Talos has added and modified multiple rules in the file-executable, file-flash, file-image, file-multimedia, file-office, file-other, file-pdf, indicator-compromise, malware-cnc, os-windows, protocol-other, protocol-scada, protocol-voip and server-webapp rule sets to provide coverage for emerging threats from these technologies.
For information about Snort Subscriber Rulesets available for purchase, please visit the Snort product page.
This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 2983.
The format of the file is:
gid:sid <-> Default rule state <-> Message (rule group)
* 1:42925 <-> ENABLED <-> MALWARE-CNC Js.Keylogger.Scanbox outbound connection attempt (malware-cnc.rules) * 1:42926 <-> ENABLED <-> MALWARE-CNC Js.Keylogger.Scanbox outbound connection attempt (malware-cnc.rules) * 1:42927 <-> DISABLED <-> INDICATOR-COMPROMISE Microsoft Office with embedded EPS download attempt (indicator-compromise.rules) * 1:42928 <-> DISABLED <-> INDICATOR-COMPROMISE Microsoft Office with embedded EPS download attempt (indicator-compromise.rules) * 1:42929 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Niramdat variant initial outbound connection attempt (malware-cnc.rules) * 1:42930 <-> ENABLED <-> FILE-FLASH Adobe Flash Player DefineBitsJPEG2 invalid length memory corruption attempt (file-flash.rules) * 1:42931 <-> ENABLED <-> FILE-FLASH Adobe Flash Player DefineBitsJPEG2 invalid length memory corruption attempt (file-flash.rules) * 1:42932 <-> DISABLED <-> FILE-FLASH Adobe Flash Player javascript decompressor use after free attempt (file-flash.rules) * 1:42933 <-> DISABLED <-> FILE-FLASH Adobe Flash Player javascript decompressor use after free attempt (file-flash.rules) * 1:42934 <-> DISABLED <-> PROTOCOL-SCADA GE Proficy Historian buffer overflow attempt (protocol-scada.rules) * 1:42935 <-> DISABLED <-> FILE-OTHER Everest Software PeakHMI malicious .bsu file buffer overflow attempt (file-other.rules) * 1:42936 <-> DISABLED <-> FILE-OTHER Everest Software PeakHMI malicious .bsu file buffer overflow attempt (file-other.rules) * 1:42937 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat Pro SampleFormat heap overflow attempt (file-image.rules) * 1:42938 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat Pro SampleFormat heap overflow attempt (file-image.rules) * 1:42939 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat Pro SampleFormat heap overflow attempt (file-image.rules) * 1:42940 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat Pro SampleFormat heap overflow attempt (file-image.rules) * 1:42942 <-> ENABLED <-> FILE-PDF Adobe Reader XFA large array use after free attempt (file-pdf.rules) * 1:42943 <-> ENABLED <-> FILE-PDF Adobe Reader XFA large array use after free attempt (file-pdf.rules) * 1:42944 <-> ENABLED <-> OS-WINDOWS Microsoft Windows SMB remote code execution attempt (os-windows.rules) * 3:42941 <-> ENABLED <-> PROTOCOL-OTHER TRUFFLEHUNTER TALOS-2017-0337 attack attempt (protocol-other.rules)
* 1:33590 <-> DISABLED <-> FILE-IMAGE Adobe Photoshop CS4 TIFF parsing heap overflow attempt (file-image.rules) * 1:33589 <-> DISABLED <-> FILE-IMAGE Adobe Photoshop CS4 TIFF parsing heap overflow attempt (file-image.rules) * 1:16561 <-> DISABLED <-> FILE-IMAGE Adobe Photoshop CS4 TIFF file exploit attempt - 1 (file-image.rules) * 1:38835 <-> ENABLED <-> FILE-FLASH Adobe Flash Player bitmap heap overflow attempt (file-flash.rules) * 1:38836 <-> ENABLED <-> FILE-FLASH Adobe Flash Player bitmap heap overflow attempt (file-flash.rules) * 1:39273 <-> ENABLED <-> FILE-FLASH Adobe Flash Player malformed ATF heap overflow attempt (file-flash.rules) * 1:39274 <-> ENABLED <-> FILE-FLASH Adobe Flash Player malformed ATF heap overflow attempt (file-flash.rules) * 1:41978 <-> ENABLED <-> OS-WINDOWS Microsoft Windows SMB remote code execution attempt (os-windows.rules) * 1:42233 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Mikcer variant outbound connection attempt (malware-cnc.rules) * 1:42386 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Mikcer variant outbound connection attempt (malware-cnc.rules) * 3:41306 <-> ENABLED <-> FILE-EXECUTABLE TRUFFLEHUNTER TALOS-2016-0256 attack attempt (file-executable.rules) * 3:41225 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2016-0243 attack attempt (file-pdf.rules) * 3:41224 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2016-0243 attack attempt (file-pdf.rules) * 3:32207 <-> ENABLED <-> PROTOCOL-VOIP missing media application format parameter denial-of-service attempt (protocol-voip.rules) * 3:41223 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2016-0230 attack attempt (server-webapp.rules) * 3:41197 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2016-0226 TALOS-2017-0289 attack attempt (file-pdf.rules) * 3:41222 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2016-0240 attack attempt (server-webapp.rules) * 3:41097 <-> ENABLED <-> SERVER-OTHER TRUFFLEHUNTER TALOS-2016-0238 attack attempt (server-other.rules) * 3:41196 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2016-0226 TALOS-2017-0289 attack attempt (file-pdf.rules) * 3:35730 <-> ENABLED <-> OS-WINDOWS TRUFFLEHUNTER TALOS-2015-0009 attack attempt (os-windows.rules) * 3:35729 <-> ENABLED <-> OS-WINDOWS TRUFFLEHUNTER TALOS-2015-0009 attack attempt (os-windows.rules) * 3:35728 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2015-0011 attack attempt (file-other.rules) * 3:35722 <-> ENABLED <-> OS-WINDOWS TRUFFLEHUNTER TALOS-2015-0008 attack attempt (os-windows.rules) * 3:35727 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2015-0011 attack attempt (file-other.rules) * 3:35721 <-> ENABLED <-> OS-WINDOWS TRUFFLEHUNTER TALOS-2015-0008 attack attempt (os-windows.rules) * 3:33871 <-> ENABLED <-> SERVER-WEBAPP Cisco TelePresence Video Communication Server authentication bypass attempt (server-webapp.rules) * 3:32216 <-> ENABLED <-> PROTOCOL-VOIP missing media application format parameter denial-of-service attempt (protocol-voip.rules) * 3:32215 <-> ENABLED <-> PROTOCOL-VOIP missing media application format parameter denial-of-service attempt (protocol-voip.rules) * 3:35834 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-CAN-0043 attack attempt (file-multimedia.rules) * 3:35835 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-CAN-0043 attack attempt (file-multimedia.rules) * 3:36214 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-CAN-0053 attack attempt (file-other.rules) * 3:36215 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-CAN-0053 attack attempt (file-other.rules) * 3:36218 <-> ENABLED <-> OS-WINDOWS TRUFFLEHUNTER TALOS-CAN-0056 attack attempt (os-windows.rules) * 3:36219 <-> ENABLED <-> OS-WINDOWS TRUFFLEHUNTER TALOS-CAN-0056 attack attempt (os-windows.rules) * 3:36220 <-> ENABLED <-> OS-WINDOWS TRUFFLEHUNTER TALOS-CAN-0056 attack attempt (os-windows.rules) * 3:36221 <-> ENABLED <-> OS-WINDOWS TRUFFLEHUNTER TALOS-CAN-0056 attack attempt (os-windows.rules) * 3:38544 <-> ENABLED <-> SERVER-OTHER TRUFFLEHUNTER TALOS-CAN-0121 attack attempt (server-other.rules) * 3:39082 <-> ENABLED <-> FILE-OFFICE TRUFFLEHUNTER TALOS-CAN-0160 attack attempt (file-office.rules) * 3:39083 <-> ENABLED <-> FILE-OFFICE TRUFFLEHUNTER TALOS-CAN-0160 attack attempt (file-office.rules) * 3:39937 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-CAN-0194 attack attempt (file-pdf.rules) * 3:39938 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-CAN-0194 attack attempt (file-pdf.rules) * 3:40820 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2016-0239 attack attempt (server-webapp.rules) * 3:40821 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2016-0241 attack attempt (server-webapp.rules) * 3:40822 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2016-0241 attack attempt (server-webapp.rules) * 3:40880 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2016-0237 attack attempt (server-webapp.rules) * 3:40909 <-> ENABLED <-> SERVER-OTHER TRUFFLEHUNTER TALOS-2016-0245 attack attempt (server-other.rules) * 3:41309 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2016-0247 attack attempt (file-other.rules) * 3:40908 <-> ENABLED <-> SERVER-OTHER TRUFFLEHUNTER TALOS-2016-0245 attack attempt (server-other.rules) * 3:41363 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2017-0270 attack attempt (file-pdf.rules) * 3:41312 <-> ENABLED <-> FILE-EXECUTABLE TRUFFLEHUNTER TALOS-2016-0246 attack attempt (file-executable.rules) * 3:41369 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2017-0273 attack attempt (file-other.rules) * 3:41360 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2017-0270 attack attempt (file-pdf.rules) * 3:41471 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2016-0242 attack attempt (file-pdf.rules) * 3:42432 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2017-0328 attack attempt (server-webapp.rules) * 3:41345 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2016-0261 attack attempt (file-other.rules) * 3:41352 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2016-0232 attack attempt (server-webapp.rules) * 3:41313 <-> ENABLED <-> FILE-EXECUTABLE TRUFFLEHUNTER TALOS-2016-0246 attack attempt (file-executable.rules) * 3:41344 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2016-0261 attack attempt (file-other.rules) * 3:42433 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2017-0328 attack attempt (server-webapp.rules) * 3:41307 <-> ENABLED <-> FILE-EXECUTABLE TRUFFLEHUNTER TALOS-2016-0256 attack attempt (file-executable.rules) * 3:41308 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2016-0247 attack attempt (file-other.rules) * 3:42434 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2017-0328 attack attempt (server-webapp.rules) * 3:41361 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2017-0270 attack attempt (file-pdf.rules) * 3:32208 <-> ENABLED <-> PROTOCOL-VOIP missing media application format parameter denial-of-service attempt (protocol-voip.rules) * 3:32209 <-> ENABLED <-> PROTOCOL-VOIP missing media application format parameter denial-of-service attempt (protocol-voip.rules) * 3:41470 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2016-0242 attack attempt (file-pdf.rules) * 3:41362 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2017-0270 attack attempt (file-pdf.rules) * 3:32211 <-> ENABLED <-> PROTOCOL-VOIP missing media application format parameter denial-of-service attempt (protocol-voip.rules) * 3:32212 <-> ENABLED <-> PROTOCOL-VOIP missing media application format parameter denial-of-service attempt (protocol-voip.rules) * 3:32210 <-> ENABLED <-> PROTOCOL-VOIP missing media application format parameter denial-of-service attempt (protocol-voip.rules) * 3:32213 <-> ENABLED <-> PROTOCOL-VOIP missing media application format parameter denial-of-service attempt (protocol-voip.rules) * 3:32214 <-> ENABLED <-> PROTOCOL-VOIP missing media application format parameter denial-of-service attempt (protocol-voip.rules) * 3:41368 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2017-0273 attack attempt (file-other.rules)
This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 2990.
The format of the file is:
gid:sid <-> Default rule state <-> Message (rule group)
* 1:42944 <-> ENABLED <-> OS-WINDOWS Microsoft Windows SMB remote code execution attempt (os-windows.rules) * 1:42943 <-> ENABLED <-> FILE-PDF Adobe Reader XFA large array use after free attempt (file-pdf.rules) * 1:42942 <-> ENABLED <-> FILE-PDF Adobe Reader XFA large array use after free attempt (file-pdf.rules) * 1:42940 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat Pro SampleFormat heap overflow attempt (file-image.rules) * 1:42939 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat Pro SampleFormat heap overflow attempt (file-image.rules) * 1:42938 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat Pro SampleFormat heap overflow attempt (file-image.rules) * 1:42937 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat Pro SampleFormat heap overflow attempt (file-image.rules) * 1:42936 <-> DISABLED <-> FILE-OTHER Everest Software PeakHMI malicious .bsu file buffer overflow attempt (file-other.rules) * 1:42935 <-> DISABLED <-> FILE-OTHER Everest Software PeakHMI malicious .bsu file buffer overflow attempt (file-other.rules) * 1:42934 <-> DISABLED <-> PROTOCOL-SCADA GE Proficy Historian buffer overflow attempt (protocol-scada.rules) * 1:42933 <-> DISABLED <-> FILE-FLASH Adobe Flash Player javascript decompressor use after free attempt (file-flash.rules) * 1:42932 <-> DISABLED <-> FILE-FLASH Adobe Flash Player javascript decompressor use after free attempt (file-flash.rules) * 1:42931 <-> ENABLED <-> FILE-FLASH Adobe Flash Player DefineBitsJPEG2 invalid length memory corruption attempt (file-flash.rules) * 1:42930 <-> ENABLED <-> FILE-FLASH Adobe Flash Player DefineBitsJPEG2 invalid length memory corruption attempt (file-flash.rules) * 1:42929 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Niramdat variant initial outbound connection attempt (malware-cnc.rules) * 1:42928 <-> DISABLED <-> INDICATOR-COMPROMISE Microsoft Office with embedded EPS download attempt (indicator-compromise.rules) * 1:42927 <-> DISABLED <-> INDICATOR-COMPROMISE Microsoft Office with embedded EPS download attempt (indicator-compromise.rules) * 1:42926 <-> ENABLED <-> MALWARE-CNC Js.Keylogger.Scanbox outbound connection attempt (malware-cnc.rules) * 1:42925 <-> ENABLED <-> MALWARE-CNC Js.Keylogger.Scanbox outbound connection attempt (malware-cnc.rules) * 3:42941 <-> ENABLED <-> PROTOCOL-OTHER TRUFFLEHUNTER TALOS-2017-0337 attack attempt (protocol-other.rules)
* 1:42386 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Mikcer variant outbound connection attempt (malware-cnc.rules) * 1:41978 <-> ENABLED <-> OS-WINDOWS Microsoft Windows SMB remote code execution attempt (os-windows.rules) * 1:42233 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Mikcer variant outbound connection attempt (malware-cnc.rules) * 1:39273 <-> ENABLED <-> FILE-FLASH Adobe Flash Player malformed ATF heap overflow attempt (file-flash.rules) * 1:39274 <-> ENABLED <-> FILE-FLASH Adobe Flash Player malformed ATF heap overflow attempt (file-flash.rules) * 1:38835 <-> ENABLED <-> FILE-FLASH Adobe Flash Player bitmap heap overflow attempt (file-flash.rules) * 1:38836 <-> ENABLED <-> FILE-FLASH Adobe Flash Player bitmap heap overflow attempt (file-flash.rules) * 1:16561 <-> DISABLED <-> FILE-IMAGE Adobe Photoshop CS4 TIFF file exploit attempt - 1 (file-image.rules) * 1:33589 <-> DISABLED <-> FILE-IMAGE Adobe Photoshop CS4 TIFF parsing heap overflow attempt (file-image.rules) * 1:33590 <-> DISABLED <-> FILE-IMAGE Adobe Photoshop CS4 TIFF parsing heap overflow attempt (file-image.rules) * 3:42434 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2017-0328 attack attempt (server-webapp.rules) * 3:42433 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2017-0328 attack attempt (server-webapp.rules) * 3:42432 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2017-0328 attack attempt (server-webapp.rules) * 3:41471 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2016-0242 attack attempt (file-pdf.rules) * 3:41470 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2016-0242 attack attempt (file-pdf.rules) * 3:41369 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2017-0273 attack attempt (file-other.rules) * 3:41368 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2017-0273 attack attempt (file-other.rules) * 3:41363 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2017-0270 attack attempt (file-pdf.rules) * 3:41362 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2017-0270 attack attempt (file-pdf.rules) * 3:41361 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2017-0270 attack attempt (file-pdf.rules) * 3:41360 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2017-0270 attack attempt (file-pdf.rules) * 3:41352 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2016-0232 attack attempt (server-webapp.rules) * 3:41345 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2016-0261 attack attempt (file-other.rules) * 3:41344 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2016-0261 attack attempt (file-other.rules) * 3:41313 <-> ENABLED <-> FILE-EXECUTABLE TRUFFLEHUNTER TALOS-2016-0246 attack attempt (file-executable.rules) * 3:41312 <-> ENABLED <-> FILE-EXECUTABLE TRUFFLEHUNTER TALOS-2016-0246 attack attempt (file-executable.rules) * 3:41309 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2016-0247 attack attempt (file-other.rules) * 3:41308 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2016-0247 attack attempt (file-other.rules) * 3:41307 <-> ENABLED <-> FILE-EXECUTABLE TRUFFLEHUNTER TALOS-2016-0256 attack attempt (file-executable.rules) * 3:41306 <-> ENABLED <-> FILE-EXECUTABLE TRUFFLEHUNTER TALOS-2016-0256 attack attempt (file-executable.rules) * 3:41225 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2016-0243 attack attempt (file-pdf.rules) * 3:41224 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2016-0243 attack attempt (file-pdf.rules) * 3:41223 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2016-0230 attack attempt (server-webapp.rules) * 3:41222 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2016-0240 attack attempt (server-webapp.rules) * 3:41197 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2016-0226 TALOS-2017-0289 attack attempt (file-pdf.rules) * 3:41196 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2016-0226 TALOS-2017-0289 attack attempt (file-pdf.rules) * 3:41097 <-> ENABLED <-> SERVER-OTHER TRUFFLEHUNTER TALOS-2016-0238 attack attempt (server-other.rules) * 3:40909 <-> ENABLED <-> SERVER-OTHER TRUFFLEHUNTER TALOS-2016-0245 attack attempt (server-other.rules) * 3:40908 <-> ENABLED <-> SERVER-OTHER TRUFFLEHUNTER TALOS-2016-0245 attack attempt (server-other.rules) * 3:40880 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2016-0237 attack attempt (server-webapp.rules) * 3:40822 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2016-0241 attack attempt (server-webapp.rules) * 3:40821 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2016-0241 attack attempt (server-webapp.rules) * 3:40820 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2016-0239 attack attempt (server-webapp.rules) * 3:39938 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-CAN-0194 attack attempt (file-pdf.rules) * 3:39937 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-CAN-0194 attack attempt (file-pdf.rules) * 3:39083 <-> ENABLED <-> FILE-OFFICE TRUFFLEHUNTER TALOS-CAN-0160 attack attempt (file-office.rules) * 3:39082 <-> ENABLED <-> FILE-OFFICE TRUFFLEHUNTER TALOS-CAN-0160 attack attempt (file-office.rules) * 3:38544 <-> ENABLED <-> SERVER-OTHER TRUFFLEHUNTER TALOS-CAN-0121 attack attempt (server-other.rules) * 3:36221 <-> ENABLED <-> OS-WINDOWS TRUFFLEHUNTER TALOS-CAN-0056 attack attempt (os-windows.rules) * 3:36220 <-> ENABLED <-> OS-WINDOWS TRUFFLEHUNTER TALOS-CAN-0056 attack attempt (os-windows.rules) * 3:36219 <-> ENABLED <-> OS-WINDOWS TRUFFLEHUNTER TALOS-CAN-0056 attack attempt (os-windows.rules) * 3:36218 <-> ENABLED <-> OS-WINDOWS TRUFFLEHUNTER TALOS-CAN-0056 attack attempt (os-windows.rules) * 3:36215 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-CAN-0053 attack attempt (file-other.rules) * 3:36214 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-CAN-0053 attack attempt (file-other.rules) * 3:35835 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-CAN-0043 attack attempt (file-multimedia.rules) * 3:35834 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-CAN-0043 attack attempt (file-multimedia.rules) * 3:35730 <-> ENABLED <-> OS-WINDOWS TRUFFLEHUNTER TALOS-2015-0009 attack attempt (os-windows.rules) * 3:35722 <-> ENABLED <-> OS-WINDOWS TRUFFLEHUNTER TALOS-2015-0008 attack attempt (os-windows.rules) * 3:35729 <-> ENABLED <-> OS-WINDOWS TRUFFLEHUNTER TALOS-2015-0009 attack attempt (os-windows.rules) * 3:35728 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2015-0011 attack attempt (file-other.rules) * 3:35727 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2015-0011 attack attempt (file-other.rules) * 3:35721 <-> ENABLED <-> OS-WINDOWS TRUFFLEHUNTER TALOS-2015-0008 attack attempt (os-windows.rules) * 3:33871 <-> ENABLED <-> SERVER-WEBAPP Cisco TelePresence Video Communication Server authentication bypass attempt (server-webapp.rules) * 3:32216 <-> ENABLED <-> PROTOCOL-VOIP missing media application format parameter denial-of-service attempt (protocol-voip.rules) * 3:32207 <-> ENABLED <-> PROTOCOL-VOIP missing media application format parameter denial-of-service attempt (protocol-voip.rules) * 3:32208 <-> ENABLED <-> PROTOCOL-VOIP missing media application format parameter denial-of-service attempt (protocol-voip.rules) * 3:32215 <-> ENABLED <-> PROTOCOL-VOIP missing media application format parameter denial-of-service attempt (protocol-voip.rules) * 3:32209 <-> ENABLED <-> PROTOCOL-VOIP missing media application format parameter denial-of-service attempt (protocol-voip.rules) * 3:32214 <-> ENABLED <-> PROTOCOL-VOIP missing media application format parameter denial-of-service attempt (protocol-voip.rules) * 3:32213 <-> ENABLED <-> PROTOCOL-VOIP missing media application format parameter denial-of-service attempt (protocol-voip.rules) * 3:32212 <-> ENABLED <-> PROTOCOL-VOIP missing media application format parameter denial-of-service attempt (protocol-voip.rules) * 3:32211 <-> ENABLED <-> PROTOCOL-VOIP missing media application format parameter denial-of-service attempt (protocol-voip.rules) * 3:32210 <-> ENABLED <-> PROTOCOL-VOIP missing media application format parameter denial-of-service attempt (protocol-voip.rules)
©2024 Cisco and/or its affiliates. Snort, the Snort and Pig logo are registered trademarks of Cisco. All rights reserved.
