detected (file-identify.rules)
 * 1:23198 <-> ENABLED <-> FILE-IDENTIFY Windows Media Metafile file attachment detected (file-identify.rules)
 * 1:23199 <-> ENABLED <-> FILE-IDENTIFY Windows Media Metafile file download request (file-identify.rules)
 * 1:23200 <-> ENABLED <-> FILE-IDENTIFY Windows Media Metafile file attachment detected (file-identify.rules)
 * 1:23201 <-> ENABLED <-> FILE-IDENTIFY Windows Media Metafile file attachment detected (file-identify.rules)
 * 1:23202 <-> ENABLED <-> FILE-IDENTIFY Windows Media Metafile file download request (file-identify.rules)
 * 1:23203 <-> ENABLED <-> FILE-IDENTIFY Windows Media Metafile file attachment detected (file-identify.rules)
 * 1:23204 <-> ENABLED <-> FILE-IDENTIFY Windows Media Metafile file attachment detected (file-identify.rules)
 * 1:23205 <-> ENABLED <-> FILE-IDENTIFY Windows Media Metafile file download request (file-identify.rules)
 * 1:23206 <-> ENABLED <-> FILE-IDENTIFY Windows Media Metafile file attachment detected (file-identify.rules)
 * 1:23207 <-> ENABLED <-> FILE-IDENTIFY Windows Media Metafile file attachment detected (file-identify.rules)
 * 1:23208 <-> ENABLED <-> PROTOCOL-VOIP Digium Asterisk Manager Interface initial banner (protocol-voip.rules)
 * 1:23282 <-> DISABLED <-> SERVER-WEBAPP Microsoft Office SharePoint query.iqy XSS attempt (server-webapp.rules)
 * 1:23347 <-> ENABLED <-> FILE-IDENTIFY Lotus file download request (file-identify.rules)
 * 1:23348 <-> ENABLED <-> FILE-IDENTIFY Lotus file attachment detected (file-identify.rules)
 * 1:23349 <-> ENABLED <-> FILE-IDENTIFY Lotus file attachment detected (file-identify.rules)
 * 1:23393 <-> ENABLED <-> SQL IBM SolidDB initial banner (sql.rules)
 * 1:23530 <-> DISABLED <-> FILE-OFFICE Microsoft Office TIFF filter buffer overflow attempt (file-office.rules)
 * 1:23637 <-> ENABLED <-> FILE-IDENTIFY Java .class file attachment detected (file-identify.rules)
 * 1:23638 <-> ENABLED <-> FILE-IDENTIFY Java .class file attachment detected (file-identify.rules)
 * 1:23639 <-> ENABLED <-> FILE-IDENTIFY MPEG video stream file magic detected (file-identify.rules)
 * 1:23640 <-> ENABLED <-> FILE-IDENTIFY MPEG sys stream file magic detected (file-identify.rules)
 * 1:23645 <-> ENABLED <-> FILE-IDENTIFY RealNetworks Real Media file magic detected (file-identify.rules)
 * 1:23647 <-> ENABLED <-> FILE-IDENTIFY GIF file magic detected (file-identify.rules)
 * 1:23648 <-> ENABLED <-> FILE-IDENTIFY MP3 file magic detected (file-identify.rules)
 * 1:23651 <-> ENABLED <-> FILE-IDENTIFY JAR/ZIP file magic detected (file-identify.rules)
 * 1:23652 <-> ENABLED <-> FILE-IDENTIFY JAR/ZIP file magic detected (file-identify.rules)
 * 1:23653 <-> ENABLED <-> FILE-IDENTIFY JAR/ZIP file magic detected (file-identify.rules)
 * 1:23654 <-> ENABLED <-> FILE-IDENTIFY JAR/ZIP file magic detected (file-identify.rules)
 * 1:23655 <-> ENABLED <-> FILE-IDENTIFY JAR/ZIP file magic detected (file-identify.rules)
 * 1:23656 <-> ENABLED <-> FILE-IDENTIFY JAR/ZIP file magic detected (file-identify.rules)
 * 1:23657 <-> ENABLED <-> FILE-IDENTIFY JAR/ZIP file magic detected (file-identify.rules)
 * 1:23658 <-> ENABLED <-> FILE-IDENTIFY RIFX file magic detected (file-identify.rules)
 * 1:23659 <-> ENABLED <-> FILE-IDENTIFY RAR file magic detected (file-identify.rules)
 * 1:23664 <-> ENABLED <-> FILE-IDENTIFY PNG file magic detected (file-identify.rules)
 * 1:23666 <-> ENABLED <-> FILE-IDENTIFY MP3 file magic detected (file-identify.rules)
 * 1:23667 <-> ENABLED <-> FILE-IDENTIFY JPEG file magic detected (file-identify.rules)
 * 1:23670 <-> ENABLED <-> FILE-IDENTIFY RTF file magic detected (file-identify.rules)
 * 1:23676 <-> ENABLED <-> FILE-IDENTIFY Universal Binary/Java Bytecode file magic detected (file-identify.rules)
 * 1:23677 <-> ENABLED <-> FILE-IDENTIFY jarpack file magic detected (file-identify.rules)
 * 1:23678 <-> ENABLED <-> FILE-IDENTIFY PDF file magic detected (file-identify.rules)
 * 1:23679 <-> ENABLED <-> FILE-IDENTIFY compressed Adobe Shockwave Flash file magic detected (file-identify.rules)
 * 1:23680 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file magic detected (file-identify.rules)
 * 1:23681 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file magic detected (file-identify.rules)
 * 1:23682 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:23683 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:23684 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:23685 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:23687 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file magic detected (file-identify.rules)
 * 1:23691 <-> ENABLED <-> FILE-IDENTIFY dmg file magic detected (file-identify.rules)
 * 1:23695 <-> ENABLED <-> FILE-IDENTIFY Flac file magic detected (file-identify.rules)
 * 1:23696 <-> ENABLED <-> FILE-IDENTIFY VideoLAN VLC file magic detected (file-identify.rules)
 * 1:23697 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Excel xlw file magic detected (file-identify.rules)
 * 1:23698 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Media ASF file magic detected (file-identify.rules)
 * 1:23701 <-> ENABLED <-> FILE-IDENTIFY Microsoft SYmbolic LinK file magic detected (file-identify.rules)
 * 1:23703 <-> ENABLED <-> FILE-IDENTIFY Microsoft asf file magic detected (file-identify.rules)
 * 1:23707 <-> ENABLED <-> FILE-IDENTIFY Microsoft Compound File Binary v3 file magic detected (file-identify.rules)
 * 1:23709 <-> ENABLED <-> FILE-IDENTIFY Tiff little endian file magic detected (file-identify.rules)
 * 1:23710 <-> ENABLED <-> FILE-IDENTIFY Tiff big endian file magic detected (file-identify.rules)
 * 1:23711 <-> ENABLED <-> FILE-IDENTIFY OLE Document file magic detected (file-identify.rules)
 * 1:23712 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Excel file magic detected (file-identify.rules)
 * 1:23720 <-> ENABLED <-> FILE-IDENTIFY RealNetworks Realplayer REC file magic detected (file-identify.rules)
 * 1:23721 <-> ENABLED <-> FILE-IDENTIFY RealNetworks Realplayer .r1m file magic detected (file-identify.rules)
 * 1:23723 <-> ENABLED <-> FILE-IDENTIFY M3U file magic detected (file-identify.rules)
 * 1:23724 <-> ENABLED <-> FILE-IDENTIFY Adobe Director Movie file magic detected (file-identify.rules)
 * 1:23727 <-> ENABLED <-> FILE-IDENTIFY Adobe Flash Video file magic detected (file-identify.rules)
 * 1:23728 <-> ENABLED <-> FILE-IDENTIFY matroska file magic detected (file-identify.rules)
 * 1:23729 <-> ENABLED <-> FILE-IDENTIFY PICT file magic detected (file-identify.rules)
 * 1:23732 <-> ENABLED <-> FILE-IDENTIFY Microsoft Media Player .asf file magic detected (file-identify.rules)
 * 1:23735 <-> ENABLED <-> FILE-IDENTIFY MIDI file magic detected (file-identify.rules)
 * 1:23736 <-> ENABLED <-> FILE-IDENTIFY PLS file magic detected (file-identify.rules)
 * 1:23737 <-> ENABLED <-> FILE-IDENTIFY SMIL file magic detected (file-identify.rules)
 * 1:23738 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:23739 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:23740 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:23741 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:23742 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:23743 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:23744 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:23745 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:23746 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:23747 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:23748 <-> ENABLED <-> FILE-IDENTIFY TTF file magic detected (file-identify.rules)
 * 1:23749 <-> ENABLED <-> FILE-IDENTIFY SAMI file magic detected (file-identify.rules)
 * 1:23753 <-> ENABLED <-> FILE-IDENTIFY Visio file magic detected (file-identify.rules)
 * 1:23754 <-> ENABLED <-> FILE-IDENTIFY AVI Video file magic detected (file-identify.rules)
 * 1:23755 <-> ENABLED <-> FILE-IDENTIFY Cisco Webex Player .wrf file magic detected (file-identify.rules)
 * 1:23758 <-> ENABLED <-> FILE-IDENTIFY XML file magic detected (file-identify.rules)
 * 1:23759 <-> ENABLED <-> FILE-IDENTIFY XML file magic detected (file-identify.rules)
 * 1:23760 <-> ENABLED <-> FILE-IDENTIFY WAV file magic detected (file-identify.rules)
 * 1:23761 <-> ENABLED <-> FILE-IDENTIFY AVI file magic detected (file-identify.rules)
 * 1:23762 <-> ENABLED <-> FILE-IDENTIFY PFA file magic detected (file-identify.rules)
 * 1:23763 <-> ENABLED <-> FILE-IDENTIFY HPJ file magic detected (file-identify.rules)
 * 1:23764 <-> ENABLED <-> FILE-IDENTIFY Adobe Download Manager aom file magic detected (file-identify.rules)
 * 1:23765 <-> ENABLED <-> FILE-IDENTIFY Apple Quicktime FLIC file magic detected (file-identify.rules)
 * 1:23774 <-> ENABLED <-> FILE-IDENTIFY NAB file magic detected (file-identify.rules)
 * 1:23807 <-> ENABLED <-> FILE-IDENTIFY JPEG2000 file download request (file-identify.rules)
 * 1:23808 <-> ENABLED <-> FILE-IDENTIFY JPEG2000 file attachment detected (file-identify.rules)
 * 1:23809 <-> ENABLED <-> FILE-IDENTIFY JPEG2000 file attachment detected (file-identify.rules)
 * 1:23810 <-> ENABLED <-> FILE-IDENTIFY JPEG2000 file download request (file-identify.rules)
 * 1:23811 <-> ENABLED <-> FILE-IDENTIFY JPEG2000 file attachment detected (file-identify.rules)
 * 1:23812 <-> ENABLED <-> FILE-IDENTIFY JPEG2000 file attachment detected (file-identify.rules)
 * 1:23813 <-> ENABLED <-> FILE-IDENTIFY JPEG2000 file download request (file-identify.rules)
 * 1:23814 <-> ENABLED <-> FILE-IDENTIFY JPEG2000 file attachment detected (file-identify.rules)
 * 1:23815 <-> ENABLED <-> FILE-IDENTIFY JPEG2000 file attachment detected (file-identify.rules)
 * 1:23816 <-> ENABLED <-> FILE-IDENTIFY JPEG2000 file download request (file-identify.rules)
 * 1:23817 <-> ENABLED <-> FILE-IDENTIFY JPEG2000 file attachment detected (file-identify.rules)
 * 1:23818 <-> ENABLED <-> FILE-IDENTIFY JPEG2000 file attachment detected (file-identify.rules)
 * 1:23819 <-> ENABLED <-> FILE-IDENTIFY JPEG2000 file download request (file-identify.rules)
 * 1:23820 <-> ENABLED <-> FILE-IDENTIFY JPEG2000 file attachment detected (file-identify.rules)
 * 1:23821 <-> ENABLED <-> FILE-IDENTIFY JPEG2000 file attachment detected (file-identify.rules)
 * 1:23822 <-> ENABLED <-> FILE-IDENTIFY JPEG2000 file magic detected (file-identify.rules)
 * 1:23823 <-> ENABLED <-> FILE-IDENTIFY JPEG2000 file magic detected (file-identify.rules)
 * 1:23839 <-> ENABLED <-> OS-WINDOWS Microsoft Windows SMB RAP API NetServerEnum2 long server name buffer overflow attempt (os-windows.rules)
 * 1:24074 <-> ENABLED <-> FILE-IDENTIFY MP3 file download request (file-identify.rules)
 * 1:24075 <-> ENABLED <-> FILE-IDENTIFY MP3 file attachment detected (file-identify.rules)
 * 1:24076 <-> ENABLED <-> FILE-IDENTIFY MP3 file attachment detected (file-identify.rules)
 * 1:24078 <-> ENABLED <-> FILE-IDENTIFY RMF file attachment detected (file-identify.rules)
 * 1:24079 <-> ENABLED <-> FILE-IDENTIFY RMF file attachment detected (file-identify.rules)
 * 1:24080 <-> ENABLED <-> FILE-IDENTIFY Microsoft Works file attachment detected (file-identify.rules)
 * 1:24081 <-> ENABLED <-> FILE-IDENTIFY Microsoft Works file attachment detected (file-identify.rules)
 * 1:24100 <-> ENABLED <-> FILE-IDENTIFY PLF file attachment detected (file-identify.rules)
 * 1:24101 <-> ENABLED <-> FILE-IDENTIFY PLF file attachment detected (file-identify.rules)
 * 1:24172 <-> DISABLED <-> SQL use of concat function with select - likely SQL injection (sql.rules)
 * 1:2419 <-> ENABLED <-> FILE-IDENTIFY RealNetworks Realplayer .ram playlist file download request (file-identify.rules)
 * 1:24190 <-> ENABLED <-> FILE-IDENTIFY X PixMap file magic detected (file-identify.rules)
 * 1:2420 <-> ENABLED <-> FILE-IDENTIFY RealNetworks Realplayer .rmp playlist file download request (file-identify.rules)
 * 1:24206 <-> ENABLED <-> FILE-IDENTIFY LZH archive file magic detected (file-identify.rules)
 * 1:24213 <-> ENABLED <-> FILE-IDENTIFY MP4 file magic detected (file-identify.rules)
 * 1:24218 <-> ENABLED <-> FILE-IDENTIFY SMIL file magic detected (file-identify.rules)
 * 1:24219 <-> ENABLED <-> FILE-IDENTIFY SMIL file magic detected (file-identify.rules)
 * 1:2422 <-> ENABLED <-> FILE-IDENTIFY RealNetworks Realplayer .rt playlist file download request (file-identify.rules)
 * 1:2423 <-> ENABLED <-> FILE-IDENTIFY RealNetworks Realplayer .rp playlist file download request (file-identify.rules)
 * 1:24284 <-> ENABLED <-> FILE-OFFICE Microsoft Office Drawing object code execution attempt (file-office.rules)
 * 1:24313 <-> ENABLED <-> SERVER-WEBAPP HP OpenView Operations Agent request attempt (server-webapp.rules)
 * 1:2436 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Audio wmf file download request (file-identify.rules)
 * 1:24455 <-> ENABLED <-> FILE-IDENTIFY JPEG file magic detected (file-identify.rules)
 * 1:24456 <-> ENABLED <-> FILE-IDENTIFY JPEG file magic detected (file-identify.rules)
 * 1:24457 <-> ENABLED <-> FILE-IDENTIFY JPEG file magic detected (file-identify.rules)
 * 1:24458 <-> ENABLED <-> FILE-IDENTIFY JPEG file magic detected (file-identify.rules)
 * 1:24463 <-> ENABLED <-> FILE-IDENTIFY TIFF file attachment detected (file-identify.rules)
 * 1:24464 <-> ENABLED <-> FILE-IDENTIFY TIFF file attachment detected (file-identify.rules)
 * 1:24465 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Audio wmf file magic detected (file-identify.rules)
 * 1:24472 <-> ENABLED <-> FILE-IDENTIFY FLV file attachment detected (file-identify.rules)
 * 1:24473 <-> ENABLED <-> FILE-IDENTIFY FLV file attachment detected (file-identify.rules)
 * 1:24483 <-> ENABLED <-> FILE-IDENTIFY Embedded Open Type Font file magic detected (file-identify.rules)
 * 1:24484 <-> ENABLED <-> FILE-IDENTIFY Embedded Open Type Font file magic detected (file-identify.rules)
 * 1:24554 <-> ENABLED <-> FILE-IDENTIFY Apple QuickTime PICT v2.0 Image header (file-identify.rules)
 * 1:24555 <-> ENABLED <-> FILE-IDENTIFY Apple QuickTime PICT v2.0 Image header (file-identify.rules)
 * 1:24599 <-> ENABLED <-> FILE-IDENTIFY Alt-N MDaemon IMAP Server (file-identify.rules)
 * 1:24708 <-> ENABLED <-> FILE-IDENTIFY Netop Remote Control file download request (file-identify.rules)
 * 1:24709 <-> ENABLED <-> FILE-IDENTIFY Netop Remote Control file attachment detected (file-identify.rules)
 * 1:24710 <-> ENABLED <-> FILE-IDENTIFY Netop Remote Control file attachment detected (file-identify.rules)
 * 1:24719 <-> ENABLED <-> PROTOCOL-VOIP Digium Asterisk SCCP call state message offhook (protocol-voip.rules)
 * 1:24720 <-> DISABLED <-> PROTOCOL-VOIP Digium Asterisk SCCP keypad button message denial of service attempt (protocol-voip.rules)
 * 1:24816 <-> ENABLED <-> FILE-IDENTIFY MP4 file magic detected (file-identify.rules)
 * 1:24817 <-> ENABLED <-> FILE-IDENTIFY MP4 file magic detected (file-identify.rules)
 * 1:24818 <-> ENABLED <-> FILE-IDENTIFY M4V file magic detected (file-identify.rules)
 * 1:24819 <-> ENABLED <-> FILE-IDENTIFY M4V file magic detected (file-identify.rules)
 * 1:24820 <-> ENABLED <-> FILE-IDENTIFY Computer Graphics Metafile file download request (file-identify.rules)
 * 1:24821 <-> ENABLED <-> FILE-IDENTIFY Computer Graphics Metafile file attachment detected (file-identify.rules)
 * 1:24822 <-> ENABLED <-> FILE-IDENTIFY Computer Graphics Metafile file attachment detected (file-identify.rules)
 * 1:16761 <-> ENABLED <-> NETBIOS SMB /PlughNTCommand unicode create tree attempt (netbios.rules)
 * 1:17116 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Media ASX file download request (file-identify.rules)
 * 1:17130 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer boundElements arbitrary code execution attempt (browser-ie.rules)
 * 1:17151 <-> ENABLED <-> NETBIOS SMB negotiate protocol request - ascii strings (netbios.rules)
 * 1:17229 <-> ENABLED <-> FILE-IDENTIFY Tiff little endian file magic detected (file-identify.rules)
 * 1:17241 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Media wmv file download request (file-identify.rules)
 * 1:17259 <-> ENABLED <-> FILE-IDENTIFY MOV file download request (file-identify.rules)

2016-03-03 20:39:44 UTC

Snort Subscriber Rules Update

Date: 2016-03-03

This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 2980.

The format of the file is:

gid:sid <-> Default rule state <-> Message (rule group)

New Rules:


 * 1:38012 <-> DISABLED <-> SERVER-WEBAPP Alienvault OSSIM graph_geoloc.php SQL injection attempt (server-webapp.rules)
 * 1:38011 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows RDP ActiveX component mstscax use after free attempt (browser-plugins.rules)
 * 1:38010 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows RDP ActiveX component mstscax use after free attempt (browser-plugins.rules)
 * 1:38009 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows RDP ActiveX component mstscax use after free attempt (browser-plugins.rules)
 * 1:38008 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows RDP ActiveX component mstscax use after free attempt (browser-plugins.rules)
 * 1:38007 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows RDP ActiveX component mstscax use after free attempt (browser-plugins.rules)
 * 1:38006 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows RDP ActiveX component mstscax use after free attempt (browser-plugins.rules)
 * 1:38005 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows RDP ActiveX component mstscax use after free attempt (browser-plugins.rules)
 * 1:38004 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows RDP ActiveX component mstscax use after free attempt (browser-plugins.rules)
 * 1:38003 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows RDP ActiveX component mstscax use after free attempt (browser-plugins.rules)
 * 1:38060 <-> DISABLED <-> POLICY-OTHER SSLv2 Client Hello attempt (policy-other.rules)
 * 1:38059 <-> DISABLED <-> POLICY-OTHER SWF containing protoType.valueOf function download detected (policy-other.rules)
 * 1:38058 <-> DISABLED <-> POLICY-OTHER SWF containing getDefinitionByName function download detected (policy-other.rules)
 * 1:38057 <-> DISABLED <-> POLICY-OTHER SWF containing parseFloat function download detected (policy-other.rules)
 * 1:38056 <-> DISABLED <-> POLICY-OTHER SWF containing domainMemory function download detected (policy-other.rules)
 * 1:38055 <-> DISABLED <-> POLICY-OTHER SWF containing defaultValue function download detected (policy-other.rules)
 * 1:38054 <-> DISABLED <-> POLICY-OTHER SWF containing protoType.valueOf function download detected (policy-other.rules)
 * 1:38053 <-> DISABLED <-> POLICY-OTHER SWF containing getDefinitionByName function download detected (policy-other.rules)
 * 1:38052 <-> DISABLED <-> POLICY-OTHER SWF containing parseFloat function download detected (policy-other.rules)
 * 1:38051 <-> DISABLED <-> POLICY-OTHER SWF containing domainMemory function download detected (policy-other.rules)
 * 1:38050 <-> DISABLED <-> POLICY-OTHER SWF containing defaultValue function download detected (policy-other.rules)
 * 1:38049 <-> DISABLED <-> SERVER-WEBAPP Centreon Web Interface index.php command injection attempt (server-webapp.rules)
 * 1:38048 <-> DISABLED <-> POLICY-OTHER PDF containing U3D object download detected (policy-other.rules)
 * 1:38047 <-> DISABLED <-> POLICY-OTHER PDF containing mluc tag object download detected (policy-other.rules)
 * 1:38046 <-> DISABLED <-> POLICY-OTHER PDF ActiveX CLSID access detected (policy-other.rules)
 * 1:38045 <-> DISABLED <-> POLICY-OTHER PDF ActiveX CLSID access detected (policy-other.rules)
 * 1:38044 <-> DISABLED <-> POLICY-OTHER PDF containing AcroForm key download detected (policy-other.rules)
 * 1:38043 <-> DISABLED <-> POLICY-OTHER PDF containing Action key download detected (policy-other.rules)
 * 1:38042 <-> DISABLED <-> POLICY-OTHER PDF containing Launch key download detected (policy-other.rules)
 * 1:38041 <-> DISABLED <-> POLICY-OTHER PDF containing U3D object download detected (policy-other.rules)
 * 1:38040 <-> DISABLED <-> POLICY-OTHER PDF containing mluc tag object download detected (policy-other.rules)
 * 1:38039 <-> DISABLED <-> POLICY-OTHER PDF ActiveX CLSID access detected (policy-other.rules)
 * 1:38038 <-> DISABLED <-> POLICY-OTHER PDF ActiveX CLSID access detected (policy-other.rules)
 * 1:38037 <-> DISABLED <-> POLICY-OTHER PDF containing AcroForm key download detected (policy-other.rules)
 * 1:38036 <-> DISABLED <-> POLICY-OTHER PDF containing Action key download detected (policy-other.rules)
 * 1:38035 <-> DISABLED <-> POLICY-OTHER PDF containing Launch key download detected (policy-other.rules)
 * 1:38034 <-> DISABLED <-> POLICY-OTHER SWF containing allowLoadBytesCodeExecution function download detected (policy-other.rules)
 * 1:38033 <-> DISABLED <-> POLICY-OTHER SWF containing allowLoadBytesCodeExecution download detected  (policy-other.rules)
 * 1:38032 <-> DISABLED <-> POLICY-OTHER SWF containing atomicCompareAndSwapLength function download detected (policy-other.rules)
 * 1:38031 <-> DISABLED <-> POLICY-OTHER SWF containing loadBytes function download detected (policy-other.rules)
 * 1:38030 <-> DISABLED <-> POLICY-OTHER SWF containing ExternalInterface function download detected (policy-other.rules)
 * 1:38029 <-> DISABLED <-> POLICY-OTHER SWF containing atomicCompareAndSwapLength function download detected (policy-other.rules)
 * 1:38028 <-> DISABLED <-> POLICY-OTHER SWF containing loadBytes function download detected (policy-other.rules)
 * 1:38027 <-> DISABLED <-> POLICY-OTHER SWF containing ExternalInterface function download detected (policy-other.rules)
 * 1:38026 <-> DISABLED <-> FILE-FLASH SWF with RC4 decryption routine detected (file-flash.rules)
 * 1:38025 <-> DISABLED <-> FILE-FLASH suspicious SWF with large DefineBinaryData tag (file-flash.rules)
 * 1:38024 <-> DISABLED <-> FILE-FLASH suspicious SWF with large DefineBinaryData tag (file-flash.rules)
 * 1:38023 <-> DISABLED <-> FILE-FLASH CreateFileA shellcode found in flash file (file-flash.rules)
 * 1:38022 <-> DISABLED <-> FILE-FLASH SWF with RC4 decryption routine detected (file-flash.rules)
 * 1:38021 <-> DISABLED <-> FILE-FLASH suspicious SWF with large DefineBinaryData tag (file-flash.rules)
 * 1:38020 <-> DISABLED <-> FILE-FLASH CreateFileA shellcode found in flash file (file-flash.rules)
 * 1:38019 <-> DISABLED <-> DELETED EXPLOIT-KIT Angler exploit kit search uri request attempt (deleted.rules)
 * 1:38018 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Dridex outbound connection attempt (malware-cnc.rules)
 * 1:38017 <-> ENABLED <-> MALWARE-CNC Win.Trojan.TeslaCrypt server reply (malware-cnc.rules)
 * 1:38016 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer DOM manipulation memory corruption attempt (browser-ie.rules)
 * 1:38015 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer DOM manipulation memory corruption attempt (browser-ie.rules)
 * 1:38014 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer getBoundingClientRect incorrect rebalancing attempt (browser-ie.rules)
 * 1:38013 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer getBoundingClientRect incorrect rebalancing attempt (browser-ie.rules)
 * 1:38002 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows RDP ActiveX component mstscax use after free attempt (browser-plugins.rules)
 * 1:38001 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows RDP ActiveX component mstscax use after free attempt (browser-plugins.rules)
 * 1:38000 <-> DISABLED <-> BROWSER-PLUGINS IE MsRdpClient ActiveX attempt (browser-plugins.rules)
 * 1:37999 <-> DISABLED <-> BROWSER-PLUGINS IE MsRdpClient ActiveX attempt (browser-plugins.rules)
 * 1:37998 <-> DISABLED <-> BROWSER-PLUGINS IE MsRdpClient ActiveX attempt (browser-plugins.rules)
 * 1:37997 <-> DISABLED <-> BROWSER-PLUGINS IE MsRdpClient ActiveX attempt (browser-plugins.rules)
 * 1:37996 <-> DISABLED <-> BROWSER-PLUGINS IE MsRdpClient ActiveX attempt (browser-plugins.rules)
 * 1:37995 <-> DISABLED <-> BROWSER-PLUGINS IE MsRdpClient ActiveX attempt (browser-plugins.rules)
 * 1:37994 <-> DISABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules)
 * 1:37993 <-> DISABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules)
 * 1:37992 <-> DISABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules)
 * 1:37991 <-> DISABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules)
 * 1:37990 <-> DISABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules)
 * 1:37989 <-> DISABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules)
 * 1:37988 <-> DISABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules)
 * 1:37987 <-> DISABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules)
 * 1:37986 <-> DISABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules)
 * 1:37985 <-> DISABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules)
 * 1:37984 <-> DISABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules)
 * 1:37983 <-> DISABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules)
 * 1:37982 <-> DISABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules)
 * 1:37981 <-> DISABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules)
 * 1:37980 <-> DISABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules)
 * 1:37979 <-> DISABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules)
 * 1:37978 <-> DISABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules)
 * 1:37977 <-> DISABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules)
 * 1:37976 <-> DISABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules)
 * 1:37975 <-> DISABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules)
 * 1:37974 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer onscroll DOS attempt (browser-ie.rules)
 * 1:37973 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer onscroll DOS attempt (browser-ie.rules)
 * 1:37972 <-> DISABLED <-> INDICATOR-OBFUSCATION obfuscated script encoding detected (indicator-obfuscation.rules)
 * 1:37971 <-> DISABLED <-> INDICATOR-OBFUSCATION obfuscated script encoding detected (indicator-obfuscation.rules)
 * 1:37970 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer DataView use-after-free attempt (browser-ie.rules)
 * 1:37969 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer DataView use-after-free attempt (browser-ie.rules)
 * 1:37968 <-> DISABLED <-> SERVER-WEBAPP Apache HTTP server potential cookie disclosure attempt (server-webapp.rules)
 * 1:37967 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer covered object memory corruption attempt (browser-ie.rules)
 * 1:37966 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer covered object memory corruption attempt (browser-ie.rules)
 * 1:37965 <-> DISABLED <-> DELETED INDICATOR-OBFUSCATION third party PDF compression detected (deleted.rules)
 * 1:37964 <-> DISABLED <-> DELETED INDICATOR-OBFUSCATION third party PDF compression detected (deleted.rules)
 * 1:37963 <-> DISABLED <-> INDICATOR-COMPROMISE malicious file download attempt (indicator-compromise.rules)
 * 1:37962 <-> DISABLED <-> SERVER-WEBAPP PHP htmlspecialchars htmlentities function buffer overflow attempt (server-webapp.rules)
 * 1:37961 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer long URL buffer overflow attempt (browser-ie.rules)
 * 1:37960 <-> DISABLED <-> SERVER-OTHER Pidgin MSN MSNP2P message integer overflow attempt (server-other.rules)
 * 1:37959 <-> DISABLED <-> FILE-MULTIMEDIA Apple iTunes PLS file parsing buffer overflow attempt (file-multimedia.rules)
 * 1:37958 <-> ENABLED <-> EXPLOIT-KIT Angler exploit kit viewthread uri request attempt (exploit-kit.rules)
 * 1:37957 <-> ENABLED <-> EXPLOIT-KIT Angler exploit kit view uri request attempt (exploit-kit.rules)
 * 1:37956 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer boundElements arbitrary code execution attempt (browser-ie.rules)
 * 1:37955 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer boundElements arbitrary code execution attempt (browser-ie.rules)
 * 1:37954 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer boundElements arbitrary code execution attempt (browser-ie.rules)
 * 1:37953 <-> DISABLED <-> SERVER-WEBAPP Adobe RoboHelp r0 SQL injection attempt (server-webapp.rules)
 * 1:37952 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer FTP client directory traversal attempt (browser-ie.rules)
 * 1:37951 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer FTP client directory traversal attempt (browser-ie.rules)
 * 1:37950 <-> DISABLED <-> INDICATOR-OBFUSCATION email of heavily compressed PDF attempt (indicator-obfuscation.rules)
 * 1:37949 <-> DISABLED <-> INDICATOR-OBFUSCATION download of heavily compressed PDF attempt (indicator-obfuscation.rules)
 * 1:37948 <-> DISABLED <-> INDICATOR-OBFUSCATION known malicious JavaScript decryption routine (indicator-obfuscation.rules)
 * 1:37947 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer invalid object access memory corruption attempt (browser-ie.rules)
 * 1:37946 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer invalid object access memory corruption attempt (browser-ie.rules)
 * 1:37945 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer deleted object access memory corruption attempt (browser-ie.rules)
 * 1:37944 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer invalid object access memory corruption attempt (browser-ie.rules)
 * 1:37943 <-> DISABLED <-> SERVER-WEBAPP AlienVault OSSIM a_deployment.php command injection attempt (server-webapp.rules)
 * 1:37942 <-> DISABLED <-> SERVER-WEBAPP AlienVault OSSIM a_deployment.php command injection attempt (server-webapp.rules)
 * 1:37941 <-> DISABLED <-> SERVER-WEBAPP AlienVault OSSIM a_deployment.php command injection attempt (server-webapp.rules)
 * 1:37940 <-> ENABLED <-> FILE-MULTIMEDIA Adobe Flash pixel bender buffer overflow attempt (file-multimedia.rules)
 * 1:37939 <-> ENABLED <-> FILE-MULTIMEDIA Adobe Flash pixel bender buffer overflow attempt (file-multimedia.rules)
 * 1:37938 <-> ENABLED <-> FILE-MULTIMEDIA Adobe Flash pixel bender buffer overflow attempt (file-multimedia.rules)
 * 1:37937 <-> ENABLED <-> FILE-MULTIMEDIA Adobe Flash pixel bender buffer overflow attempt (file-multimedia.rules)
 * 1:37936 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer malformed table tag memory corruption attempt (browser-ie.rules)
 * 1:37935 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer malformed table tag memory corruption attempt (browser-ie.rules)
 * 1:37933 <-> ENABLED <-> FILE-FLASH Adobe Flash Player atomicCompareAndSwapLength integer overflow attempt (file-flash.rules)
 * 1:37932 <-> ENABLED <-> FILE-FLASH Adobe Flash Player atomicCompareAndSwapLength integer overflow attempt (file-flash.rules)
 * 1:37931 <-> ENABLED <-> FILE-FLASH Adobe Flash Player atomicCompareAndSwapLength integer overflow attempt (file-flash.rules)
 * 1:37930 <-> ENABLED <-> FILE-FLASH Adobe Flash Player atomicCompareAndSwapLength integer overflow attempt (file-flash.rules)
 * 1:37929 <-> ENABLED <-> FILE-FLASH Adobe Flash Player atomicCompareAndSwapLength integer overflow attempt (file-flash.rules)
 * 1:37928 <-> ENABLED <-> FILE-FLASH Adobe Flash Player atomicCompareAndSwapLength integer overflow attempt (file-flash.rules)
 * 1:37927 <-> ENABLED <-> FILE-FLASH Adobe Flash Player atomicCompareAndSwapLength integer overflow attempt (file-flash.rules)
 * 1:37926 <-> ENABLED <-> FILE-FLASH Adobe Flash Player atomicCompareAndSwapLength integer overflow attempt (file-flash.rules)
 * 1:37925 <-> ENABLED <-> FILE-FLASH Adobe Flash Player atomicCompareAndSwapLength integer overflow attempt (file-flash.rules)
 * 1:37924 <-> ENABLED <-> FILE-FLASH Adobe Flash Player atomicCompareAndSwapLength integer overflow attempt (file-flash.rules)
 * 1:37923 <-> ENABLED <-> FILE-FLASH Adobe Flash Player atomicCompareAndSwapLength integer overflow attempt (file-flash.rules)
 * 1:37922 <-> ENABLED <-> FILE-FLASH Adobe Flash Player atomicCompareAndSwapLength integer overflow attempt (file-flash.rules)
 * 1:37921 <-> DISABLED <-> FILE-OFFICE Microsoft Office Publisher tyo.oty field heap overflow attempt (file-office.rules)
 * 1:37920 <-> DISABLED <-> FILE-OFFICE Microsoft Office Publisher pubconv.dll corruption attempt (file-office.rules)
 * 1:37919 <-> ENABLED <-> EXPLOIT-KIT Gong da exploit kit landing page (exploit-kit.rules)
 * 1:37918 <-> ENABLED <-> EXPLOIT-KIT Magnitude exploit kit Internet Explorer exploit attempt (exploit-kit.rules)
 * 1:37917 <-> DISABLED <-> SERVER-WEBAPP AMX backdoor username login attempt (server-webapp.rules)
 * 1:37916 <-> DISABLED <-> POLICY-OTHER SSL/TLS weak RC4 cipher suite use attempt (policy-other.rules)
 * 1:37915 <-> DISABLED <-> POLICY-OTHER SSL/TLS weak RC4 cipher suite use attempt (policy-other.rules)
 * 1:37914 <-> DISABLED <-> POLICY-OTHER SSL/TLS weak RC4 cipher suite use attempt (policy-other.rules)
 * 1:37913 <-> DISABLED <-> POLICY-OTHER SSL/TLS weak RC4 cipher suite use attempt (policy-other.rules)
 * 1:37912 <-> DISABLED <-> POLICY-OTHER SSL/TLS weak RC4 cipher suite use attempt (policy-other.rules)
 * 1:37911 <-> DISABLED <-> FILE-PDF Adobe Acrobat and Reader U3D Buffer Overflow buffer overflow attempt (file-pdf.rules)
 * 1:37910 <-> DISABLED <-> FILE-PDF Adobe Acrobat and Reader U3D Buffer Overflow buffer overflow attempt (file-pdf.rules)
 * 1:37909 <-> DISABLED <-> INDICATOR-OBFUSCATION known javascript packer detected (indicator-obfuscation.rules)
 * 1:37908 <-> DISABLED <-> INDICATOR-OBFUSCATION javascript with hex variable names (indicator-obfuscation.rules)
 * 1:37907 <-> DISABLED <-> INDICATOR-OBFUSCATION javascript unicode escape variable name attempt (indicator-obfuscation.rules)
 * 1:37906 <-> DISABLED <-> INDICATOR-OBFUSCATION javascript known obfuscation method attempt (indicator-obfuscation.rules)
 * 1:37905 <-> DISABLED <-> INDICATOR-OBFUSCATION javascript charset concatentation attempt (indicator-obfuscation.rules)
 * 1:37904 <-> DISABLED <-> INDICATOR-OBFUSCATION fromCharcode known obfuscation attempt (indicator-obfuscation.rules)
 * 1:37903 <-> DISABLED <-> INDICATOR-OBFUSCATION fromCharcode known obfuscation attempt (indicator-obfuscation.rules)
 * 1:37902 <-> DISABLED <-> BROWSER-PLUGINS Attachmate Reflection ActiveX buffer overflow function call attempt (browser-plugins.rules)
 * 1:37901 <-> DISABLED <-> BROWSER-PLUGINS Attachmate Reflection ActiveX buffer overflow function call attempt (browser-plugins.rules)
 * 1:37900 <-> DISABLED <-> BROWSER-PLUGINS Attachmate Reflection ActiveX buffer overflow clsid attempt (browser-plugins.rules)
 * 1:37899 <-> DISABLED <-> BROWSER-PLUGINS Attachmate Reflection ActiveX buffer overflow clsid attempt (browser-plugins.rules)
 * 1:37898 <-> DISABLED <-> FILE-OTHER Oracle Outside In tag parsing buffer overflow attempt (file-other.rules)
 * 1:37897 <-> DISABLED <-> FILE-OTHER Oracle Outside In tag parsing buffer overflow attempt (file-other.rules)
 * 1:37896 <-> DISABLED <-> FILE-OTHER Oracle Outside In tag parsing buffer overflow attempt (file-other.rules)
 * 1:37895 <-> DISABLED <-> FILE-OTHER Oracle Outside In tag parsing buffer overflow attempt (file-other.rules)
 * 1:37894 <-> DISABLED <-> FILE-OTHER Oracle Outside In tag parsing buffer overflow attempt (file-other.rules)
 * 1:37893 <-> DISABLED <-> FILE-OTHER Oracle Outside In tag parsing buffer overflow attempt (file-other.rules)
 * 1:37892 <-> DISABLED <-> INDICATOR-OBFUSCATION DNS tunneling attempt (indicator-obfuscation.rules)
 * 1:37891 <-> DISABLED <-> INDICATOR-OBFUSCATION DNS tunneling attempt (indicator-obfuscation.rules)
 * 1:37890 <-> DISABLED <-> SERVER-WEBAPP Netgear ProSafe NMS arbitrary JSP file upload attempt (server-webapp.rules)
 * 1:37889 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer dynamic page reloading memory corruption attempt (browser-ie.rules)
 * 1:37888 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer dynamic page reloading memory corruption attempt (browser-ie.rules)
 * 1:37887 <-> DISABLED <-> OS-WINDOWS DCERPC Plug and Play registry key access buffer overflow attempt (os-windows.rules)
 * 1:37886 <-> DISABLED <-> OS-WINDOWS DCERPC Plug and Play registry key access buffer overflow attempt (os-windows.rules)
 * 1:37885 <-> DISABLED <-> BROWSER-PLUGINS IBM Tivoli Provisioning Manager Express ActiveX clsid access attempt (browser-plugins.rules)
 * 1:37884 <-> DISABLED <-> BROWSER-PLUGINS IBM Tivoli Provisioning Manager Express ActiveX clsid access attempt (browser-plugins.rules)
 * 1:37883 <-> DISABLED <-> BROWSER-PLUGINS IBM SizerOne ActiveX clsid access attempt (browser-plugins.rules)
 * 1:37882 <-> DISABLED <-> BROWSER-PLUGINS IBM SizerOne ActiveX clsid access attempt (browser-plugins.rules)
 * 1:37881 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer DOM mergeAttributes memory corruption attempt (browser-ie.rules)
 * 1:37880 <-> DISABLED <-> POLICY-OTHER Symantec Workspace Streaming insecure java serialized data upload attempt (policy-other.rules)
 * 1:37879 <-> DISABLED <-> FILE-IMAGE Microsoft Windows GDI metafile integer overflow attempt (file-image.rules)
 * 1:37878 <-> DISABLED <-> FILE-IMAGE Microsoft Windows GDI metafile integer overflow attempt (file-image.rules)
 * 1:37877 <-> DISABLED <-> FILE-IMAGE Microsoft Windows GDI metafile integer overflow attempt (file-image.rules)
 * 1:37876 <-> DISABLED <-> FILE-IMAGE Microsoft Windows GDI metafile integer overflow attempt (file-image.rules)
 * 1:37875 <-> DISABLED <-> BROWSER-PLUGINS Novell ZENworks LaunchHelp.dll ActiveX clsid access attempt (browser-plugins.rules)
 * 1:37874 <-> DISABLED <-> BROWSER-PLUGINS Novell ZENworks LaunchHelp.dll ActiveX clsid access attempt (browser-plugins.rules)

Modified Rules:


 * 1:23812 <-> ENABLED <-> FILE-IDENTIFY JPEG2000 file attachment detected (file-identify.rules)
 * 1:23813 <-> ENABLED <-> FILE-IDENTIFY JPEG2000 file download request (file-identify.rules)
 * 1:23814 <-> ENABLED <-> FILE-IDENTIFY JPEG2000 file attachment detected (file-identify.rules)
 * 1:23815 <-> ENABLED <-> FILE-IDENTIFY JPEG2000 file attachment detected (file-identify.rules)
 * 1:23816 <-> ENABLED <-> FILE-IDENTIFY JPEG2000 file download request (file-identify.rules)
 * 1:23817 <-> ENABLED <-> FILE-IDENTIFY JPEG2000 file attachment detected (file-identify.rules)
 * 1:23818 <-> ENABLED <-> FILE-IDENTIFY JPEG2000 file attachment detected (file-identify.rules)
 * 1:23819 <-> ENABLED <-> FILE-IDENTIFY JPEG2000 file download request (file-identify.rules)
 * 1:23820 <-> ENABLED <-> FILE-IDENTIFY JPEG2000 file attachment detected (file-identify.rules)
 * 1:23821 <-> ENABLED <-> FILE-IDENTIFY JPEG2000 file attachment detected (file-identify.rules)
 * 1:23822 <-> ENABLED <-> FILE-IDENTIFY JPEG2000 file magic detected (file-identify.rules)
 * 1:23823 <-> ENABLED <-> FILE-IDENTIFY JPEG2000 file magic detected (file-identify.rules)
 * 1:23839 <-> ENABLED <-> OS-WINDOWS Microsoft Windows SMB RAP API NetServerEnum2 long server name buffer overflow attempt (os-windows.rules)
 * 1:24074 <-> ENABLED <-> FILE-IDENTIFY MP3 file download request (file-identify.rules)
 * 1:24075 <-> ENABLED <-> FILE-IDENTIFY MP3 file attachment detected (file-identify.rules)
 * 1:24076 <-> ENABLED <-> FILE-IDENTIFY MP3 file attachment detected (file-identify.rules)
 * 1:24078 <-> ENABLED <-> FILE-IDENTIFY RMF file attachment detected (file-identify.rules)
 * 1:24079 <-> ENABLED <-> FILE-IDENTIFY RMF file attachment detected (file-identify.rules)
 * 1:24080 <-> ENABLED <-> FILE-IDENTIFY Microsoft Works file attachment detected (file-identify.rules)
 * 1:24081 <-> ENABLED <-> FILE-IDENTIFY Microsoft Works file attachment detected (file-identify.rules)
 * 1:24100 <-> ENABLED <-> FILE-IDENTIFY PLF file attachment detected (file-identify.rules)
 * 1:24101 <-> ENABLED <-> FILE-IDENTIFY PLF file attachment detected (file-identify.rules)
 * 1:24172 <-> DISABLED <-> SQL use of concat function with select - likely SQL injection (sql.rules)
 * 1:2419 <-> ENABLED <-> FILE-IDENTIFY RealNetworks Realplayer .ram playlist file download request (file-identify.rules)
 * 1:24190 <-> ENABLED <-> FILE-IDENTIFY X PixMap file magic detected (file-identify.rules)
 * 1:2420 <-> ENABLED <-> FILE-IDENTIFY RealNetworks Realplayer .rmp playlist file download request (file-identify.rules)
 * 1:24206 <-> ENABLED <-> FILE-IDENTIFY LZH archive file magic detected (file-identify.rules)
 * 1:24213 <-> ENABLED <-> FILE-IDENTIFY MP4 file magic detected (file-identify.rules)
 * 1:24218 <-> ENABLED <-> FILE-IDENTIFY SMIL file magic detected (file-identify.rules)
 * 1:24219 <-> ENABLED <-> FILE-IDENTIFY SMIL file magic detected (file-identify.rules)
 * 1:2422 <-> ENABLED <-> FILE-IDENTIFY RealNetworks Realplayer .rt playlist file download request (file-identify.rules)
 * 1:2423 <-> ENABLED <-> FILE-IDENTIFY RealNetworks Realplayer .rp playlist file download request (file-identify.rules)
 * 1:24284 <-> ENABLED <-> FILE-OFFICE Microsoft Office Drawing object code execution attempt (file-office.rules)
 * 1:24313 <-> ENABLED <-> SERVER-WEBAPP HP OpenView Operations Agent request attempt (server-webapp.rules)
 * 1:2436 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Audio wmf file download request (file-identify.rules)
 * 1:24455 <-> ENABLED <-> FILE-IDENTIFY JPEG file magic detected (file-identify.rules)
 * 1:24456 <-> ENABLED <-> FILE-IDENTIFY JPEG file magic detected (file-identify.rules)
 * 1:24457 <-> ENABLED <-> FILE-IDENTIFY JPEG file magic detected (file-identify.rules)
 * 1:24458 <-> ENABLED <-> FILE-IDENTIFY JPEG file magic detected (file-identify.rules)
 * 1:24463 <-> ENABLED <-> FILE-IDENTIFY TIFF file attachment detected (file-identify.rules)
 * 1:24464 <-> ENABLED <-> FILE-IDENTIFY TIFF file attachment detected (file-identify.rules)
 * 1:24465 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Audio wmf file magic detected (file-identify.rules)
 * 1:24472 <-> ENABLED <-> FILE-IDENTIFY FLV file attachment detected (file-identify.rules)
 * 1:24473 <-> ENABLED <-> FILE-IDENTIFY FLV file attachment detected (file-identify.rules)
 * 1:24483 <-> ENABLED <-> FILE-IDENTIFY Embedded Open Type Font file magic detected (file-identify.rules)
 * 1:24484 <-> ENABLED <-> FILE-IDENTIFY Embedded Open Type Font file magic detected (file-identify.rules)
 * 1:24554 <-> ENABLED <-> FILE-IDENTIFY Apple QuickTime PICT v2.0 Image header (file-identify.rules)
 * 1:24555 <-> ENABLED <-> FILE-IDENTIFY Apple QuickTime PICT v2.0 Image header (file-identify.rules)
 * 1:24599 <-> ENABLED <-> FILE-IDENTIFY Alt-N MDaemon IMAP Server (file-identify.rules)
 * 1:24708 <-> ENABLED <-> FILE-IDENTIFY Netop Remote Control file download request (file-identify.rules)
 * 1:24709 <-> ENABLED <-> FILE-IDENTIFY Netop Remote Control file attachment detected (file-identify.rules)
 * 1:24710 <-> ENABLED <-> FILE-IDENTIFY Netop Remote Control file attachment detected (file-identify.rules)
 * 1:24719 <-> ENABLED <-> PROTOCOL-VOIP Digium Asterisk SCCP call state message offhook (protocol-voip.rules)
 * 1:24720 <-> DISABLED <-> PROTOCOL-VOIP Digium Asterisk SCCP keypad button message denial of service attempt (protocol-voip.rules)
 * 1:24816 <-> ENABLED <-> FILE-IDENTIFY MP4 file magic detected (file-identify.rules)
 * 1:24817 <-> ENABLED <-> FILE-IDENTIFY MP4 file magic detected (file-identify.rules)
 * 1:24818 <-> ENABLED <-> FILE-IDENTIFY M4V file magic detected (file-identify.rules)
 * 1:24819 <-> ENABLED <-> FILE-IDENTIFY M4V file magic detected (file-identify.rules)
 * 1:24820 <-> ENABLED <-> FILE-IDENTIFY Computer Graphics Metafile file download request (file-identify.rules)
 * 1:24821 <-> ENABLED <-> FILE-IDENTIFY Computer Graphics Metafile file attachment detected (file-identify.rules)
 * 1:24822 <-> ENABLED <-> FILE-IDENTIFY Computer Graphics Metafile file attachment detected (file-identify.rules)
 * 1:24824 <-> ENABLED <-> FILE-IDENTIFY RealPlayer skin file download request (file-identify.rules)
 * 1:24825 <-> ENABLED <-> FILE-IDENTIFY RealPlayer skin file attachment detected (file-identify.rules)
 * 1:24826 <-> ENABLED <-> FILE-IDENTIFY RealPlayer skin file attachment detected (file-identify.rules)
 * 1:24901 <-> ENABLED <-> FILE-IDENTIFY JNLP file download request (file-identify.rules)
 * 1:24902 <-> ENABLED <-> FILE-IDENTIFY JNLP file attachment detected (file-identify.rules)
 * 1:24903 <-> ENABLED <-> FILE-IDENTIFY JNLP file attachment detected (file-identify.rules)
 * 1:25032 <-> ENABLED <-> FILE-IDENTIFY Microsoft Silverlight application file download request (file-identify.rules)
 * 1:25033 <-> ENABLED <-> FILE-IDENTIFY Microsoft Silverlight application file attachment detected (file-identify.rules)
 * 1:25034 <-> ENABLED <-> FILE-IDENTIFY Microsoft Silverlight application file attachment detected (file-identify.rules)
 * 1:25064 <-> DISABLED <-> SERVER-WEBAPP PHP htmlspecialchars htmlentities function buffer overflow attempt (server-webapp.rules)
 * 1:25137 <-> ENABLED <-> EXPLOIT-KIT Styx exploit kit jar outbound connection (exploit-kit.rules)
 * 1:25305 <-> ENABLED <-> FILE-IDENTIFY Adobe Audition Session file magic detected (file-identify.rules)
 * 1:25306 <-> ENABLED <-> FILE-IDENTIFY Adobe Audition Session file download request (file-identify.rules)
 * 1:25307 <-> ENABLED <-> FILE-IDENTIFY Adobe Audition Session file attachment detected (file-identify.rules)
 * 1:25308 <-> ENABLED <-> FILE-IDENTIFY Adobe Audition Session file attachment detected (file-identify.rules)
 * 1:25513 <-> ENABLED <-> FILE-IDENTIFY Portable Executable download detected (file-identify.rules)
 * 1:25514 <-> ENABLED <-> FILE-IDENTIFY Portable Executable download detected (file-identify.rules)
 * 1:25515 <-> ENABLED <-> FILE-IDENTIFY Portable Executable binary file magic detected (file-identify.rules)
 * 1:25539 <-> ENABLED <-> EXPLOIT-KIT Red Dot java retrieval attempt (exploit-kit.rules)
 * 1:25680 <-> ENABLED <-> FILE-IDENTIFY Adobe Flash Player embedded compact font detected (file-identify.rules)
 * 1:25682 <-> ENABLED <-> FILE-IDENTIFY Adobe Flash Player embedded compact font detected (file-identify.rules)
 * 1:25764 <-> ENABLED <-> EXPLOIT-KIT Zuponcic exploit kit Oracle Java file download (exploit-kit.rules)
 * 1:25798 <-> ENABLED <-> EXPLOIT-KIT Multiple exploit kit 32-alpha jar request (exploit-kit.rules)
 * 1:25801 <-> ENABLED <-> EXPLOIT-KIT Stamp exploit kit jar file request (exploit-kit.rules)
 * 1:21884 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Publisher file attachment detected (file-identify.rules)
 * 1:21873 <-> ENABLED <-> FILE-IDENTIFY GIF file attachment detected (file-identify.rules)
 * 1:21872 <-> ENABLED <-> FILE-IDENTIFY GIF file attachment detected (file-identify.rules)
 * 1:21871 <-> ENABLED <-> FILE-IDENTIFY CNT file attachment detected (file-identify.rules)
 * 1:21870 <-> ENABLED <-> FILE-IDENTIFY CNT file attachment detected (file-identify.rules)
 * 1:21868 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Fax Cover page document file attachment detected (file-identify.rules)
 * 1:21867 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Fax Cover page document file attachment detected (file-identify.rules)
 * 1:21866 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Fax Cover page document file attachment detected (file-identify.rules)
 * 1:21865 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Fax Cover page document file attachment detected (file-identify.rules)
 * 1:21864 <-> ENABLED <-> FILE-IDENTIFY Google Chrome extension file attachment detected (file-identify.rules)
 * 1:21863 <-> ENABLED <-> FILE-IDENTIFY Google Chrome extension file attachment detected (file-identify.rules)
 * 1:21862 <-> ENABLED <-> FILE-IDENTIFY WRF file attachment detected (file-identify.rules)
 * 1:21861 <-> ENABLED <-> FILE-IDENTIFY WRF file attachment detected (file-identify.rules)
 * 1:21857 <-> ENABLED <-> FILE-IDENTIFY ZIP file attachment detected (file-identify.rules)
 * 1:21856 <-> ENABLED <-> FILE-IDENTIFY ZIP file attachment detected (file-identify.rules)
 * 1:21855 <-> ENABLED <-> FILE-IDENTIFY LNK file attachment detected (file-identify.rules)
 * 1:21854 <-> ENABLED <-> FILE-IDENTIFY LNK file attachment detected (file-identify.rules)
 * 1:21816 <-> ENABLED <-> FILE-IDENTIFY LZH file attachment detected (file-identify.rules)
 * 1:21815 <-> ENABLED <-> FILE-IDENTIFY LZH file attachment detected (file-identify.rules)
 * 1:21814 <-> ENABLED <-> FILE-IDENTIFY Apple Quicktime FLIC file magic detected (file-identify.rules)
 * 1:21813 <-> ENABLED <-> FILE-IDENTIFY Apple Quicktime FLIC animation file file attachment detected (file-identify.rules)
 * 1:21812 <-> ENABLED <-> FILE-IDENTIFY Apple Quicktime FLIC animation file file attachment detected (file-identify.rules)
 * 1:21811 <-> ENABLED <-> FILE-IDENTIFY Apple Quicktime FLIC animation file file download request (file-identify.rules)
 * 1:21810 <-> ENABLED <-> FILE-IDENTIFY Adobe Download Manager aom file magic detected (file-identify.rules)
 * 1:21809 <-> ENABLED <-> FILE-IDENTIFY Adobe Download Manager aom file attachment detected (file-identify.rules)
 * 1:21808 <-> ENABLED <-> FILE-IDENTIFY Adobe Download Manager aom file attachment detected (file-identify.rules)
 * 1:21807 <-> ENABLED <-> FILE-IDENTIFY Adobe Download Manager aom file download request (file-identify.rules)
 * 1:21751 <-> ENABLED <-> FILE-IDENTIFY HPJ file magic detected (file-identify.rules)
 * 1:21750 <-> ENABLED <-> FILE-IDENTIFY HPJ file attachment detected (file-identify.rules)
 * 1:21749 <-> ENABLED <-> FILE-IDENTIFY HPJ file attachment detected (file-identify.rules)
 * 1:21748 <-> ENABLED <-> FILE-IDENTIFY HPJ file download request (file-identify.rules)
 * 1:21747 <-> ENABLED <-> FILE-IDENTIFY RTF file attachment detected (file-identify.rules)
 * 1:21746 <-> ENABLED <-> FILE-IDENTIFY RTF file attachment detected (file-identify.rules)
 * 1:21745 <-> ENABLED <-> FILE-IDENTIFY AVI file attachment detected (file-identify.rules)
 * 1:21744 <-> ENABLED <-> FILE-IDENTIFY AVI file attachment detected (file-identify.rules)
 * 1:21743 <-> ENABLED <-> FILE-IDENTIFY Embedded Open Type Font file attachment detected (file-identify.rules)
 * 1:21742 <-> ENABLED <-> FILE-IDENTIFY Embedded Open Type Font file attachment detected (file-identify.rules)
 * 1:21741 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Media asx file attachment detected (file-identify.rules)
 * 1:21740 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Media asx file attachment detected (file-identify.rules)
 * 1:21739 <-> ENABLED <-> FILE-IDENTIFY JPG file attachment detected (file-identify.rules)
 * 1:21738 <-> ENABLED <-> FILE-IDENTIFY JPG file attachment detected (file-identify.rules)
 * 1:21737 <-> ENABLED <-> FILE-IDENTIFY JPG file attachment detected (file-identify.rules)
 * 1:21736 <-> ENABLED <-> FILE-IDENTIFY JPG file attachment detected (file-identify.rules)
 * 1:21735 <-> ENABLED <-> FILE-IDENTIFY JPG file attachment detected (file-identify.rules)
 * 1:21734 <-> ENABLED <-> FILE-IDENTIFY JPG file attachment detected (file-identify.rules)
 * 1:21733 <-> ENABLED <-> FILE-IDENTIFY JPG file attachment detected (file-identify.rules)
 * 1:21731 <-> ENABLED <-> FILE-IDENTIFY JPG file attachment detected (file-identify.rules)
 * 1:21732 <-> ENABLED <-> FILE-IDENTIFY JPG file attachment detected (file-identify.rules)
 * 1:21730 <-> ENABLED <-> FILE-IDENTIFY JPG file attachment detected (file-identify.rules)
 * 1:21729 <-> ENABLED <-> FILE-IDENTIFY JPG file attachment detected (file-identify.rules)
 * 1:21728 <-> ENABLED <-> FILE-IDENTIFY JPG file attachment detected (file-identify.rules)
 * 1:21726 <-> ENABLED <-> FILE-IDENTIFY ANI file attachment detected (file-identify.rules)
 * 1:21727 <-> ENABLED <-> FILE-IDENTIFY ANI file magic detection (file-identify.rules)
 * 1:21725 <-> ENABLED <-> FILE-IDENTIFY ANI file attachment detected (file-identify.rules)
 * 1:21724 <-> ENABLED <-> FILE-IDENTIFY ANI file download request (file-identify.rules)
 * 1:21723 <-> ENABLED <-> FILE-IDENTIFY AFM file attachment detected (file-identify.rules)
 * 1:21722 <-> ENABLED <-> FILE-IDENTIFY AFM file attachment detected (file-identify.rules)
 * 1:21721 <-> ENABLED <-> FILE-IDENTIFY AFM file download request (file-identify.rules)
 * 1:21720 <-> ENABLED <-> FILE-IDENTIFY PFM file attachment detected (file-identify.rules)
 * 1:21719 <-> ENABLED <-> FILE-IDENTIFY PFM file attachment detected (file-identify.rules)
 * 1:21718 <-> ENABLED <-> FILE-IDENTIFY PFM file download request (file-identify.rules)
 * 1:21716 <-> ENABLED <-> FILE-IDENTIFY PFB file attachment detected (file-identify.rules)
 * 1:21717 <-> ENABLED <-> FILE-IDENTIFY PFB file attachment detected (file-identify.rules)
 * 1:21715 <-> ENABLED <-> FILE-IDENTIFY PFB file download request (file-identify.rules)
 * 1:21714 <-> ENABLED <-> FILE-IDENTIFY PFA file attachment detected (file-identify.rules)
 * 1:21713 <-> ENABLED <-> FILE-IDENTIFY PFA file attachment detected (file-identify.rules)
 * 1:21712 <-> ENABLED <-> FILE-IDENTIFY PFA file magic detected (file-identify.rules)
 * 1:21711 <-> ENABLED <-> FILE-IDENTIFY PFA file download request (file-identify.rules)
 * 1:21710 <-> ENABLED <-> FILE-IDENTIFY AIFF file attachment detected (file-identify.rules)
 * 1:21709 <-> ENABLED <-> FILE-IDENTIFY AIFF file attachment detected (file-identify.rules)
 * 1:21706 <-> ENABLED <-> FILE-IDENTIFY BitTorrent torrent file attachment detected (file-identify.rules)
 * 1:21704 <-> ENABLED <-> FILE-IDENTIFY 4XM file attachment detected (file-identify.rules)
 * 1:21705 <-> ENABLED <-> FILE-IDENTIFY BitTorrent torrent file attachment detected (file-identify.rules)
 * 1:21703 <-> ENABLED <-> FILE-IDENTIFY 4XM file attachment detected (file-identify.rules)
 * 1:21702 <-> ENABLED <-> FILE-IDENTIFY FlashPix file attachment detected (file-identify.rules)
 * 1:21701 <-> ENABLED <-> FILE-IDENTIFY FlashPix file attachment detected (file-identify.rules)
 * 1:21700 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Excel xlw file attachment detected (file-identify.rules)
 * 1:21699 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Excel xlw file attachment detected (file-identify.rules)
 * 1:21698 <-> ENABLED <-> FILE-IDENTIFY SAMI file attachment detected (file-identify.rules)
 * 1:21697 <-> ENABLED <-> FILE-IDENTIFY SAMI file attachment detected (file-identify.rules)
 * 1:21696 <-> ENABLED <-> FILE-IDENTIFY SMI file attachment detected (file-identify.rules)
 * 1:21695 <-> ENABLED <-> FILE-IDENTIFY SMI file attachment detected (file-identify.rules)
 * 1:21694 <-> ENABLED <-> FILE-IDENTIFY FLAC file attachment detected (file-identify.rules)
 * 1:21693 <-> ENABLED <-> FILE-IDENTIFY FLAC file attachment detected (file-identify.rules)
 * 1:21692 <-> ENABLED <-> FILE-IDENTIFY SMIL file attachment detected (file-identify.rules)
 * 1:21691 <-> ENABLED <-> FILE-IDENTIFY SMIL file attachment detected (file-identify.rules)
 * 1:21688 <-> ENABLED <-> FILE-IDENTIFY PLS file attachment detected (file-identify.rules)
 * 1:21687 <-> ENABLED <-> FILE-IDENTIFY PLS file attachment detected (file-identify.rules)
 * 1:21652 <-> ENABLED <-> FILE-IDENTIFY QuickDraw/PICT file attachment detected (file-identify.rules)
 * 1:21651 <-> ENABLED <-> FILE-IDENTIFY QuickDraw/PICT file attachment detected (file-identify.rules)
 * 1:21650 <-> ENABLED <-> FILE-IDENTIFY QuickDraw/PICT file download request (file-identify.rules)
 * 1:21648 <-> ENABLED <-> FILE-IDENTIFY QuickDraw/PICT file attachment detected (file-identify.rules)
 * 1:21649 <-> ENABLED <-> FILE-IDENTIFY QuickDraw/PICT file attachment detected (file-identify.rules)
 * 1:21628 <-> ENABLED <-> FILE-IDENTIFY SUM file attachment detected (file-identify.rules)
 * 1:21627 <-> ENABLED <-> FILE-IDENTIFY SUM file attachment detected (file-identify.rules)
 * 1:21626 <-> ENABLED <-> FILE-IDENTIFY POR file attachment detected (file-identify.rules)
 * 1:21625 <-> ENABLED <-> FILE-IDENTIFY POR file attachment detected (file-identify.rules)
 * 1:21624 <-> ENABLED <-> FILE-IDENTIFY QUO file attachment detected (file-identify.rules)
 * 1:21623 <-> ENABLED <-> FILE-IDENTIFY QUO file attachment detected (file-identify.rules)
 * 1:21621 <-> ENABLED <-> FILE-IDENTIFY AVI file magic detected (file-identify.rules)
 * 1:21620 <-> ENABLED <-> FILE-IDENTIFY WAV file magic detected (file-identify.rules)
 * 1:21617 <-> ENABLED <-> FILE-IDENTIFY RT file attachment detected (file-identify.rules)
 * 1:21618 <-> ENABLED <-> FILE-IDENTIFY RT file attachment detected (file-identify.rules)
 * 1:21616 <-> ENABLED <-> FILE-IDENTIFY WMF file attachment detected (file-identify.rules)
 * 1:21615 <-> ENABLED <-> FILE-IDENTIFY WMF file attachment detected (file-identify.rules)
 * 1:21614 <-> ENABLED <-> FILE-IDENTIFY PNG file attachment detected (file-identify.rules)
 * 1:21612 <-> ENABLED <-> FILE-IDENTIFY RAT file attachment detected (file-identify.rules)
 * 1:21613 <-> ENABLED <-> FILE-IDENTIFY PNG file attachment detected (file-identify.rules)
 * 1:21611 <-> ENABLED <-> FILE-IDENTIFY RAT file attachment detected (file-identify.rules)
 * 1:21500 <-> ENABLED <-> FILE-IDENTIFY XML file attachment detected (file-identify.rules)
 * 1:21499 <-> ENABLED <-> FILE-IDENTIFY XML file attachment detected (file-identify.rules)
 * 1:21480 <-> ENABLED <-> FILE-IDENTIFY XML file magic detected (file-identify.rules)
 * 1:21498 <-> ENABLED <-> FILE-IDENTIFY XML file magic detected (file-identify.rules)
 * 1:21412 <-> ENABLED <-> FILE-IDENTIFY paq8o file attachment detected (file-identify.rules)
 * 1:21411 <-> ENABLED <-> FILE-IDENTIFY paq8o file attachment detected (file-identify.rules)
 * 1:21410 <-> ENABLED <-> FILE-IDENTIFY paq8o file download request (file-identify.rules)
 * 1:21287 <-> ENABLED <-> FILE-IDENTIFY XSLT file attachment detected (file-identify.rules)
 * 1:21288 <-> ENABLED <-> FILE-IDENTIFY XML download detected (file-identify.rules)
 * 1:21286 <-> ENABLED <-> FILE-IDENTIFY XSLT file attachment detected (file-identify.rules)
 * 1:21285 <-> ENABLED <-> FILE-IDENTIFY XSLT file download request (file-identify.rules)
 * 1:21284 <-> ENABLED <-> FILE-IDENTIFY XSL file attachment detected (file-identify.rules)
 * 1:21283 <-> ENABLED <-> FILE-IDENTIFY XSL file attachment detected (file-identify.rules)
 * 1:21282 <-> ENABLED <-> FILE-IDENTIFY XSL file download request (file-identify.rules)
 * 1:21174 <-> ENABLED <-> FILE-IDENTIFY RealNetworks RealPlayer realtext file download request (file-identify.rules)
 * 1:21153 <-> ENABLED <-> FILE-IDENTIFY S3M file attachment detected (file-identify.rules)
 * 1:21152 <-> ENABLED <-> FILE-IDENTIFY S3M file attachment detected (file-identify.rules)
 * 1:21111 <-> ENABLED <-> FILE-IDENTIFY MPEG video stream file attachment detected (file-identify.rules)
 * 1:21113 <-> ENABLED <-> FILE-IDENTIFY Cisco Webex Player .wrf file magic detected (file-identify.rules)
 * 1:21110 <-> ENABLED <-> FILE-IDENTIFY MPEG video stream file attachment detected (file-identify.rules)
 * 1:21109 <-> ENABLED <-> FILE-IDENTIFY MPEG video stream file download request (file-identify.rules)
 * 1:21062 <-> ENABLED <-> FILE-IDENTIFY AVI file attachment detected (file-identify.rules)
 * 1:21061 <-> ENABLED <-> FILE-IDENTIFY AVI file attachment detected (file-identify.rules)
 * 1:21059 <-> ENABLED <-> FILE-IDENTIFY AVI Video file magic detected (file-identify.rules)
 * 1:21036 <-> ENABLED <-> FILE-IDENTIFY PDF file attachment detected (file-identify.rules)
 * 1:21035 <-> ENABLED <-> FILE-IDENTIFY PDF file attachment detected (file-identify.rules)
 * 1:20992 <-> ENABLED <-> FILE-IDENTIFY SAMI file magic detected (file-identify.rules)
 * 1:20991 <-> ENABLED <-> FILE-IDENTIFY TTF file magic detected (file-identify.rules)
 * 1:20987 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Word docx file attachment detected (file-identify.rules)
 * 1:20986 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Word docx file attachment detected (file-identify.rules)
 * 1:20983 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office PowerPoint file attachment detected (file-identify.rules)
 * 1:20982 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office PowerPoint file attachment detected (file-identify.rules)
 * 1:20981 <-> ENABLED <-> FILE-IDENTIFY OTF file attachment detected (file-identify.rules)
 * 1:20980 <-> ENABLED <-> FILE-IDENTIFY OTF file attachment detected (file-identify.rules)
 * 1:20979 <-> ENABLED <-> FILE-IDENTIFY TTE file attachment detected (file-identify.rules)
 * 1:20978 <-> ENABLED <-> FILE-IDENTIFY TTE file attachment detected (file-identify.rules)
 * 1:20977 <-> ENABLED <-> FILE-IDENTIFY SKM file download request (file-identify.rules)
 * 1:20976 <-> ENABLED <-> FILE-IDENTIFY K3G file download request (file-identify.rules)
 * 1:20975 <-> ENABLED <-> FILE-IDENTIFY 3G2 file download request (file-identify.rules)
 * 1:20974 <-> ENABLED <-> FILE-IDENTIFY 3GP file download request (file-identify.rules)
 * 1:20973 <-> ENABLED <-> FILE-IDENTIFY M4B file download request (file-identify.rules)
 * 1:20972 <-> ENABLED <-> FILE-IDENTIFY M4V file magic request (file-identify.rules)
 * 1:20970 <-> ENABLED <-> FILE-IDENTIFY M4P file download request (file-identify.rules)
 * 1:20971 <-> ENABLED <-> FILE-IDENTIFY M4R file download request (file-identify.rules)
 * 1:20969 <-> ENABLED <-> FILE-IDENTIFY M4A file download request (file-identify.rules)
 * 1:20968 <-> ENABLED <-> FILE-IDENTIFY Apple disk image file download request (file-identify.rules)
 * 1:20967 <-> ENABLED <-> FILE-IDENTIFY JPEG file download request (file-identify.rules)
 * 1:20965 <-> ENABLED <-> FILE-IDENTIFY JPEG file download request (file-identify.rules)
 * 1:20966 <-> ENABLED <-> FILE-IDENTIFY JPEG file download request (file-identify.rules)
 * 1:20964 <-> ENABLED <-> FILE-IDENTIFY SAMI file download request (file-identify.rules)
 * 1:20963 <-> ENABLED <-> FILE-IDENTIFY DIB file download request (file-identify.rules)
 * 1:20962 <-> ENABLED <-> FILE-IDENTIFY OTF file download request (file-identify.rules)
 * 1:20960 <-> ENABLED <-> FILE-IDENTIFY Flac file download request (file-identify.rules)
 * 1:20961 <-> ENABLED <-> FILE-IDENTIFY TTE file download request (file-identify.rules)
 * 1:20959 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:20958 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:20957 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:20956 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:20955 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:20954 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:20953 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:20952 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:20951 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:20950 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:20948 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file attachment detected (file-identify.rules)
 * 1:20947 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file attachment detected (file-identify.rules)
 * 1:20946 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file attachment detected (file-identify.rules)
 * 1:20945 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file attachment detected (file-identify.rules)
 * 1:20944 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file attachment detected (file-identify.rules)
 * 1:20943 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file attachment detected (file-identify.rules)
 * 1:20942 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file attachment detected (file-identify.rules)
 * 1:20941 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file attachment detected (file-identify.rules)
 * 1:20940 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file download request (file-identify.rules)
 * 1:20939 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file download request (file-identify.rules)
 * 1:20938 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file download request (file-identify.rules)
 * 1:20937 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file download request (file-identify.rules)
 * 1:20936 <-> ENABLED <-> FILE-IDENTIFY QCP file attachment detected (file-identify.rules)
 * 1:20935 <-> ENABLED <-> FILE-IDENTIFY QCP file attachment detected (file-identify.rules)
 * 1:20934 <-> ENABLED <-> FILE-IDENTIFY MKA file attachment detected (file-identify.rules)
 * 1:20933 <-> ENABLED <-> FILE-IDENTIFY MKA file attachment detected (file-identify.rules)
 * 1:20932 <-> ENABLED <-> FILE-IDENTIFY MKS file attachment detected (file-identify.rules)
 * 1:20931 <-> ENABLED <-> FILE-IDENTIFY MKS file attachment detected (file-identify.rules)
 * 1:20929 <-> ENABLED <-> FILE-IDENTIFY MKV file attachment detected (file-identify.rules)
 * 1:20930 <-> ENABLED <-> FILE-IDENTIFY MKV file attachment detected (file-identify.rules)
 * 1:20928 <-> ENABLED <-> FILE-IDENTIFY SMIL file magic detected (file-identify.rules)
 * 1:20926 <-> ENABLED <-> FILE-IDENTIFY Adobe Pagemaker file attachment detected (file-identify.rules)
 * 1:20925 <-> ENABLED <-> FILE-IDENTIFY Adobe Pagemaker file attachment detected (file-identify.rules)
 * 1:20924 <-> ENABLED <-> FILE-IDENTIFY PLS file magic detected (file-identify.rules)
 * 1:20914 <-> ENABLED <-> FILE-IDENTIFY XML Shareable Playlist Format file attachment detected (file-identify.rules)
 * 1:20913 <-> ENABLED <-> FILE-IDENTIFY XML Shareable Playlist Format file attachment detected (file-identify.rules)
 * 1:20910 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Media ASF file attachment detected (file-identify.rules)
 * 1:20909 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Media ASF file attachment detected (file-identify.rules)
 * 1:20907 <-> ENABLED <-> FILE-IDENTIFY DXF file attachment detected (file-identify.rules)
 * 1:20908 <-> ENABLED <-> FILE-IDENTIFY DXF file attachment detected (file-identify.rules)
 * 1:20906 <-> ENABLED <-> FILE-IDENTIFY X PixMap file attachment detected (file-identify.rules)
 * 1:20905 <-> ENABLED <-> FILE-IDENTIFY X PixMap file attachment detected (file-identify.rules)
 * 1:16691 <-> ENABLED <-> FILE-IDENTIFY PLF playlist file download request (file-identify.rules)
 * 1:16594 <-> ENABLED <-> PROTOCOL-POP STAT command (protocol-pop.rules)
 * 1:20899 <-> ENABLED <-> FILE-IDENTIFY MIDI file attachment detected (file-identify.rules)
 * 1:20898 <-> ENABLED <-> FILE-IDENTIFY MIDI file attachment detected (file-identify.rules)
 * 1:20897 <-> ENABLED <-> FILE-IDENTIFY MIDI file magic detected (file-identify.rules)
 * 1:20874 <-> ENABLED <-> SERVER-OTHER IBM Tivoli Storage Manager Express Backup initialization packet (server-other.rules)
 * 1:20855 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Visio file attachment detected (file-identify.rules)
 * 1:20854 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Visio file attachment detected (file-identify.rules)
 * 1:20840 <-> ENABLED <-> FILE-IDENTIFY eSignal .por file download request (file-identify.rules)
 * 1:20841 <-> ENABLED <-> FILE-IDENTIFY eSignal .sum file download request (file-identify.rules)
 * 1:20839 <-> ENABLED <-> FILE-IDENTIFY eSignal .quo file download request (file-identify.rules)
 * 1:20835 <-> DISABLED <-> BROWSER-PLUGINS Novell ZENworks LaunchHelp.dll ActiveX clsid access attempt (browser-plugins.rules)
 * 1:20834 <-> DISABLED <-> BROWSER-PLUGINS Novell ZENworks LaunchHelp.dll ActiveX clsid access attempt (browser-plugins.rules)
 * 1:20801 <-> ENABLED <-> FILE-IDENTIFY MIME file type file attachment detected (file-identify.rules)
 * 1:20800 <-> ENABLED <-> FILE-IDENTIFY MIME file type file attachment detected (file-identify.rules)
 * 1:20799 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file attachment detected (file-identify.rules)
 * 1:20798 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file attachment detected (file-identify.rules)
 * 1:20796 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Word file attachment detected (file-identify.rules)
 * 1:20793 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Excel file attachment detected (file-identify.rules)
 * 1:20795 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Word file attachment detected (file-identify.rules)
 * 1:20792 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Excel file attachment detected (file-identify.rules)
 * 1:20733 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Media Player DVR file download request (file-identify.rules)
 * 1:20723 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Word docx file download request (file-identify.rules)
 * 1:20621 <-> ENABLED <-> FILE-IDENTIFY JAR file download request (file-identify.rules)
 * 1:20634 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer onscroll DOS attempt (browser-ie.rules)
 * 1:20554 <-> ENABLED <-> PUA-OTHER Microsoft MSN Messenger and Windows Live Messenger Code Execution attempt (pua-other.rules)
 * 1:20544 <-> ENABLED <-> FILE-IDENTIFY Adobe Flash Player FLV file download request (file-identify.rules)
 * 1:20522 <-> ENABLED <-> FILE-IDENTIFY VideoLAN VLC file magic detected (file-identify.rules)
 * 1:20518 <-> ENABLED <-> FILE-IDENTIFY rmf file download request (file-identify.rules)
 * 1:20521 <-> ENABLED <-> FILE-IDENTIFY Flac file magic detected (file-identify.rules)
 * 1:20514 <-> ENABLED <-> FILE-IDENTIFY dmg file magic detected (file-identify.rules)
 * 1:20507 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file magic detected (file-identify.rules)
 * 1:20503 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:20502 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:20501 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:20500 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:20497 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file magic detected (file-identify.rules)
 * 1:20496 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file magic detected (file-identify.rules)
 * 1:20494 <-> ENABLED <-> FILE-IDENTIFY PDF file magic detected (file-identify.rules)
 * 1:20495 <-> ENABLED <-> FILE-IDENTIFY compressed Adobe Shockwave Flash file magic detected (file-identify.rules)
 * 1:20493 <-> ENABLED <-> FILE-IDENTIFY jarpack file magic detected (file-identify.rules)
 * 1:20492 <-> ENABLED <-> FILE-IDENTIFY Universal Binary/Java Bytecode file magic detected (file-identify.rules)
 * 1:20486 <-> ENABLED <-> FILE-IDENTIFY RTF file magic detected (file-identify.rules)
 * 1:20483 <-> ENABLED <-> FILE-IDENTIFY JPEG file magic detected (file-identify.rules)
 * 1:20481 <-> ENABLED <-> FILE-IDENTIFY MP3 file magic detected (file-identify.rules)
 * 1:20480 <-> ENABLED <-> FILE-IDENTIFY JPEG file magic detection (file-identify.rules)
 * 1:20478 <-> ENABLED <-> FILE-IDENTIFY PNG file magic detected (file-identify.rules)
 * 1:20472 <-> ENABLED <-> FILE-IDENTIFY RAR file magic detected (file-identify.rules)
 * 1:20469 <-> ENABLED <-> FILE-IDENTIFY JAR/ZIP file magic detected (file-identify.rules)
 * 1:20471 <-> ENABLED <-> FILE-IDENTIFY RIFX file magic detected (file-identify.rules)
 * 1:20468 <-> ENABLED <-> FILE-IDENTIFY JAR/ZIP file magic detected (file-identify.rules)
 * 1:20467 <-> ENABLED <-> FILE-IDENTIFY JAR/ZIP file magic detected (file-identify.rules)
 * 1:20466 <-> ENABLED <-> FILE-IDENTIFY JAR/ZIP file magic detected (file-identify.rules)
 * 1:20465 <-> ENABLED <-> FILE-IDENTIFY JAR/ZIP file magic detected (file-identify.rules)
 * 1:20464 <-> ENABLED <-> FILE-IDENTIFY JAR/ZIP file magic detected (file-identify.rules)
 * 1:20463 <-> ENABLED <-> FILE-IDENTIFY JAR/ZIP file magic detected (file-identify.rules)
 * 1:20460 <-> ENABLED <-> FILE-IDENTIFY MP3 file magic detected (file-identify.rules)
 * 1:20459 <-> ENABLED <-> FILE-IDENTIFY GIF file magic detected (file-identify.rules)
 * 1:20451 <-> ENABLED <-> FILE-IDENTIFY MPEG sys stream file magic detected (file-identify.rules)
 * 1:20456 <-> ENABLED <-> FILE-IDENTIFY RealNetworks Real Media file magic detected (file-identify.rules)
 * 1:20450 <-> ENABLED <-> FILE-IDENTIFY MPEG video stream file magic detected (file-identify.rules)
 * 1:20429 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader U3D CLODMeshDeceleration code execution attempt (file-pdf.rules)
 * 1:20287 <-> ENABLED <-> FILE-IDENTIFY QCP file download request (file-identify.rules)
 * 1:20262 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer onscroll DOS attempt (browser-ie.rules)
 * 1:20282 <-> ENABLED <-> FILE-IDENTIFY S3M file download request (file-identify.rules)
 * 1:20260 <-> ENABLED <-> FILE-IDENTIFY Microsoft Client Agent Helper JAR file download request (file-identify.rules)
 * 1:20223 <-> ENABLED <-> FILE-IDENTIFY SMI file download request (file-identify.rules)
 * 1:20032 <-> ENABLED <-> FILE-IDENTIFY MIME file type file download request (file-identify.rules)
 * 1:19907 <-> ENABLED <-> FILE-IDENTIFY PICT file magic detected (file-identify.rules)
 * 1:19560 <-> DISABLED <-> FILE-MULTIMEDIA Apple iTunes PLS file parsing buffer overflow attempt (file-multimedia.rules)
 * 1:19430 <-> ENABLED <-> FILE-IDENTIFY MIDI file download request (file-identify.rules)
 * 1:19425 <-> ENABLED <-> FILE-IDENTIFY MKS file download request (file-identify.rules)
 * 1:19424 <-> ENABLED <-> FILE-IDENTIFY MKA file download request (file-identify.rules)
 * 1:19422 <-> ENABLED <-> FILE-IDENTIFY matroska file magic detected (file-identify.rules)
 * 1:19423 <-> ENABLED <-> FILE-IDENTIFY MKV file download request (file-identify.rules)
 * 1:19289 <-> ENABLED <-> FILE-IDENTIFY MHTML file download request (file-identify.rules)
 * 1:19224 <-> ENABLED <-> FILE-IDENTIFY Cisco Webex wrf file download request (file-identify.rules)
 * 1:17230 <-> ENABLED <-> FILE-IDENTIFY Tiff big endian file magic detected (file-identify.rules)
 * 1:19218 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Fax Cover page document file download request (file-identify.rules)
 * 1:19215 <-> ENABLED <-> FILE-IDENTIFY Google Chrome extension file download request (file-identify.rules)
 * 1:19211 <-> ENABLED <-> FILE-IDENTIFY ZIP archive file download request (file-identify.rules)
 * 1:19190 <-> ENABLED <-> NETBIOS SMB-DS Trans2 Distributed File System GET_DFS_REFERRAL request (netbios.rules)
 * 1:19166 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Excel file magic detected (file-identify.rules)
 * 1:19150 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer malformed table tag memory corruption attempt (browser-ie.rules)
 * 1:19149 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer malformed table tag memory corruption attempt (browser-ie.rules)
 * 1:19129 <-> ENABLED <-> FILE-IDENTIFY RealNetworks Realplayer .r1m file magic detected (file-identify.rules)
 * 1:19128 <-> ENABLED <-> FILE-IDENTIFY RealNetworks Realplayer REC file magic detected (file-identify.rules)
 * 1:18675 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Fax Cover page document file download request (file-identify.rules)
 * 1:18593 <-> ENABLED <-> FILE-IDENTIFY BitTorrent torrent file download request (file-identify.rules)
 * 1:18516 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Word file download request (file-identify.rules)
 * 1:18239 <-> DISABLED <-> INDICATOR-OBFUSCATION known malicious JavaScript decryption routine (indicator-obfuscation.rules)
 * 1:18234 <-> ENABLED <-> FILE-IDENTIFY QuickDraw/PICT file download request (file-identify.rules)
 * 1:17809 <-> ENABLED <-> FILE-IDENTIFY Apple Quicktime qt file download request (file-identify.rules)
 * 1:17802 <-> ENABLED <-> FILE-IDENTIFY Adobe Director Movie file download request (file-identify.rules)
 * 1:17801 <-> ENABLED <-> FILE-IDENTIFY Adobe Director Movie file magic detected (file-identify.rules)
 * 1:17751 <-> ENABLED <-> FILE-IDENTIFY OpenType Font file download request (file-identify.rules)
 * 1:17745 <-> ENABLED <-> NETBIOS SMB TRANS2 Find_First2 request attempt (netbios.rules)
 * 1:17739 <-> ENABLED <-> FILE-IDENTIFY FlashPix file download request (file-identify.rules)
 * 1:17733 <-> ENABLED <-> FILE-IDENTIFY XML file download request (file-identify.rules)
 * 1:17732 <-> ENABLED <-> FILE-IDENTIFY TIFF file download request (file-identify.rules)
 * 1:17679 <-> ENABLED <-> FILE-IDENTIFY Apple disk image file download request (file-identify.rules)
 * 1:17600 <-> ENABLED <-> FILE-IDENTIFY XUL file download request (file-identify.rules)
 * 1:17598 <-> ENABLED <-> SERVER-OTHER IBM DB2 Universal Database accsec command without rdbnam (server-other.rules)
 * 1:17575 <-> DISABLED <-> BROWSER-PLUGINS IBM SizerOne ActiveX clsid access attempt (browser-plugins.rules)
 * 1:17552 <-> ENABLED <-> FILE-IDENTIFY Adobe Pagemaker file download request (file-identify.rules)
 * 1:17547 <-> ENABLED <-> FILE-IDENTIFY SMIL file download request (file-identify.rules)
 * 1:17540 <-> ENABLED <-> FILE-IDENTIFY LZH file download request (file-identify.rules)
 * 1:17534 <-> ENABLED <-> SERVER-OTHER IPP Application Content (server-other.rules)
 * 1:17509 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows .NET Manifest file download request (file-identify.rules)
 * 1:17494 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer long URL buffer overflow attempt (browser-ie.rules)
 * 1:17441 <-> ENABLED <-> FILE-IDENTIFY LNK file download request (file-identify.rules)
 * 1:17426 <-> ENABLED <-> FILE-IDENTIFY RAT file download request (file-identify.rules)
 * 1:17418 <-> ENABLED <-> SERVER-ORACLE Oracle connection established (server-oracle.rules)
 * 1:17396 <-> ENABLED <-> SERVER-OTHER VNC client authentication response (server-other.rules)
 * 1:17394 <-> ENABLED <-> FILE-IDENTIFY GIF file download request (file-identify.rules)
 * 1:17380 <-> ENABLED <-> FILE-IDENTIFY PNG file download request (file-identify.rules)
 * 1:17370 <-> ENABLED <-> SERVER-WEBAPP Squid authentication headers handling denial of service attempt (server-webapp.rules)
 * 1:17364 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Help Workshop CNT Help file download request (file-identify.rules)
 * 1:17359 <-> ENABLED <-> FILE-IDENTIFY XBM image file download request (file-identify.rules)
 * 1:17332 <-> ENABLED <-> SERVER-MAIL Content-Disposition attachment (server-mail.rules)
 * 1:17327 <-> ENABLED <-> SERVER-MAIL Qualcomm WorldMail Server Response (server-mail.rules)
 * 1:17314 <-> ENABLED <-> FILE-IDENTIFY OLE document file magic detected (file-identify.rules)
 * 1:17259 <-> ENABLED <-> FILE-IDENTIFY MOV file download request (file-identify.rules)
 * 1:17241 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Media wmv file download request (file-identify.rules)
 * 1:17229 <-> ENABLED <-> FILE-IDENTIFY Tiff little endian file magic detected (file-identify.rules)
 * 1:17151 <-> ENABLED <-> NETBIOS SMB negotiate protocol request - ascii strings (netbios.rules)
 * 1:17130 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer boundElements arbitrary code execution attempt (browser-ie.rules)
 * 1:17116 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Media ASX file download request (file-identify.rules)
 * 1:16761 <-> ENABLED <-> NETBIOS SMB /PlughNTCommand unicode create tree attempt (netbios.rules)
 * 1:16760 <-> ENABLED <-> NETBIOS SMB /PlughNTCommand unicode andx create tree attempt (netbios.rules)
 * 1:16759 <-> ENABLED <-> NETBIOS SMB /PlughNTCommand create tree attempt (netbios.rules)
 * 1:16758 <-> ENABLED <-> NETBIOS SMB /PlughNTCommand andx create tree attempt (netbios.rules)
 * 1:16757 <-> ENABLED <-> NETBIOS SMB /PlughNTCommand unicode create tree attempt (netbios.rules)
 * 1:16756 <-> ENABLED <-> NETBIOS SMB /PlughNTCommand unicode andx create tree attempt (netbios.rules)
 * 1:16755 <-> ENABLED <-> NETBIOS SMB /PlughNTCommand create tree attempt (netbios.rules)
 * 1:16754 <-> ENABLED <-> NETBIOS SMB /PlughNTCommand andx create tree attempt (netbios.rules)
 * 1:16534 <-> DISABLED <-> SERVER-OTHER Windows Server2000/2003/2008 SMTP service DNS MX lookup denial of service attempt  (server-other.rules)
 * 1:16529 <-> ENABLED <-> FILE-IDENTIFY JPEG file download request (file-identify.rules)
 * 1:16523 <-> DISABLED <-> FILE-PDF PDF with click-to-launch executable (file-pdf.rules)
 * 1:16474 <-> ENABLED <-> FILE-IDENTIFY Microsoft Compound File Binary v3 file magic detected (file-identify.rules)
 * 1:16473 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Movie Maker project file download request (file-identify.rules)
 * 1:16425 <-> ENABLED <-> FILE-IDENTIFY Portable Executable binary file download request (file-identify.rules)
 * 1:16407 <-> ENABLED <-> FILE-IDENTIFY JPEG file download request (file-identify.rules)
 * 1:16406 <-> ENABLED <-> FILE-IDENTIFY JPEG file download request (file-identify.rules)
 * 1:16381 <-> ENABLED <-> NETBIOS SMB session negotiation request (netbios.rules)
 * 1:16377 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer DOM mergeAttributes memory corruption attempt (browser-ie.rules)
 * 1:16373 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader U3D CLODMeshContinuation code execution attempt (file-pdf.rules)
 * 1:16369 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer deleted object access memory corruption attempt (browser-ie.rules)
 * 1:16367 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer invalid object access memory corruption attempt (browser-ie.rules)
 * 1:16286 <-> ENABLED <-> FILE-IDENTIFY TrueType font file download request (file-identify.rules)
 * 1:16219 <-> ENABLED <-> FILE-IDENTIFY Adobe Director Movie file download request (file-identify.rules)
 * 1:16205 <-> ENABLED <-> FILE-IDENTIFY BMP file download request (file-identify.rules)
 * 1:16143 <-> ENABLED <-> FILE-IDENTIFY Microsoft asf file magic detected (file-identify.rules)
 * 1:16061 <-> ENABLED <-> FILE-IDENTIFY X PixMap file download request (file-identify.rules)
 * 1:15987 <-> ENABLED <-> FILE-IDENTIFY DXF file download request (file-identify.rules)
 * 1:15945 <-> ENABLED <-> FILE-IDENTIFY RSS file download request (file-identify.rules)
 * 1:15922 <-> ENABLED <-> FILE-IDENTIFY MP3 file download request (file-identify.rules)
 * 1:15900 <-> ENABLED <-> FILE-IDENTIFY Audio Interchange file download request (file-identify.rules)
 * 1:15870 <-> ENABLED <-> FILE-IDENTIFY 4XM file download request (file-identify.rules)
 * 1:15865 <-> ENABLED <-> FILE-IDENTIFY MP4 file download request (file-identify.rules)
 * 1:15587 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Word file download request (file-identify.rules)
 * 1:15586 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office PowerPoint file download request (file-identify.rules)
 * 1:15518 <-> ENABLED <-> FILE-IDENTIFY Embedded Open Type Font file download request (file-identify.rules)
 * 1:15516 <-> ENABLED <-> FILE-IDENTIFY AVI multimedia file download request (file-identify.rules)
 * 1:15483 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file download request (file-identify.rules)
 * 1:15468 <-> ENABLED <-> BROWSER-IE Apple Safari-Internet Explorer SearchPath blended threat dll request (browser-ie.rules)
 * 1:15464 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Excel file download request (file-identify.rules)
 * 1:15463 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Excel file download request (file-identify.rules)
 * 1:15427 <-> ENABLED <-> FILE-IDENTIFY SVG file download request (file-identify.rules)
 * 1:15294 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Visio file download request (file-identify.rules)
 * 1:15240 <-> ENABLED <-> FILE-IDENTIFY RealNetworks RealMedia format file download request (file-identify.rules)
 * 1:15239 <-> ENABLED <-> FILE-IDENTIFY RealNetworks RealMedia format file download request (file-identify.rules)
 * 1:15237 <-> ENABLED <-> FILE-IDENTIFY Java .class file download request (file-identify.rules)
 * 1:15158 <-> ENABLED <-> FILE-IDENTIFY XML Shareable Playlist Format file download request (file-identify.rules)
 * 1:15079 <-> ENABLED <-> FILE-IDENTIFY WAV file download request (file-identify.rules)
 * 1:15013 <-> ENABLED <-> FILE-IDENTIFY PDF file download request (file-identify.rules)
 * 1:14038 <-> DISABLED <-> BROWSER-PLUGINS Novell iPrint ActiveX function call access (browser-plugins.rules)
 * 1:14037 <-> DISABLED <-> BROWSER-PLUGINS Novell iPrint ActiveX clsid access (browser-plugins.rules)
 * 1:14018 <-> ENABLED <-> FILE-IDENTIFY PLS multimedia playlist file download request (file-identify.rules)
 * 1:14017 <-> ENABLED <-> FILE-IDENTIFY MPEG Layer 3 playlist file download request (file-identify.rules)
 * 1:13928 <-> DISABLED <-> SERVER-WEBAPP Adobe RoboHelp r0 SQL injection attempt (server-webapp.rules)
 * 1:13801 <-> ENABLED <-> FILE-IDENTIFY RTF file download request (file-identify.rules)
 * 1:13585 <-> ENABLED <-> FILE-IDENTIFY Microsoft SYmbolic LinK file magic detected (file-identify.rules)
 * 1:13583 <-> ENABLED <-> FILE-IDENTIFY Microsoft SYmbolic LinK file download request (file-identify.rules)
 * 1:13525 <-> DISABLED <-> BROWSER-PLUGINS Novell iPrint ActiveX function call access (browser-plugins.rules)
 * 1:13515 <-> ENABLED <-> FILE-MULTIMEDIA Apple QuickTime user agent (file-multimedia.rules)
 * 1:13473 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Publisher file download request (file-identify.rules)
 * 1:13465 <-> ENABLED <-> FILE-IDENTIFY Microsoft Works file download request (file-identify.rules)
 * 1:12972 <-> ENABLED <-> FILE-IDENTIFY Microsoft Media Player asf/wmv/wma file magic detected (file-identify.rules)
 * 1:12455 <-> ENABLED <-> FILE-IDENTIFY SAP Crystal Reports file download request (file-identify.rules)
 * 1:12454 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Media ASF file magic detected (file-identify.rules)
 * 1:12283 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Excel xlw file magic detected (file-identify.rules)
 * 1:12182 <-> ENABLED <-> FILE-IDENTIFY Adobe Flash Video file magic detected (file-identify.rules)
 * 1:11835 <-> ENABLED <-> FILE-IDENTIFY Visio file magic detected (file-identify.rules)
 * 1:21885 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Publisher file attachment detected (file-identify.rules)
 * 1:21886 <-> ENABLED <-> FILE-IDENTIFY OpenType Font file attachment detected (file-identify.rules)
 * 1:21887 <-> ENABLED <-> FILE-IDENTIFY OpenType Font file attachment detected (file-identify.rules)
 * 1:21888 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Movie Maker file attachment detected (file-identify.rules)
 * 1:21889 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Movie Maker file attachment detected (file-identify.rules)
 * 1:21890 <-> ENABLED <-> FILE-IDENTIFY Adobe Director Movie file attachment detected (file-identify.rules)
 * 1:21891 <-> ENABLED <-> FILE-IDENTIFY Adobe Director Movie file attachment detected (file-identify.rules)
 * 1:21892 <-> ENABLED <-> FILE-IDENTIFY Adobe Director Movie file attachment detected (file-identify.rules)
 * 1:21893 <-> ENABLED <-> FILE-IDENTIFY Adobe Director Movie file attachment detected (file-identify.rules)
 * 1:21894 <-> ENABLED <-> FILE-IDENTIFY SVG file attachment detected (file-identify.rules)
 * 1:21895 <-> ENABLED <-> FILE-IDENTIFY SVG file attachment detected (file-identify.rules)
 * 1:21908 <-> ENABLED <-> FILE-IDENTIFY Portable Executable file attachment detected (file-identify.rules)
 * 1:21909 <-> ENABLED <-> FILE-IDENTIFY Portable Executable file attachment detected (file-identify.rules)
 * 1:21915 <-> ENABLED <-> SERVER-OTHER Novell Groupwise HTTP login request (server-other.rules)
 * 1:21916 <-> ENABLED <-> SERVER-OTHER Novell Groupwise HTTP login request (server-other.rules)
 * 1:21918 <-> DISABLED <-> BROWSER-PLUGINS IBM Tivoli Provisioning Manager Express ActiveX clsid access attempt (browser-plugins.rules)
 * 1:21919 <-> DISABLED <-> BROWSER-PLUGINS IBM Tivoli Provisioning Manager Express ActiveX clsid access attempt (browser-plugins.rules)
 * 1:21999 <-> ENABLED <-> FILE-IDENTIFY OpenType Font file magic detection (file-identify.rules)
 * 1:22943 <-> ENABLED <-> FILE-IDENTIFY NAB file download request (file-identify.rules)
 * 1:22944 <-> ENABLED <-> FILE-IDENTIFY NAB file attachment detected (file-identify.rules)
 * 1:22945 <-> ENABLED <-> FILE-IDENTIFY NAB file attachment detected (file-identify.rules)
 * 1:22946 <-> ENABLED <-> FILE-IDENTIFY NAB file magic detected (file-identify.rules)
 * 1:22961 <-> ENABLED <-> FILE-IDENTIFY RealNetworks RealPlayer RAM file attachment detected (file-identify.rules)
 * 1:22962 <-> ENABLED <-> FILE-IDENTIFY RealNetworks RealPlayer RAM file attachment detected (file-identify.rules)
 * 1:22965 <-> ENABLED <-> FILE-IDENTIFY RealNetworks RealPlayer RT file attachment detected (file-identify.rules)
 * 1:22966 <-> ENABLED <-> FILE-IDENTIFY RealNetworks RealPlayer RT file attachment detected (file-identify.rules)
 * 1:22971 <-> ENABLED <-> FILE-IDENTIFY MPEG Layer 3 playlist file attachment detected (file-identify.rules)
 * 1:22972 <-> ENABLED <-> FILE-IDENTIFY m3u playlist file file attachment detected (file-identify.rules)
 * 1:22979 <-> ENABLED <-> FILE-IDENTIFY M4V file attachment detected (file-identify.rules)
 * 1:22980 <-> ENABLED <-> FILE-IDENTIFY M4V file attachment detected (file-identify.rules)
 * 1:22993 <-> ENABLED <-> FILE-IDENTIFY MP4 file attachment detected (file-identify.rules)
 * 1:22994 <-> ENABLED <-> FILE-IDENTIFY MP4 file attachment detected (file-identify.rules)
 * 1:22995 <-> ENABLED <-> FILE-IDENTIFY Apple QuickTime Movie file attachment detected (file-identify.rules)
 * 1:22996 <-> ENABLED <-> FILE-IDENTIFY Apple QuickTime Movie file attachment detected (file-identify.rules)
 * 1:22997 <-> ENABLED <-> FILE-IDENTIFY MHTML file attachment detected (file-identify.rules)
 * 1:22998 <-> ENABLED <-> FILE-IDENTIFY MHTML file attachment detected (file-identify.rules)
 * 1:22999 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Audio wmf file magic detected (file-identify.rules)
 * 1:23000 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Media Player DVR file attachment detected (file-identify.rules)
 * 1:23001 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Media Player DVR file attachment detected (file-identify.rules)
 * 1:23011 <-> ENABLED <-> FILE-IDENTIFY Collada file download request (file-identify.rules)
 * 1:23012 <-> ENABLED <-> FILE-IDENTIFY Collada file attachment detected (file-identify.rules)
 * 1:23013 <-> ENABLED <-> FILE-IDENTIFY Collada file attachment detected (file-identify.rules)
 * 1:23167 <-> ENABLED <-> FILE-IDENTIFY MPG video stream file download request (file-identify.rules)
 * 1:23168 <-> ENABLED <-> FILE-IDENTIFY MPG video stream file attachment detected (file-identify.rules)
 * 1:23169 <-> ENABLED <-> FILE-IDENTIFY MPG video stream file attachment detected (file-identify.rules)
 * 1:23190 <-> ENABLED <-> FILE-IDENTIFY Windows Media Metafile file download request (file-identify.rules)
 * 1:23191 <-> ENABLED <-> FILE-IDENTIFY Windows Media Metafile file attachment detected (file-identify.rules)
 * 1:23192 <-> ENABLED <-> FILE-IDENTIFY Windows Media Metafile file attachment detected (file-identify.rules)
 * 1:23193 <-> ENABLED <-> FILE-IDENTIFY Windows Media Metafile file download request (file-identify.rules)
 * 1:23194 <-> ENABLED <-> FILE-IDENTIFY Windows Media Metafile file attachment detected (file-identify.rules)
 * 1:23195 <-> ENABLED <-> FILE-IDENTIFY Windows Media Metafile file attachment detected (file-identify.rules)
 * 1:23196 <-> ENABLED <-> FILE-IDENTIFY Windows Media Metafile file download request (file-identify.rules)
 * 1:23197 <-> ENABLED <-> FILE-IDENTIFY Windows Media Metafile file attachment detected (file-identify.rules)
 * 1:23198 <-> ENABLED <-> FILE-IDENTIFY Windows Media Metafile file attachment detected (file-identify.rules)
 * 1:23199 <-> ENABLED <-> FILE-IDENTIFY Windows Media Metafile file download request (file-identify.rules)
 * 1:23200 <-> ENABLED <-> FILE-IDENTIFY Windows Media Metafile file attachment detected (file-identify.rules)
 * 1:23201 <-> ENABLED <-> FILE-IDENTIFY Windows Media Metafile file attachment detected (file-identify.rules)
 * 1:23202 <-> ENABLED <-> FILE-IDENTIFY Windows Media Metafile file download request (file-identify.rules)
 * 1:23203 <-> ENABLED <-> FILE-IDENTIFY Windows Media Metafile file attachment detected (file-identify.rules)
 * 1:23204 <-> ENABLED <-> FILE-IDENTIFY Windows Media Metafile file attachment detected (file-identify.rules)
 * 1:23205 <-> ENABLED <-> FILE-IDENTIFY Windows Media Metafile file download request (file-identify.rules)
 * 1:23206 <-> ENABLED <-> FILE-IDENTIFY Windows Media Metafile file attachment detected (file-identify.rules)
 * 1:23207 <-> ENABLED <-> FILE-IDENTIFY Windows Media Metafile file attachment detected (file-identify.rules)
 * 1:23208 <-> ENABLED <-> PROTOCOL-VOIP Digium Asterisk Manager Interface initial banner (protocol-voip.rules)
 * 1:23282 <-> DISABLED <-> SERVER-WEBAPP Microsoft Office SharePoint query.iqy XSS attempt (server-webapp.rules)
 * 1:23347 <-> ENABLED <-> FILE-IDENTIFY Lotus file download request (file-identify.rules)
 * 1:23348 <-> ENABLED <-> FILE-IDENTIFY Lotus file attachment detected (file-identify.rules)
 * 1:23349 <-> ENABLED <-> FILE-IDENTIFY Lotus file attachment detected (file-identify.rules)
 * 1:23393 <-> ENABLED <-> SQL IBM SolidDB initial banner (sql.rules)
 * 1:23530 <-> DISABLED <-> FILE-OFFICE Microsoft Office TIFF filter buffer overflow attempt (file-office.rules)
 * 1:23637 <-> ENABLED <-> FILE-IDENTIFY Java .class file attachment detected (file-identify.rules)
 * 1:23638 <-> ENABLED <-> FILE-IDENTIFY Java .class file attachment detected (file-identify.rules)
 * 1:23639 <-> ENABLED <-> FILE-IDENTIFY MPEG video stream file magic detected (file-identify.rules)
 * 1:23640 <-> ENABLED <-> FILE-IDENTIFY MPEG sys stream file magic detected (file-identify.rules)
 * 1:23645 <-> ENABLED <-> FILE-IDENTIFY RealNetworks Real Media file magic detected (file-identify.rules)
 * 1:23647 <-> ENABLED <-> FILE-IDENTIFY GIF file magic detected (file-identify.rules)
 * 1:23648 <-> ENABLED <-> FILE-IDENTIFY MP3 file magic detected (file-identify.rules)
 * 1:23651 <-> ENABLED <-> FILE-IDENTIFY JAR/ZIP file magic detected (file-identify.rules)
 * 1:23652 <-> ENABLED <-> FILE-IDENTIFY JAR/ZIP file magic detected (file-identify.rules)
 * 1:23653 <-> ENABLED <-> FILE-IDENTIFY JAR/ZIP file magic detected (file-identify.rules)
 * 1:23654 <-> ENABLED <-> FILE-IDENTIFY JAR/ZIP file magic detected (file-identify.rules)
 * 1:23655 <-> ENABLED <-> FILE-IDENTIFY JAR/ZIP file magic detected (file-identify.rules)
 * 1:23656 <-> ENABLED <-> FILE-IDENTIFY JAR/ZIP file magic detected (file-identify.rules)
 * 1:23657 <-> ENABLED <-> FILE-IDENTIFY JAR/ZIP file magic detected (file-identify.rules)
 * 1:23658 <-> ENABLED <-> FILE-IDENTIFY RIFX file magic detected (file-identify.rules)
 * 1:23659 <-> ENABLED <-> FILE-IDENTIFY RAR file magic detected (file-identify.rules)
 * 1:23664 <-> ENABLED <-> FILE-IDENTIFY PNG file magic detected (file-identify.rules)
 * 1:23666 <-> ENABLED <-> FILE-IDENTIFY MP3 file magic detected (file-identify.rules)
 * 1:23667 <-> ENABLED <-> FILE-IDENTIFY JPEG file magic detected (file-identify.rules)
 * 1:23670 <-> ENABLED <-> FILE-IDENTIFY RTF file magic detected (file-identify.rules)
 * 1:23676 <-> ENABLED <-> FILE-IDENTIFY Universal Binary/Java Bytecode file magic detected (file-identify.rules)
 * 1:23677 <-> ENABLED <-> FILE-IDENTIFY jarpack file magic detected (file-identify.rules)
 * 1:23678 <-> ENABLED <-> FILE-IDENTIFY PDF file magic detected (file-identify.rules)
 * 1:23679 <-> ENABLED <-> FILE-IDENTIFY compressed Adobe Shockwave Flash file magic detected (file-identify.rules)
 * 1:23680 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file magic detected (file-identify.rules)
 * 1:23681 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file magic detected (file-identify.rules)
 * 1:23682 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:23683 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:23684 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:23685 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:23687 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file magic detected (file-identify.rules)
 * 1:23691 <-> ENABLED <-> FILE-IDENTIFY dmg file magic detected (file-identify.rules)
 * 1:23695 <-> ENABLED <-> FILE-IDENTIFY Flac file magic detected (file-identify.rules)
 * 1:23696 <-> ENABLED <-> FILE-IDENTIFY VideoLAN VLC file magic detected (file-identify.rules)
 * 1:23697 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Excel xlw file magic detected (file-identify.rules)
 * 1:23698 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Media ASF file magic detected (file-identify.rules)
 * 1:23701 <-> ENABLED <-> FILE-IDENTIFY Microsoft SYmbolic LinK file magic detected (file-identify.rules)
 * 1:23703 <-> ENABLED <-> FILE-IDENTIFY Microsoft asf file magic detected (file-identify.rules)
 * 1:23707 <-> ENABLED <-> FILE-IDENTIFY Microsoft Compound File Binary v3 file magic detected (file-identify.rules)
 * 1:23709 <-> ENABLED <-> FILE-IDENTIFY Tiff little endian file magic detected (file-identify.rules)
 * 1:23710 <-> ENABLED <-> FILE-IDENTIFY Tiff big endian file magic detected (file-identify.rules)
 * 1:23711 <-> ENABLED <-> FILE-IDENTIFY OLE Document file magic detected (file-identify.rules)
 * 1:23712 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Excel file magic detected (file-identify.rules)
 * 1:23720 <-> ENABLED <-> FILE-IDENTIFY RealNetworks Realplayer REC file magic detected (file-identify.rules)
 * 1:23721 <-> ENABLED <-> FILE-IDENTIFY RealNetworks Realplayer .r1m file magic detected (file-identify.rules)
 * 1:23723 <-> ENABLED <-> FILE-IDENTIFY M3U file magic detected (file-identify.rules)
 * 1:23724 <-> ENABLED <-> FILE-IDENTIFY Adobe Director Movie file magic detected (file-identify.rules)
 * 1:23727 <-> ENABLED <-> FILE-IDENTIFY Adobe Flash Video file magic detected (file-identify.rules)
 * 1:23728 <-> ENABLED <-> FILE-IDENTIFY matroska file magic detected (file-identify.rules)
 * 1:23729 <-> ENABLED <-> FILE-IDENTIFY PICT file magic detected (file-identify.rules)
 * 1:23732 <-> ENABLED <-> FILE-IDENTIFY Microsoft Media Player .asf file magic detected (file-identify.rules)
 * 1:23735 <-> ENABLED <-> FILE-IDENTIFY MIDI file magic detected (file-identify.rules)
 * 1:23736 <-> ENABLED <-> FILE-IDENTIFY PLS file magic detected (file-identify.rules)
 * 1:23737 <-> ENABLED <-> FILE-IDENTIFY SMIL file magic detected (file-identify.rules)
 * 1:23738 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:23739 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:23740 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:23741 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:23742 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:23743 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:23744 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:23745 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:23746 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:23747 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:23748 <-> ENABLED <-> FILE-IDENTIFY TTF file magic detected (file-identify.rules)
 * 1:23749 <-> ENABLED <-> FILE-IDENTIFY SAMI file magic detected (file-identify.rules)
 * 1:23753 <-> ENABLED <-> FILE-IDENTIFY Visio file magic detected (file-identify.rules)
 * 1:23754 <-> ENABLED <-> FILE-IDENTIFY AVI Video file magic detected (file-identify.rules)
 * 1:23755 <-> ENABLED <-> FILE-IDENTIFY Cisco Webex Player .wrf file magic detected (file-identify.rules)
 * 1:23758 <-> ENABLED <-> FILE-IDENTIFY XML file magic detected (file-identify.rules)
 * 1:23759 <-> ENABLED <-> FILE-IDENTIFY XML file magic detected (file-identify.rules)
 * 1:23760 <-> ENABLED <-> FILE-IDENTIFY WAV file magic detected (file-identify.rules)
 * 1:23761 <-> ENABLED <-> FILE-IDENTIFY AVI file magic detected (file-identify.rules)
 * 1:23762 <-> ENABLED <-> FILE-IDENTIFY PFA file magic detected (file-identify.rules)
 * 1:23763 <-> ENABLED <-> FILE-IDENTIFY HPJ file magic detected (file-identify.rules)
 * 1:23764 <-> ENABLED <-> FILE-IDENTIFY Adobe Download Manager aom file magic detected (file-identify.rules)
 * 1:23765 <-> ENABLED <-> FILE-IDENTIFY Apple Quicktime FLIC file magic detected (file-identify.rules)
 * 1:23774 <-> ENABLED <-> FILE-IDENTIFY NAB file magic detected (file-identify.rules)
 * 1:23807 <-> ENABLED <-> FILE-IDENTIFY JPEG2000 file download request (file-identify.rules)
 * 1:23808 <-> ENABLED <-> FILE-IDENTIFY JPEG2000 file attachment detected (file-identify.rules)
 * 1:23809 <-> ENABLED <-> FILE-IDENTIFY JPEG2000 file attachment detected (file-identify.rules)
 * 1:23810 <-> ENABLED <-> FILE-IDENTIFY JPEG2000 file download request (file-identify.rules)
 * 1:23811 <-> ENABLED <-> FILE-IDENTIFY JPEG2000 file attachment detected (file-identify.rules)
 * 1:25804 <-> ENABLED <-> EXPLOIT-KIT Whitehole exploit kit malicious jar download attempt (exploit-kit.rules)
 * 1:26022 <-> DISABLED <-> FILE-PDF EmbeddedFile contained within a PDF (file-pdf.rules)
 * 1:26057 <-> ENABLED <-> FILE-IDENTIFY ZIP file download detected (file-identify.rules)
 * 1:26058 <-> ENABLED <-> FILE-IDENTIFY ZIP file attachment detected (file-identify.rules)
 * 1:26251 <-> ENABLED <-> FILE-IDENTIFY JPEG file magic detected (file-identify.rules)
 * 1:26355 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows RDP ActiveX component mstscax use after free attempt (browser-plugins.rules)
 * 1:26356 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows RDP ActiveX component mstscax use after free attempt (browser-plugins.rules)
 * 1:26357 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows RDP ActiveX component mstscax use after free attempt (browser-plugins.rules)
 * 1:26358 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows RDP ActiveX component mstscax use after free attempt (browser-plugins.rules)
 * 1:26359 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows RDP ActiveX component mstscax use after free attempt (browser-plugins.rules)
 * 1:26360 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows RDP ActiveX component mstscax use after free attempt (browser-plugins.rules)
 * 1:26361 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows RDP ActiveX component mstscax use after free attempt (browser-plugins.rules)
 * 1:26362 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows RDP ActiveX component mstscax use after free attempt (browser-plugins.rules)
 * 1:26363 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows RDP ActiveX component mstscax use after free attempt (browser-plugins.rules)
 * 1:26364 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows RDP ActiveX component mstscax use after free attempt (browser-plugins.rules)
 * 1:26365 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows RDP ActiveX component mstscax use after free attempt (browser-plugins.rules)
 * 1:26456 <-> ENABLED <-> FILE-IDENTIFY Stream redirector file attachment detected (file-identify.rules)
 * 1:26457 <-> ENABLED <-> FILE-IDENTIFY Stream redirector file attachment detected (file-identify.rules)
 * 1:26458 <-> ENABLED <-> FILE-IDENTIFY Stream redirector file download request (file-identify.rules)
 * 1:26465 <-> ENABLED <-> FILE-IDENTIFY XUL file attachment detected (file-identify.rules)
 * 1:26466 <-> ENABLED <-> FILE-IDENTIFY XUL file attachment detected (file-identify.rules)
 * 1:26492 <-> ENABLED <-> FILE-IDENTIFY KingView KingMessage log file download request (file-identify.rules)
 * 1:26493 <-> ENABLED <-> FILE-IDENTIFY KingView KingMessage log file attachment detected (file-identify.rules)
 * 1:26494 <-> ENABLED <-> FILE-IDENTIFY KingView KingMessage log file attachment detected (file-identify.rules)
 * 1:26593 <-> DISABLED <-> SERVER-WEBAPP PHP htmlspecialchars htmlentities function buffer overflow attempt (server-webapp.rules)
 * 1:26661 <-> DISABLED <-> FILE-PDF PDF with click-to-launch executable (file-pdf.rules)
 * 1:26950 <-> ENABLED <-> EXPLOIT-KIT DotkaChef/Rmayana/DotCache exploit kit Zeroaccess download attempt (exploit-kit.rules)
 * 1:27113 <-> ENABLED <-> EXPLOIT-KIT DotkaChef/Rmayana/DotCache exploit kit Zeroaccess download attempt (exploit-kit.rules)
 * 1:27121 <-> ENABLED <-> SERVER-OTHER HP OpenView Storage Data Protector - initiate connection (server-other.rules)
 * 1:27704 <-> ENABLED <-> EXPLOIT-KIT Gong Da exploit kit Java exploit requested (exploit-kit.rules)
 * 1:27705 <-> ENABLED <-> EXPLOIT-KIT Gong Da exploit kit Java exploit requested (exploit-kit.rules)
 * 1:27741 <-> ENABLED <-> EXPLOIT-KIT Zip file downloaded by Java (exploit-kit.rules)
 * 1:27813 <-> ENABLED <-> EXPLOIT-KIT Styx exploit kit landing page with payload (exploit-kit.rules)
 * 1:27866 <-> ENABLED <-> EXPLOIT-KIT Blackholev2/Darkleech exploit kit landing page (exploit-kit.rules)
 * 1:27873 <-> ENABLED <-> EXPLOIT-KIT Kore exploit kit outbound payload download attempt (exploit-kit.rules)
 * 1:27876 <-> ENABLED <-> EXPLOIT-KIT DotkaChef/Rmayana/DotCache exploit kit Zeroaccess download (exploit-kit.rules)
 * 1:27877 <-> ENABLED <-> EXPLOIT-KIT Blackholev2/Cool exploit kit landing page (exploit-kit.rules)
 * 1:27878 <-> ENABLED <-> EXPLOIT-KIT Blackholev2/Cool exploit kit landing page (exploit-kit.rules)
 * 1:28109 <-> ENABLED <-> EXPLOIT-KIT Nuclear/Magnitude exploit kit Oracle Java exploit download attempt (exploit-kit.rules)
 * 1:28111 <-> ENABLED <-> EXPLOIT-KIT Nuclear/Magnitude exploit kit post Java compromise download attempt (exploit-kit.rules)
 * 1:28196 <-> ENABLED <-> EXPLOIT-KIT Bleeding Life exploit kit module call (exploit-kit.rules)
 * 1:28197 <-> ENABLED <-> EXPLOIT-KIT Bleeding Life exploit kit module call (exploit-kit.rules)
 * 1:28198 <-> ENABLED <-> EXPLOIT-KIT Bleeding Life exploit kit module call (exploit-kit.rules)
 * 1:28199 <-> ENABLED <-> EXPLOIT-KIT Bleeding Life exploit kit module call (exploit-kit.rules)
 * 1:28414 <-> ENABLED <-> EXPLOIT-KIT Nuclear/Magnitude exploit kit Oracle Java exploit download attempt (exploit-kit.rules)
 * 1:28425 <-> ENABLED <-> OS-WINDOWS Microsoft Windows SMB Microsoft Windows Remote Administration Protocol usage attempt (os-windows.rules)
 * 1:28449 <-> ENABLED <-> EXPLOIT-KIT Sakura exploit outbound connection attempt (exploit-kit.rules)
 * 1:28476 <-> ENABLED <-> EXPLOIT-KIT Neutrino exploit kit outbound request by Java - generic detection (exploit-kit.rules)
 * 1:28595 <-> ENABLED <-> EXPLOIT-KIT Nuclear exploit kit Oracle Java jar file retrieval (exploit-kit.rules)
 * 1:28611 <-> ENABLED <-> EXPLOIT-KIT Sakura exploit kit outbound connection attempt (exploit-kit.rules)
 * 1:28615 <-> ENABLED <-> EXPLOIT-KIT Angler exploit kit exploit download attempt (exploit-kit.rules)
 * 1:28629 <-> DISABLED <-> INDICATOR-OBFUSCATION obfuscated script encoding detected (indicator-obfuscation.rules)
 * 1:28630 <-> DISABLED <-> INDICATOR-OBFUSCATION obfuscated script encoding detected (indicator-obfuscation.rules)
 * 1:28894 <-> ENABLED <-> FILE-IDENTIFY eSignal .ets file attachment detected (file-identify.rules)
 * 1:28895 <-> ENABLED <-> FILE-IDENTIFY eSignal .por file attachment detected (file-identify.rules)
 * 1:28896 <-> ENABLED <-> FILE-IDENTIFY eSignal .quo file attachment detected (file-identify.rules)
 * 1:28897 <-> ENABLED <-> FILE-IDENTIFY eSignal .sum file attachment detected (file-identify.rules)
 * 1:28898 <-> ENABLED <-> FILE-IDENTIFY eSignal .ets file attachment detected (file-identify.rules)
 * 1:28899 <-> ENABLED <-> FILE-IDENTIFY eSignal .por file attachment detected (file-identify.rules)
 * 1:28900 <-> ENABLED <-> FILE-IDENTIFY eSignal .sum file attachment detected (file-identify.rules)
 * 1:28901 <-> ENABLED <-> FILE-IDENTIFY eSignal .ets file download request (file-identify.rules)
 * 1:29003 <-> ENABLED <-> EXPLOIT-KIT SPL2 exploit kit jar exploit download (exploit-kit.rules)
 * 1:29129 <-> ENABLED <-> EXPLOIT-KIT Stamp exploit kit jar exploit download - specific structure (exploit-kit.rules)
 * 1:29165 <-> ENABLED <-> EXPLOIT-KIT CritX exploit kit outbound jar request (exploit-kit.rules)
 * 1:29274 <-> ENABLED <-> FILE-IDENTIFY XFDL file attachment detected (file-identify.rules)
 * 1:29275 <-> ENABLED <-> FILE-IDENTIFY XFDL file attachment detected (file-identify.rules)
 * 1:29276 <-> ENABLED <-> FILE-IDENTIFY XFDL file download request (file-identify.rules)
 * 1:29384 <-> ENABLED <-> FILE-IDENTIFY Adobe AIR file download request (file-identify.rules)
 * 1:29385 <-> ENABLED <-> FILE-IDENTIFY Adobe AIR file attachment detected (file-identify.rules)
 * 1:29386 <-> ENABLED <-> FILE-IDENTIFY Adobe AIR file attachment detected (file-identify.rules)
 * 1:29405 <-> ENABLED <-> FILE-IDENTIFY Microsoft Internet Shortcut file attachment detected (file-identify.rules)
 * 1:29406 <-> ENABLED <-> FILE-IDENTIFY Microsoft Internet Shortcut file attachment detected (file-identify.rules)
 * 1:29407 <-> ENABLED <-> FILE-IDENTIFY Microsoft Internet Shortcut file download request (file-identify.rules)
 * 1:29446 <-> ENABLED <-> EXPLOIT-KIT Styx exploit kit jar outbound connection (exploit-kit.rules)
 * 1:29514 <-> ENABLED <-> OS-WINDOWS Microsoft Windows SMB Microsoft Windows Remote Administration Protocol usage attempt (os-windows.rules)
 * 1:29612 <-> ENABLED <-> FILE-IDENTIFY XPS file attachment detected (file-identify.rules)
 * 1:29613 <-> ENABLED <-> FILE-IDENTIFY XPS file attachment detected (file-identify.rules)
 * 1:29614 <-> ENABLED <-> FILE-IDENTIFY XPS file download request (file-identify.rules)
 * 1:29749 <-> DISABLED <-> BROWSER-PLUGINS IBM SizerOne ActiveX clsid access attempt (browser-plugins.rules)
 * 1:30002 <-> ENABLED <-> EXPLOIT-KIT Hello/LightsOut exploit kit Java download attempt (exploit-kit.rules)
 * 1:30014 <-> ENABLED <-> FILE-IDENTIFY OS/2 Metafile file magic detected (file-identify.rules)
 * 1:30015 <-> ENABLED <-> FILE-IDENTIFY OS/2 Metafile file attachment detected (file-identify.rules)
 * 1:30016 <-> ENABLED <-> FILE-IDENTIFY OS/2 Metafile file attachment detected (file-identify.rules)
 * 1:30017 <-> ENABLED <-> FILE-IDENTIFY OS/2 Metafile file magic detected (file-identify.rules)
 * 1:30018 <-> ENABLED <-> FILE-IDENTIFY OS/2 Metafile file download request (file-identify.rules)
 * 1:30219 <-> ENABLED <-> EXPLOIT-KIT Nuclear exploit kit outbound jar request (exploit-kit.rules)
 * 1:30767 <-> ENABLED <-> EXPLOIT-KIT Magnitude exploit kit Oracle Java payload request (exploit-kit.rules)
 * 1:30768 <-> ENABLED <-> EXPLOIT-KIT Magnitude exploit kit Oracle Java payload request (exploit-kit.rules)
 * 1:30944 <-> DISABLED <-> SERVER-APACHE Apache Struts CookieInterceptor classloader access attempt (server-apache.rules)
 * 1:31232 <-> ENABLED <-> EXPLOIT-KIT Bleeding Life exploit kit outbound jar request (exploit-kit.rules)
 * 1:31277 <-> ENABLED <-> EXPLOIT-KIT CottonCastle exploit kit Oracle Java outbound connection (exploit-kit.rules)
 * 1:31278 <-> ENABLED <-> EXPLOIT-KIT CottonCastle exploit kit Oracle java outbound connection (exploit-kit.rules)
 * 1:31299 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Necurs or Win.Trojan Locky variant outbound detection (malware-cnc.rules)
 * 1:3135 <-> ENABLED <-> NETBIOS SMB Trans2 QUERY_FILE_INFO attempt (netbios.rules)
 * 1:3136 <-> ENABLED <-> NETBIOS SMB Trans2 QUERY_FILE_INFO andx attempt (netbios.rules)
 * 1:3137 <-> ENABLED <-> NETBIOS SMB-DS Trans2 QUERY_FILE_INFO attempt (netbios.rules)
 * 1:3138 <-> ENABLED <-> NETBIOS SMB-DS Trans2 QUERY_FILE_INFO andx attempt (netbios.rules)
 * 1:3139 <-> ENABLED <-> NETBIOS SMB Trans2 FIND_FIRST2 attempt (netbios.rules)
 * 1:3140 <-> ENABLED <-> NETBIOS SMB Trans2 FIND_FIRST2 andx attempt (netbios.rules)
 * 1:31407 <-> ENABLED <-> BROWSER-PLUGINS Adobe Reader 11 messageHandler ActiveX access attempt (browser-plugins.rules)
 * 1:31408 <-> ENABLED <-> BROWSER-PLUGINS Adobe Reader 11 messageHandler ActiveX access attempt (browser-plugins.rules)
 * 1:31409 <-> ENABLED <-> BROWSER-PLUGINS Adobe Reader 11 messageHandler ActiveX access attempt (browser-plugins.rules)
 * 1:3141 <-> ENABLED <-> NETBIOS SMB-DS Trans2 FIND_FIRST2 attempt (netbios.rules)
 * 1:31410 <-> ENABLED <-> BROWSER-PLUGINS Adobe Reader 11 messageHandler ActiveX access attempt (browser-plugins.rules)
 * 1:3142 <-> ENABLED <-> NETBIOS SMB-DS Trans2 FIND_FIRST2 andx attempt (netbios.rules)
 * 1:31505 <-> ENABLED <-> SERVER-WEBAPP AlienVault OSSIM av-centerd get_license command injection attempt (server-webapp.rules)
 * 1:31506 <-> ENABLED <-> SERVER-WEBAPP AlienVault OSSIM av-centerd get_log_line command injection attempt (server-webapp.rules)
 * 1:31525 <-> ENABLED <-> SERVER-OTHER HP AutoPass License Server CommunicationServlet directory traversal attempt (server-other.rules)
 * 1:31526 <-> ENABLED <-> SERVER-OTHER HP AutoPass License Server CommunicationServlet directory traversal attempt (server-other.rules)
 * 1:31702 <-> ENABLED <-> FILE-IDENTIFY Microsoft Silverlight application file magic detected (file-identify.rules)
 * 1:31703 <-> ENABLED <-> FILE-IDENTIFY Microsoft Silverlight application file magic detected (file-identify.rules)
 * 1:31773 <-> ENABLED <-> FILE-IDENTIFY BitTorrent torrent file attachment detected (file-identify.rules)
 * 1:31774 <-> ENABLED <-> FILE-IDENTIFY BitTorrent torrent file attachment detected (file-identify.rules)
 * 1:31775 <-> ENABLED <-> FILE-IDENTIFY BitTorrent torrent file attachment detected (file-identify.rules)
 * 1:31776 <-> ENABLED <-> FILE-IDENTIFY BitTorrent torrent file attachment detected (file-identify.rules)
 * 1:31823 <-> ENABLED <-> SERVER-WEBAPP AlienVault OSSIM remote_task command injection attempt (server-webapp.rules)
 * 1:31871 <-> ENABLED <-> FILE-IDENTIFY JPEG file magic detection (file-identify.rules)
 * 1:32134 <-> ENABLED <-> FILE-IDENTIFY XBM file attachment detected (file-identify.rules)
 * 1:32135 <-> ENABLED <-> FILE-IDENTIFY XBM file attachment detected (file-identify.rules)
 * 1:32165 <-> ENABLED <-> FILE-IDENTIFY SVG file magic detected (file-identify.rules)
 * 1:32203 <-> DISABLED <-> SERVER-WEBAPP PineApp Mail-SeCure ldapsyncnow.php command injection attempt (server-webapp.rules)
 * 1:32251 <-> ENABLED <-> FILE-IDENTIFY Basic Control Engine file attachment detected (file-identify.rules)
 * 1:32252 <-> ENABLED <-> FILE-IDENTIFY Basic Control Engine file attachment detected (file-identify.rules)
 * 1:32253 <-> ENABLED <-> FILE-IDENTIFY Basic Control Engine file download request (file-identify.rules)
 * 1:32342 <-> ENABLED <-> SERVER-OTHER AlienVault OSSIM framework backup_restore action command injection attempt (server-other.rules)
 * 1:32345 <-> ENABLED <-> SERVER-OTHER HP OpenView Storage Data Protector - initiate connection (server-other.rules)
 * 1:32355 <-> DISABLED <-> INDICATOR-OBFUSCATION Javascript variable obfuscation (indicator-obfuscation.rules)
 * 1:32378 <-> ENABLED <-> FILE-IDENTIFY bmp file attachment detected (file-identify.rules)
 * 1:32380 <-> ENABLED <-> FILE-IDENTIFY dib file attachment detected (file-identify.rules)
 * 1:32389 <-> ENABLED <-> EXPLOIT-KIT Nuclear exploit kit outbound Oracle Java request (exploit-kit.rules)
 * 1:32481 <-> DISABLED <-> POLICY-OTHER Remote non-JavaScript file found in script tag src attribute (policy-other.rules)
 * 1:32523 <-> DISABLED <-> BROWSER-OTHER FreeBSD tnftp fetch_url client side command injection attempt (browser-other.rules)
 * 1:32524 <-> DISABLED <-> BROWSER-OTHER FreeBSD tnftp fetch_url client side command injection attempt (browser-other.rules)
 * 1:32525 <-> ENABLED <-> BROWSER-OTHER FreeBSD tnftp client detected (browser-other.rules)
 * 1:32555 <-> ENABLED <-> EXPLOIT-KIT Hellspawn exploit kit outbound Oracle Java jar request (exploit-kit.rules)
 * 1:32710 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer XSS filter bypass attempt (browser-ie.rules)
 * 1:32782 <-> ENABLED <-> FILE-FLASH Adobe Flash Player parseFloat stack overflow remote code execution attempt (file-flash.rules)
 * 1:32783 <-> ENABLED <-> FILE-FLASH Adobe Flash Player parseFloat stack overflow remote code execution attempt (file-flash.rules)
 * 1:32784 <-> ENABLED <-> FILE-FLASH Adobe Flash Player parseFloat stack overflow remote code execution attempt (file-flash.rules)
 * 1:32785 <-> ENABLED <-> FILE-FLASH Adobe Flash Player parseFloat stack overflow remote code execution attempt (file-flash.rules)
 * 1:32991 <-> DISABLED <-> SERVER-OTHER SAP NetWeaver SXPG_COMMAND_EXECUTE remote command execution attempt (server-other.rules)
 * 1:32992 <-> DISABLED <-> SERVER-OTHER SAP NetWeaver SXPG_COMMAND_EXECUTE remote command execution attempt (server-other.rules)
 * 1:33026 <-> ENABLED <-> FILE-IDENTIFY Publish-iT PUI file attachment detected (file-identify.rules)
 * 1:33027 <-> ENABLED <-> FILE-IDENTIFY Publish-iT PUI file attachment detected (file-identify.rules)
 * 1:33028 <-> ENABLED <-> FILE-IDENTIFY Publish-iT PUI file download request (file-identify.rules)
 * 1:33070 <-> DISABLED <-> BROWSER-PLUGINS Attachmate Reflection FTP Client ActiveX clsid access attempt (browser-plugins.rules)
 * 1:33071 <-> DISABLED <-> BROWSER-PLUGINS Attachmate Reflection FTP Client ActiveX clsid access attempt (browser-plugins.rules)
 * 1:33072 <-> DISABLED <-> BROWSER-PLUGINS Attachmate Reflection FTP Client ActiveX clsid access attempt (browser-plugins.rules)
 * 1:33073 <-> DISABLED <-> BROWSER-PLUGINS Attachmate Reflection FTP Client ActiveX clsid access attempt (browser-plugins.rules)
 * 1:33247 <-> DISABLED <-> BLACKLIST User-Agent known malicious user-agent string - PPKHandler - Win.Backdoor.Upatre (blacklist.rules)
 * 1:33569 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CTableLayout memory corruption attempt (browser-ie.rules)
 * 1:33570 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CTableLayout memory corruption attempt (browser-ie.rules)
 * 1:33785 <-> DISABLED <-> SERVER-OTHER SSL request for export grade cipher suite attempt (server-other.rules)
 * 1:34104 <-> DISABLED <-> SERVER-WEBAPP Novell ZENworks Configuration Management directory traversal attempt (server-webapp.rules)
 * 1:34105 <-> DISABLED <-> SERVER-WEBAPP Novell ZENworks Configuration Management directory traversal attempt (server-webapp.rules)
 * 1:34106 <-> DISABLED <-> SERVER-WEBAPP Novell ZENworks Configuration Management directory traversal attempt (server-webapp.rules)
 * 1:34332 <-> ENABLED <-> EXPLOIT-KIT Fiesta exploit kit Oracle Java exploit download (exploit-kit.rules)
 * 1:34727 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer DataView use-after-free attempt (browser-ie.rules)
 * 1:34728 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer DataView use-after-free attempt (browser-ie.rules)
 * 1:35432 <-> ENABLED <-> FILE-IDENTIFY M4A file magic detected (file-identify.rules)
 * 1:35433 <-> ENABLED <-> FILE-IDENTIFY M4A file magic detected (file-identify.rules)
 * 1:35455 <-> ENABLED <-> FILE-IDENTIFY Adobe LZMA compressed Flash file magic detected (file-identify.rules)
 * 1:35456 <-> ENABLED <-> FILE-IDENTIFY Adobe LZMA compressed Flash file attachment detected (file-identify.rules)
 * 1:35457 <-> ENABLED <-> FILE-IDENTIFY Adobe LZMA compressed Flash file attachment detected (file-identify.rules)
 * 1:35458 <-> ENABLED <-> FILE-IDENTIFY Adobe LZMA compressed Flash file magic detected (file-identify.rules)
 * 1:35459 <-> ENABLED <-> FILE-IDENTIFY Adobe LZMA compressed Flash file download request (file-identify.rules)
 * 1:35852 <-> ENABLED <-> FILE-IDENTIFY JPEG file upload detected (file-identify.rules)
 * 1:36036 <-> DISABLED <-> INDICATOR-OBFUSCATION Adobe Flash file with SecureSwfLoader packer detected (indicator-obfuscation.rules)
 * 1:36058 <-> ENABLED <-> FILE-IDENTIFY OLE Document upload detected (file-identify.rules)
 * 1:36748 <-> ENABLED <-> FILE-IDENTIFY TTF file attachment detected (file-identify.rules)
 * 1:37025 <-> DISABLED <-> POLICY-OTHER SSL/TLS weak RC4 cipher suite use attempt (policy-other.rules)
 * 1:37026 <-> DISABLED <-> POLICY-OTHER SSL/TLS weak RC4 cipher suite use attempt (policy-other.rules)
 * 1:37546 <-> ENABLED <-> SERVER-OTHER Veritas NetBackup Volume Manager connection attempt (server-other.rules)
 * 1:37715 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer onscroll DOS attempt (browser-ie.rules)
 * 1:37716 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer onscroll DOS attempt (browser-ie.rules)
 * 1:37722 <-> ENABLED <-> FILE-FLASH Adobe Flash Player atomicCompareAndSwapLength integer overflow attempt (file-flash.rules)
 * 1:37723 <-> ENABLED <-> FILE-FLASH Adobe Flash Player atomicCompareAndSwapLength integer overflow attempt (file-flash.rules)
 * 1:37728 <-> DISABLED <-> INDICATOR-OBFUSCATION SWF with large DefineBinaryData tag (indicator-obfuscation.rules)
 * 1:4143 <-> ENABLED <-> SERVER-OTHER lpd receive printer job cascade adaptor protocol request (server-other.rules)
 * 1:5713 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Metafile invalid header size integer overflow attempt (os-windows.rules)
 * 1:6010 <-> ENABLED <-> SERVER-OTHER VERITAS NetBackup vnetd connection attempt (server-other.rules)
 * 1:6404 <-> ENABLED <-> SERVER-OTHER Veritas NetBackup Volume Manager connection attempt (server-other.rules)
 * 1:9845 <-> ENABLED <-> FILE-IDENTIFY M3U file magic detected (file-identify.rules)