The VRT has added and modified multiple rules in the browser-firefox, browser-ie, browser-plugins, file-flash, file-identify, file-image, file-multimedia, file-office, file-other, malware-cnc, protocol-dns, pua-adware, server-iis, server-mail, server-other and server-webapp rule sets to provide coverage for emerging threats from these technologies.
For information about Snort Subscriber Rulesets available for purchase, please visit the Snort product page.
This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 2962.
The format of the file is:
gid:sid <-> Default rule state <-> Message (rule group)
* 1:33580 <-> DISABLED <-> PUA-ADWARE SuperFish adware outbound connection attempt (pua-adware.rules) * 1:33568 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word border use-after-free attempt (file-office.rules) * 1:33571 <-> DISABLED <-> FILE-OTHER Adobe Reader ETB baseurl memory corruption attempt (file-other.rules) * 1:33582 <-> DISABLED <-> SERVER-SAMBA Samba WINS Server Name Registration handling stack buffer overflow attempt (server-samba.rules) * 1:33588 <-> DISABLED <-> FILE-OTHER Oracle Java WebStart JNLP stack buffer overflow attempt (file-other.rules) * 1:33589 <-> DISABLED <-> FILE-IMAGE Adobe Photoshop CS4 TIFF parsing heap overflow attempt (file-image.rules) * 1:33565 <-> DISABLED <-> SERVER-OTHER McAfee E-Business Server remote preauth code execution attempt (server-other.rules) * 1:33567 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word border use-after-free attempt (file-office.rules) * 1:33570 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CTableLayout memory corruption attempt (browser-ie.rules) * 1:33574 <-> DISABLED <-> SERVER-WEBAPP ManageEngine Multiple Products FailOverHelperServlet information disclosure attempt (server-webapp.rules) * 1:33578 <-> ENABLED <-> FILE-MULTIMEDIA Apple QuickTime STSD JPEG atom heap corruption attempt (file-multimedia.rules) * 1:33572 <-> DISABLED <-> FILE-OTHER Adobe Reader ETB baseurl memory corruption attempt (file-other.rules) * 1:33583 <-> DISABLED <-> PROTOCOL-DNS ISC BIND recursive resolver resource consumption denial of service attempt (protocol-dns.rules) * 1:33585 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ASnative command execution attempt (file-flash.rules) * 1:33564 <-> DISABLED <-> SERVER-MAIL GNU Mailman date field buffer overflow attempt (server-mail.rules) * 1:33573 <-> DISABLED <-> SERVER-WEBAPP ManageEngine Multiple Products FailOverHelperServlet information disclosure attempt (server-webapp.rules) * 1:33584 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ASnative command execution attempt (file-flash.rules) * 1:33566 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox 3 xsl parsing heap overflow attempt (browser-firefox.rules) * 1:33590 <-> DISABLED <-> FILE-IMAGE Adobe Photoshop CS4 TIFF parsing heap overflow attempt (file-image.rules) * 1:33581 <-> DISABLED <-> SERVER-WEBAPP nginx URI processing security bypass attempt (server-webapp.rules) * 1:33576 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime STSD JPEG atom heap corruption attempt (file-multimedia.rules) * 1:33591 <-> DISABLED <-> FILE-IMAGE Adobe Photoshop CS4 TIFF parsing heap overflow attempt (file-image.rules) * 1:33579 <-> DISABLED <-> BROWSER-PLUGINS Facebook Photo Uploader ActiveX clsid access attempt (browser-plugins.rules) * 1:33586 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime Image Description Atom sign extension memory corruption attempt (file-multimedia.rules) * 1:33577 <-> ENABLED <-> FILE-MULTIMEDIA Apple QuickTime STSD JPEG atom heap corruption attempt (file-multimedia.rules) * 1:33575 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime STSD JPEG atom heap corruption attempt (file-multimedia.rules) * 1:33569 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CTableLayout memory corruption attempt (browser-ie.rules) * 3:33587 <-> ENABLED <-> FILE-OFFICE Microsoft RTF improper listoverride nesting attempt (file-office.rules)
* 1:15157 <-> DISABLED <-> FILE-MULTIMEDIA VideoLAN VLC Media Player XSPF memory corruption attempt (file-multimedia.rules) * 1:15869 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ASnative command execution attempt (file-flash.rules) * 1:15882 <-> DISABLED <-> SERVER-OTHER McAfee E-Business Server remote preauth code execution attempt (server-other.rules) * 1:16332 <-> DISABLED <-> SERVER-OTHER Symantec System Center Alert Management System untrusted command execution attempt (server-other.rules) * 1:16376 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CTableLayout memory corruption attempt (browser-ie.rules) * 1:18951 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CTableLayout memory corruption attempt (browser-ie.rules) * 1:20724 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word border use-after-free attempt (file-office.rules) * 1:20792 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Excel file attachment detected (file-identify.rules) * 1:20793 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Excel file attachment detected (file-identify.rules) * 1:20795 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Word file attachment detected (file-identify.rules) * 1:20796 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Word file attachment detected (file-identify.rules) * 1:20798 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file attachment detected (file-identify.rules) * 1:20799 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file attachment detected (file-identify.rules) * 1:20800 <-> ENABLED <-> FILE-IDENTIFY MIME file type file attachment detected (file-identify.rules) * 1:20801 <-> ENABLED <-> FILE-IDENTIFY MIME file type file attachment detected (file-identify.rules) * 1:20848 <-> ENABLED <-> FILE-IDENTIFY MAKI file attachment detected (file-identify.rules) * 1:20849 <-> ENABLED <-> FILE-IDENTIFY MAKI file attachment detected (file-identify.rules) * 1:20850 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows EMF metafile file attachment detected (file-identify.rules) * 1:20851 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows EMF metafile file attachment detected (file-identify.rules) * 1:20854 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Visio file attachment detected (file-identify.rules) * 1:20855 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Visio file attachment detected (file-identify.rules) * 1:20856 <-> ENABLED <-> FILE-IDENTIFY TwinVQ file attachment detected (file-identify.rules) * 1:20857 <-> ENABLED <-> FILE-IDENTIFY TwinVQ file attachment detected (file-identify.rules) * 1:20893 <-> ENABLED <-> FILE-IDENTIFY Video Spirit file attachment detected (file-identify.rules) * 1:20894 <-> ENABLED <-> FILE-IDENTIFY Video Spirit file attachment detected (file-identify.rules) * 1:20895 <-> ENABLED <-> FILE-IDENTIFY AutoDesk 3D Studio Maxscript file attachment detected (file-identify.rules) * 1:20896 <-> ENABLED <-> FILE-IDENTIFY AutoDesk 3D Studio Maxscript file attachment detected (file-identify.rules) * 1:20898 <-> ENABLED <-> FILE-IDENTIFY MIDI file attachment detected (file-identify.rules) * 1:20899 <-> ENABLED <-> FILE-IDENTIFY MIDI file attachment detected (file-identify.rules) * 1:20905 <-> ENABLED <-> FILE-IDENTIFY X PixMap file attachment detected (file-identify.rules) * 1:20906 <-> ENABLED <-> FILE-IDENTIFY X PixMap file attachment detected (file-identify.rules) * 1:20907 <-> ENABLED <-> FILE-IDENTIFY DXF file attachment detected (file-identify.rules) * 1:20908 <-> ENABLED <-> FILE-IDENTIFY DXF file attachment detected (file-identify.rules) * 1:20909 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Media ASF file attachment detected (file-identify.rules) * 1:20910 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Media ASF file attachment detected (file-identify.rules) * 1:20911 <-> ENABLED <-> FILE-IDENTIFY EPS file attachment detected (file-identify.rules) * 1:20912 <-> ENABLED <-> FILE-IDENTIFY EPS file attachment detected (file-identify.rules) * 1:20913 <-> ENABLED <-> FILE-IDENTIFY XML Shareable Playlist Format file attachment detected (file-identify.rules) * 1:20914 <-> ENABLED <-> FILE-IDENTIFY XML Shareable Playlist Format file attachment detected (file-identify.rules) * 1:20915 <-> ENABLED <-> FILE-IDENTIFY caff file attachment detected (file-identify.rules) * 1:20916 <-> ENABLED <-> FILE-IDENTIFY caff file attachment detected (file-identify.rules) * 1:20917 <-> ENABLED <-> FILE-IDENTIFY BAK file attachment detected (file-identify.rules) * 1:20918 <-> ENABLED <-> FILE-IDENTIFY BAK file attachment detected (file-identify.rules) * 1:20925 <-> ENABLED <-> FILE-IDENTIFY Adobe Pagemaker file attachment detected (file-identify.rules) * 1:20926 <-> ENABLED <-> FILE-IDENTIFY Adobe Pagemaker file attachment detected (file-identify.rules) * 1:20929 <-> ENABLED <-> FILE-IDENTIFY MKV file attachment detected (file-identify.rules) * 1:20930 <-> ENABLED <-> FILE-IDENTIFY MKV file attachment detected (file-identify.rules) * 1:20931 <-> ENABLED <-> FILE-IDENTIFY MKS file attachment detected (file-identify.rules) * 1:20932 <-> ENABLED <-> FILE-IDENTIFY MKS file attachment detected (file-identify.rules) * 1:20933 <-> ENABLED <-> FILE-IDENTIFY MKA file attachment detected (file-identify.rules) * 1:20934 <-> ENABLED <-> FILE-IDENTIFY MKA file attachment detected (file-identify.rules) * 1:20935 <-> ENABLED <-> FILE-IDENTIFY QCP file attachment detected (file-identify.rules) * 1:20936 <-> ENABLED <-> FILE-IDENTIFY QCP file attachment detected (file-identify.rules) * 1:20941 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file attachment detected (file-identify.rules) * 1:20942 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file attachment detected (file-identify.rules) * 1:20943 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file attachment detected (file-identify.rules) * 1:20944 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file attachment detected (file-identify.rules) * 1:20945 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file attachment detected (file-identify.rules) * 1:20946 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file attachment detected (file-identify.rules) * 1:20947 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file attachment detected (file-identify.rules) * 1:20948 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file attachment detected (file-identify.rules) * 1:20978 <-> ENABLED <-> FILE-IDENTIFY TTE file attachment detected (file-identify.rules) * 1:20979 <-> ENABLED <-> FILE-IDENTIFY TTE file attachment detected (file-identify.rules) * 1:20980 <-> ENABLED <-> FILE-IDENTIFY OTF file attachment detected (file-identify.rules) * 1:20981 <-> ENABLED <-> FILE-IDENTIFY OTF file attachment detected (file-identify.rules) * 1:20982 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office PowerPoint file attachment detected (file-identify.rules) * 1:20983 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office PowerPoint file attachment detected (file-identify.rules) * 1:20986 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Word docx file attachment detected (file-identify.rules) * 1:20987 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Word docx file attachment detected (file-identify.rules) * 1:21002 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word border use-after-free attempt (file-office.rules) * 1:21009 <-> ENABLED <-> FILE-IDENTIFY Microsoft Money file attachment detected (file-identify.rules) * 1:21010 <-> ENABLED <-> FILE-IDENTIFY Microsoft Money file attachment detected (file-identify.rules) * 1:21013 <-> ENABLED <-> FILE-IDENTIFY Cytel Studio cy3 file attachment detected (file-identify.rules) * 1:21014 <-> ENABLED <-> FILE-IDENTIFY Cytel Studio cy3 file attachment detected (file-identify.rules) * 1:21016 <-> ENABLED <-> FILE-IDENTIFY Cytel Studio cyb file attachment detected (file-identify.rules) * 1:21017 <-> ENABLED <-> FILE-IDENTIFY cyb Cytel Studio file attachment detected (file-identify.rules) * 1:21035 <-> ENABLED <-> FILE-IDENTIFY PDF file attachment detected (file-identify.rules) * 1:21036 <-> ENABLED <-> FILE-IDENTIFY PDF file attachment detected (file-identify.rules) * 1:21053 <-> ENABLED <-> FILE-IDENTIFY UltraISO CUE file attachment detected (file-identify.rules) * 1:21054 <-> ENABLED <-> FILE-IDENTIFY UltraISO CUE file attachment detected (file-identify.rules) * 1:21061 <-> ENABLED <-> FILE-IDENTIFY AVI file attachment detected (file-identify.rules) * 1:21062 <-> ENABLED <-> FILE-IDENTIFY AVI file attachment detected (file-identify.rules) * 1:21110 <-> ENABLED <-> FILE-IDENTIFY MPEG video stream file attachment detected (file-identify.rules) * 1:21111 <-> ENABLED <-> FILE-IDENTIFY MPEG video stream file attachment detected (file-identify.rules) * 1:21152 <-> ENABLED <-> FILE-IDENTIFY S3M file attachment detected (file-identify.rules) * 1:21153 <-> ENABLED <-> FILE-IDENTIFY S3M file attachment detected (file-identify.rules) * 1:21283 <-> ENABLED <-> FILE-IDENTIFY XSL file attachment detected (file-identify.rules) * 1:21284 <-> ENABLED <-> FILE-IDENTIFY XSL file attachment detected (file-identify.rules) * 1:21286 <-> ENABLED <-> FILE-IDENTIFY XSLT file attachment detected (file-identify.rules) * 1:21287 <-> ENABLED <-> FILE-IDENTIFY XSLT file attachment detected (file-identify.rules) * 1:21295 <-> ENABLED <-> FILE-IDENTIFY FON file attachment detected (file-identify.rules) * 1:21296 <-> ENABLED <-> FILE-IDENTIFY FON file attachment detected (file-identify.rules) * 1:21411 <-> ENABLED <-> FILE-IDENTIFY paq8o file attachment detected (file-identify.rules) * 1:21412 <-> ENABLED <-> FILE-IDENTIFY paq8o file attachment detected (file-identify.rules) * 1:21432 <-> ENABLED <-> FILE-IDENTIFY MPPL file attachment detected (file-identify.rules) * 1:21433 <-> ENABLED <-> FILE-IDENTIFY MPPL file attachment detected (file-identify.rules) * 1:21478 <-> ENABLED <-> FILE-IDENTIFY CHM file attachment detected (file-identify.rules) * 1:21479 <-> ENABLED <-> FILE-IDENTIFY CHM file attachment detected (file-identify.rules) * 1:21499 <-> ENABLED <-> FILE-IDENTIFY XML file attachment detected (file-identify.rules) * 1:21500 <-> ENABLED <-> FILE-IDENTIFY XML file attachment detected (file-identify.rules) * 1:21574 <-> ENABLED <-> FILE-IDENTIFY Microsoft Visual Studio addin file attachment detected (file-identify.rules) * 1:21575 <-> ENABLED <-> FILE-IDENTIFY Microsoft Visual Studio addin file attachment detected (file-identify.rules) * 1:21585 <-> ENABLED <-> FILE-IDENTIFY VisiWave VWR file attachment detected (file-identify.rules) * 1:21586 <-> ENABLED <-> FILE-IDENTIFY VisiWave VWR file attachment detected (file-identify.rules) * 1:21611 <-> ENABLED <-> FILE-IDENTIFY RAT file attachment detected (file-identify.rules) * 1:21612 <-> ENABLED <-> FILE-IDENTIFY RAT file attachment detected (file-identify.rules) * 1:21613 <-> ENABLED <-> FILE-IDENTIFY PNG file attachment detected (file-identify.rules) * 1:21614 <-> ENABLED <-> FILE-IDENTIFY PNG file attachment detected (file-identify.rules) * 1:21615 <-> ENABLED <-> FILE-IDENTIFY WMF file attachment detected (file-identify.rules) * 1:21616 <-> ENABLED <-> FILE-IDENTIFY WMF file attachment detected (file-identify.rules) * 1:21617 <-> ENABLED <-> FILE-IDENTIFY RT file attachment detected (file-identify.rules) * 1:21618 <-> ENABLED <-> FILE-IDENTIFY RT file attachment detected (file-identify.rules) * 1:21623 <-> ENABLED <-> FILE-IDENTIFY QUO file attachment detected (file-identify.rules) * 1:21624 <-> ENABLED <-> FILE-IDENTIFY QUO file attachment detected (file-identify.rules) * 1:21625 <-> ENABLED <-> FILE-IDENTIFY POR file attachment detected (file-identify.rules) * 1:21626 <-> ENABLED <-> FILE-IDENTIFY POR file attachment detected (file-identify.rules) * 1:21627 <-> ENABLED <-> FILE-IDENTIFY SUM file attachment detected (file-identify.rules) * 1:21628 <-> ENABLED <-> FILE-IDENTIFY SUM file attachment detected (file-identify.rules) * 1:21648 <-> ENABLED <-> FILE-IDENTIFY QuickDraw/PICT file attachment detected (file-identify.rules) * 1:21649 <-> ENABLED <-> FILE-IDENTIFY QuickDraw/PICT file attachment detected (file-identify.rules) * 1:21651 <-> ENABLED <-> FILE-IDENTIFY QuickDraw/PICT file attachment detected (file-identify.rules) * 1:21652 <-> ENABLED <-> FILE-IDENTIFY QuickDraw/PICT file attachment detected (file-identify.rules) * 1:21687 <-> ENABLED <-> FILE-IDENTIFY PLS file attachment detected (file-identify.rules) * 1:21688 <-> ENABLED <-> FILE-IDENTIFY PLS file attachment detected (file-identify.rules) * 1:21691 <-> ENABLED <-> FILE-IDENTIFY SMIL file attachment detected (file-identify.rules) * 1:21692 <-> ENABLED <-> FILE-IDENTIFY SMIL file attachment detected (file-identify.rules) * 1:21693 <-> ENABLED <-> FILE-IDENTIFY FLAC file attachment detected (file-identify.rules) * 1:21694 <-> ENABLED <-> FILE-IDENTIFY FLAC file attachment detected (file-identify.rules) * 1:21695 <-> ENABLED <-> FILE-IDENTIFY SMI file attachment detected (file-identify.rules) * 1:21696 <-> ENABLED <-> FILE-IDENTIFY SMI file attachment detected (file-identify.rules) * 1:21697 <-> ENABLED <-> FILE-IDENTIFY SAMI file attachment detected (file-identify.rules) * 1:21698 <-> ENABLED <-> FILE-IDENTIFY SAMI file attachment detected (file-identify.rules) * 1:21699 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Excel xlw file attachment detected (file-identify.rules) * 1:21700 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Excel xlw file attachment detected (file-identify.rules) * 1:21701 <-> ENABLED <-> FILE-IDENTIFY FlashPix file attachment detected (file-identify.rules) * 1:21702 <-> ENABLED <-> FILE-IDENTIFY FlashPix file attachment detected (file-identify.rules) * 1:21703 <-> ENABLED <-> FILE-IDENTIFY 4XM file attachment detected (file-identify.rules) * 1:21704 <-> ENABLED <-> FILE-IDENTIFY 4XM file attachment detected (file-identify.rules) * 1:21705 <-> ENABLED <-> FILE-IDENTIFY BitTorrent torrent file attachment detected (file-identify.rules) * 1:21706 <-> ENABLED <-> FILE-IDENTIFY BitTorrent torrent file attachment detected (file-identify.rules) * 1:21707 <-> ENABLED <-> FILE-IDENTIFY Microsoft Works file attachment detected (file-identify.rules) * 1:21708 <-> ENABLED <-> FILE-IDENTIFY Microsoft Works file attachment detected (file-identify.rules) * 1:21709 <-> ENABLED <-> FILE-IDENTIFY AIFF file attachment detected (file-identify.rules) * 1:21710 <-> ENABLED <-> FILE-IDENTIFY AIFF file attachment detected (file-identify.rules) * 1:21713 <-> ENABLED <-> FILE-IDENTIFY PFA file attachment detected (file-identify.rules) * 1:21714 <-> ENABLED <-> FILE-IDENTIFY PFA file attachment detected (file-identify.rules) * 1:21716 <-> ENABLED <-> FILE-IDENTIFY PFB file attachment detected (file-identify.rules) * 1:21717 <-> ENABLED <-> FILE-IDENTIFY PFB file attachment detected (file-identify.rules) * 1:21719 <-> ENABLED <-> FILE-IDENTIFY PFM file attachment detected (file-identify.rules) * 1:21720 <-> ENABLED <-> FILE-IDENTIFY PFM file attachment detected (file-identify.rules) * 1:21722 <-> ENABLED <-> FILE-IDENTIFY AFM file attachment detected (file-identify.rules) * 1:21723 <-> ENABLED <-> FILE-IDENTIFY AFM file attachment detected (file-identify.rules) * 1:21725 <-> ENABLED <-> FILE-IDENTIFY ANI file attachment detected (file-identify.rules) * 1:21726 <-> ENABLED <-> FILE-IDENTIFY ANI file attachment detected (file-identify.rules) * 1:21728 <-> ENABLED <-> FILE-IDENTIFY JPG file attachment detected (file-identify.rules) * 1:21729 <-> ENABLED <-> FILE-IDENTIFY JPG file attachment detected (file-identify.rules) * 1:21730 <-> ENABLED <-> FILE-IDENTIFY JPG file attachment detected (file-identify.rules) * 1:21731 <-> ENABLED <-> FILE-IDENTIFY JPG file attachment detected (file-identify.rules) * 1:21732 <-> ENABLED <-> FILE-IDENTIFY JPG file attachment detected (file-identify.rules) * 1:21733 <-> ENABLED <-> FILE-IDENTIFY JPG file attachment detected (file-identify.rules) * 1:21734 <-> ENABLED <-> FILE-IDENTIFY JPG file attachment detected (file-identify.rules) * 1:21735 <-> ENABLED <-> FILE-IDENTIFY JPG file attachment detected (file-identify.rules) * 1:21736 <-> ENABLED <-> FILE-IDENTIFY JPG file attachment detected (file-identify.rules) * 1:21737 <-> ENABLED <-> FILE-IDENTIFY JPG file attachment detected (file-identify.rules) * 1:21738 <-> ENABLED <-> FILE-IDENTIFY JPG file attachment detected (file-identify.rules) * 1:21739 <-> ENABLED <-> FILE-IDENTIFY JPG file attachment detected (file-identify.rules) * 1:21740 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Media asx file attachment detected (file-identify.rules) * 1:21741 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Media asx file attachment detected (file-identify.rules) * 1:21742 <-> ENABLED <-> FILE-IDENTIFY Embedded Open Type Font file attachment detected (file-identify.rules) * 1:21743 <-> ENABLED <-> FILE-IDENTIFY Embedded Open Type Font file attachment detected (file-identify.rules) * 1:21744 <-> ENABLED <-> FILE-IDENTIFY AVI file attachment detected (file-identify.rules) * 1:21745 <-> ENABLED <-> FILE-IDENTIFY AVI file attachment detected (file-identify.rules) * 1:21746 <-> ENABLED <-> FILE-IDENTIFY RTF file attachment detected (file-identify.rules) * 1:21747 <-> ENABLED <-> FILE-IDENTIFY RTF file attachment detected (file-identify.rules) * 1:21749 <-> ENABLED <-> FILE-IDENTIFY HPJ file attachment detected (file-identify.rules) * 1:21750 <-> ENABLED <-> FILE-IDENTIFY HPJ file attachment detected (file-identify.rules) * 1:21803 <-> ENABLED <-> FILE-IDENTIFY HT-MP3Player file attachment detected (file-identify.rules) * 1:21804 <-> ENABLED <-> FILE-IDENTIFY HT-MP3Player file attachment detected (file-identify.rules) * 1:21808 <-> ENABLED <-> FILE-IDENTIFY Adobe Download Manager aom file attachment detected (file-identify.rules) * 1:21809 <-> ENABLED <-> FILE-IDENTIFY Adobe Download Manager aom file attachment detected (file-identify.rules) * 1:21812 <-> ENABLED <-> FILE-IDENTIFY Apple Quicktime FLIC animation file file attachment detected (file-identify.rules) * 1:21813 <-> ENABLED <-> FILE-IDENTIFY Apple Quicktime FLIC animation file file attachment detected (file-identify.rules) * 1:21815 <-> ENABLED <-> FILE-IDENTIFY LZH file attachment detected (file-identify.rules) * 1:21816 <-> ENABLED <-> FILE-IDENTIFY LZH file attachment detected (file-identify.rules) * 1:21854 <-> ENABLED <-> FILE-IDENTIFY LNK file attachment detected (file-identify.rules) * 1:21855 <-> ENABLED <-> FILE-IDENTIFY LNK file attachment detected (file-identify.rules) * 1:21856 <-> ENABLED <-> FILE-IDENTIFY ZIP file attachment detected (file-identify.rules) * 1:21857 <-> ENABLED <-> FILE-IDENTIFY ZIP file attachment detected (file-identify.rules) * 1:21861 <-> ENABLED <-> FILE-IDENTIFY WRF file attachment detected (file-identify.rules) * 1:21862 <-> ENABLED <-> FILE-IDENTIFY WRF file attachment detected (file-identify.rules) * 1:21863 <-> ENABLED <-> FILE-IDENTIFY Google Chrome extension file attachment detected (file-identify.rules) * 1:21864 <-> ENABLED <-> FILE-IDENTIFY Google Chrome extension file attachment detected (file-identify.rules) * 1:21865 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Fax Cover page document file attachment detected (file-identify.rules) * 1:21866 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Fax Cover page document file attachment detected (file-identify.rules) * 1:21867 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Fax Cover page document file attachment detected (file-identify.rules) * 1:21868 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Fax Cover page document file attachment detected (file-identify.rules) * 1:21870 <-> ENABLED <-> FILE-IDENTIFY CNT file attachment detected (file-identify.rules) * 1:21871 <-> ENABLED <-> FILE-IDENTIFY CNT file attachment detected (file-identify.rules) * 1:21872 <-> ENABLED <-> FILE-IDENTIFY GIF file attachment detected (file-identify.rules) * 1:21873 <-> ENABLED <-> FILE-IDENTIFY GIF file attachment detected (file-identify.rules) * 1:21879 <-> ENABLED <-> FILE-IDENTIFY Microsoft search file attachment detected (file-identify.rules) * 1:21880 <-> ENABLED <-> FILE-IDENTIFY Microsoft search file attachment detected (file-identify.rules) * 1:21884 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Publisher file attachment detected (file-identify.rules) * 1:21885 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Publisher file attachment detected (file-identify.rules) * 1:21886 <-> ENABLED <-> FILE-IDENTIFY OpenType Font file attachment detected (file-identify.rules) * 1:21887 <-> ENABLED <-> FILE-IDENTIFY OpenType Font file attachment detected (file-identify.rules) * 1:21888 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Movie Maker file attachment detected (file-identify.rules) * 1:21889 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Movie Maker file attachment detected (file-identify.rules) * 1:21890 <-> ENABLED <-> FILE-IDENTIFY Adobe Director Movie file attachment detected (file-identify.rules) * 1:21891 <-> ENABLED <-> FILE-IDENTIFY Adobe Director Movie file attachment detected (file-identify.rules) * 1:21892 <-> ENABLED <-> FILE-IDENTIFY Adobe Director Movie file attachment detected (file-identify.rules) * 1:21893 <-> ENABLED <-> FILE-IDENTIFY Adobe Director Movie file attachment detected (file-identify.rules) * 1:21894 <-> ENABLED <-> FILE-IDENTIFY SVG file attachment detected (file-identify.rules) * 1:21895 <-> ENABLED <-> FILE-IDENTIFY SVG file attachment detected (file-identify.rules) * 1:21908 <-> ENABLED <-> FILE-IDENTIFY Portable Executable file attachment detected (file-identify.rules) * 1:21909 <-> ENABLED <-> FILE-IDENTIFY Portable Executable file attachment detected (file-identify.rules) * 1:21948 <-> DISABLED <-> FILE-IMAGE Adobe Photoshop CS4 TIFF parsing heap overflow attempt (file-image.rules) * 1:21956 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows hlp file attachment detected (file-identify.rules) * 1:21957 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows hlp file attachment detected (file-identify.rules) * 1:22014 <-> ENABLED <-> FILE-IDENTIFY Microsoft Visual Studio DBP file attachment detected (file-identify.rules) * 1:22015 <-> ENABLED <-> FILE-IDENTIFY Microsoft Visual Studio DBP file attachment detected (file-identify.rules) * 1:22018 <-> ENABLED <-> FILE-IDENTIFY Microsoft Visual Studio PKP file attachment detected (file-identify.rules) * 1:22019 <-> ENABLED <-> FILE-IDENTIFY Microsoft Visual Studio PKP file attachment detected (file-identify.rules) * 1:22022 <-> ENABLED <-> FILE-IDENTIFY Microsoft Visual Studio SLN file attachment detected (file-identify.rules) * 1:22023 <-> ENABLED <-> FILE-IDENTIFY Microsoft Visual Studio SLN file attachment detected (file-identify.rules) * 1:22026 <-> ENABLED <-> FILE-IDENTIFY Microsoft Visual Studio VAP file attachment detected (file-identify.rules) * 1:22027 <-> ENABLED <-> FILE-IDENTIFY Microsoft Visual Studio VAP file attachment detected (file-identify.rules) * 1:22044 <-> ENABLED <-> FILE-IDENTIFY XM file attachment detected (file-identify.rules) * 1:22045 <-> ENABLED <-> FILE-IDENTIFY XM file attachment detected (file-identify.rules) * 1:22083 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office PowerPoint pptx file attachment detected (file-identify.rules) * 1:22084 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office PowerPoint pptx file attachment detected (file-identify.rules) * 1:22944 <-> ENABLED <-> FILE-IDENTIFY NAB file attachment detected (file-identify.rules) * 1:22945 <-> ENABLED <-> FILE-IDENTIFY NAB file attachment detected (file-identify.rules) * 1:22955 <-> ENABLED <-> FILE-IDENTIFY AMF file attachment detected (file-identify.rules) * 1:22956 <-> ENABLED <-> FILE-IDENTIFY AMF file attachment detected (file-identify.rules) * 1:22961 <-> ENABLED <-> FILE-IDENTIFY RealNetworks RealPlayer RAM file attachment detected (file-identify.rules) * 1:22962 <-> ENABLED <-> FILE-IDENTIFY RealNetworks RealPlayer RAM file attachment detected (file-identify.rules) * 1:22963 <-> ENABLED <-> FILE-IDENTIFY RealNetworks RealPlayer RMP file attachment detected (file-identify.rules) * 1:22964 <-> ENABLED <-> FILE-IDENTIFY RealNetworks RealPlayer RMP file attachment detected (file-identify.rules) * 1:22965 <-> ENABLED <-> FILE-IDENTIFY RealNetworks RealPlayer RT file attachment detected (file-identify.rules) * 1:22966 <-> ENABLED <-> FILE-IDENTIFY RealNetworks RealPlayer RT file attachment detected (file-identify.rules) * 1:22967 <-> ENABLED <-> FILE-IDENTIFY RealNetworks RealPlayer RP file attachment detected (file-identify.rules) * 1:22968 <-> ENABLED <-> FILE-IDENTIFY RealNetworks RealPlayer RP file attachment detected (file-identify.rules) * 1:22969 <-> ENABLED <-> FILE-IDENTIFY remote desktop configuration file attachment detected (file-identify.rules) * 1:22970 <-> ENABLED <-> FILE-IDENTIFY remote desktop configuration file attachment detected (file-identify.rules) * 1:22971 <-> ENABLED <-> FILE-IDENTIFY MPEG Layer 3 playlist file attachment detected (file-identify.rules) * 1:22972 <-> ENABLED <-> FILE-IDENTIFY m3u playlist file file attachment detected (file-identify.rules) * 1:22973 <-> ENABLED <-> FILE-IDENTIFY M4A file attachment detected (file-identify.rules) * 1:22974 <-> ENABLED <-> FILE-IDENTIFY M4A file attachment detected (file-identify.rules) * 1:22975 <-> ENABLED <-> FILE-IDENTIFY M4P file attachment detected (file-identify.rules) * 1:22976 <-> ENABLED <-> FILE-IDENTIFY M4P file attachment detected (file-identify.rules) * 1:22977 <-> ENABLED <-> FILE-IDENTIFY M4R file attachment detected (file-identify.rules) * 1:22978 <-> ENABLED <-> FILE-IDENTIFY M4R file attachment detected (file-identify.rules) * 1:22979 <-> ENABLED <-> FILE-IDENTIFY M4V file attachment detected (file-identify.rules) * 1:22980 <-> ENABLED <-> FILE-IDENTIFY M4V file attachment detected (file-identify.rules) * 1:22981 <-> ENABLED <-> FILE-IDENTIFY M4B file attachment detected (file-identify.rules) * 1:22982 <-> ENABLED <-> FILE-IDENTIFY M4B file attachment detected (file-identify.rules) * 1:22983 <-> ENABLED <-> FILE-IDENTIFY 3GP file attachment detected (file-identify.rules) * 1:22984 <-> ENABLED <-> FILE-IDENTIFY 3GP file attachment detected (file-identify.rules) * 1:22985 <-> ENABLED <-> FILE-IDENTIFY 3G2 file attachment detected (file-identify.rules) * 1:22986 <-> ENABLED <-> FILE-IDENTIFY 3G2 file attachment detected (file-identify.rules) * 1:22987 <-> ENABLED <-> FILE-IDENTIFY k3g file attachment detected (file-identify.rules) * 1:22988 <-> ENABLED <-> FILE-IDENTIFY k3g file attachment detected (file-identify.rules) * 1:22989 <-> ENABLED <-> FILE-IDENTIFY SKM file attachment detected (file-identify.rules) * 1:22990 <-> ENABLED <-> FILE-IDENTIFY SKM file attachment detected (file-identify.rules) * 1:22991 <-> ENABLED <-> FILE-IDENTIFY QT file attachment detected (file-identify.rules) * 1:22992 <-> ENABLED <-> FILE-IDENTIFY QT file attachment detected (file-identify.rules) * 1:22993 <-> ENABLED <-> FILE-IDENTIFY MP4 file attachment detected (file-identify.rules) * 1:22994 <-> ENABLED <-> FILE-IDENTIFY MP4 file attachment detected (file-identify.rules) * 1:22995 <-> ENABLED <-> FILE-IDENTIFY Apple QuickTime Movie file attachment detected (file-identify.rules) * 1:22996 <-> ENABLED <-> FILE-IDENTIFY Apple QuickTime Movie file attachment detected (file-identify.rules) * 1:22997 <-> ENABLED <-> FILE-IDENTIFY MHTML file attachment detected (file-identify.rules) * 1:22998 <-> ENABLED <-> FILE-IDENTIFY MHTML file attachment detected (file-identify.rules) * 1:23000 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Media Player DVR file attachment detected (file-identify.rules) * 1:23001 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Media Player DVR file attachment detected (file-identify.rules) * 1:23002 <-> ENABLED <-> FILE-IDENTIFY CSV file attachment detected (file-identify.rules) * 1:23003 <-> ENABLED <-> FILE-IDENTIFY CSV file attachment detected (file-identify.rules) * 1:23012 <-> ENABLED <-> FILE-IDENTIFY Collada file attachment detected (file-identify.rules) * 1:23013 <-> ENABLED <-> FILE-IDENTIFY Collada file attachment detected (file-identify.rules) * 1:23168 <-> ENABLED <-> FILE-IDENTIFY MPG video stream file attachment detected (file-identify.rules) * 1:23169 <-> ENABLED <-> FILE-IDENTIFY MPG video stream file attachment detected (file-identify.rules) * 1:23188 <-> ENABLED <-> FILE-IDENTIFY Windows Media Metafile file attachment detected (file-identify.rules) * 1:23189 <-> ENABLED <-> FILE-IDENTIFY Windows Media Metafile file attachment detected (file-identify.rules) * 1:23191 <-> ENABLED <-> FILE-IDENTIFY Windows Media Metafile file attachment detected (file-identify.rules) * 1:23192 <-> ENABLED <-> FILE-IDENTIFY Windows Media Metafile file attachment detected (file-identify.rules) * 1:23194 <-> ENABLED <-> FILE-IDENTIFY Windows Media Metafile file attachment detected (file-identify.rules) * 1:23195 <-> ENABLED <-> FILE-IDENTIFY Windows Media Metafile file attachment detected (file-identify.rules) * 1:23197 <-> ENABLED <-> FILE-IDENTIFY Windows Media Metafile file attachment detected (file-identify.rules) * 1:23198 <-> ENABLED <-> FILE-IDENTIFY Windows Media Metafile file attachment detected (file-identify.rules) * 1:23200 <-> ENABLED <-> FILE-IDENTIFY Windows Media Metafile file attachment detected (file-identify.rules) * 1:23201 <-> ENABLED <-> FILE-IDENTIFY Windows Media Metafile file attachment detected (file-identify.rules) * 1:23203 <-> ENABLED <-> FILE-IDENTIFY Windows Media Metafile file attachment detected (file-identify.rules) * 1:23204 <-> ENABLED <-> FILE-IDENTIFY Windows Media Metafile file attachment detected (file-identify.rules) * 1:23206 <-> ENABLED <-> FILE-IDENTIFY Windows Media Metafile file attachment detected (file-identify.rules) * 1:23207 <-> ENABLED <-> FILE-IDENTIFY Windows Media Metafile file attachment detected (file-identify.rules) * 1:23320 <-> ENABLED <-> FILE-IDENTIFY TAR file attachment detected (file-identify.rules) * 1:23321 <-> ENABLED <-> FILE-IDENTIFY TAR file attachment detected (file-identify.rules) * 1:23348 <-> ENABLED <-> FILE-IDENTIFY Lotus file attachment detected (file-identify.rules) * 1:23349 <-> ENABLED <-> FILE-IDENTIFY Lotus file attachment detected (file-identify.rules) * 1:23475 <-> ENABLED <-> FILE-IDENTIFY PLP file attachment detected (file-identify.rules) * 1:23476 <-> ENABLED <-> FILE-IDENTIFY PLP file attachment detected (file-identify.rules) * 1:23487 <-> ENABLED <-> FILE-IDENTIFY JOB file attachment detected (file-identify.rules) * 1:23488 <-> ENABLED <-> FILE-IDENTIFY JOB file attachment detected (file-identify.rules) * 1:23497 <-> ENABLED <-> FILE-IDENTIFY CUR file attachment detected (file-identify.rules) * 1:23498 <-> ENABLED <-> FILE-IDENTIFY CUR file attachment detected (file-identify.rules) * 1:23637 <-> ENABLED <-> FILE-IDENTIFY Java .class file attachment detected (file-identify.rules) * 1:23638 <-> ENABLED <-> FILE-IDENTIFY Java .class file attachment detected (file-identify.rules) * 1:23808 <-> ENABLED <-> FILE-IDENTIFY JPEG2000 file attachment detected (file-identify.rules) * 1:23809 <-> ENABLED <-> FILE-IDENTIFY JPEG2000 file attachment detected (file-identify.rules) * 1:23811 <-> ENABLED <-> FILE-IDENTIFY JPEG2000 file attachment detected (file-identify.rules) * 1:23812 <-> ENABLED <-> FILE-IDENTIFY JPEG2000 file attachment detected (file-identify.rules) * 1:23814 <-> ENABLED <-> FILE-IDENTIFY JPEG2000 file attachment detected (file-identify.rules) * 1:23815 <-> ENABLED <-> FILE-IDENTIFY JPEG2000 file attachment detected (file-identify.rules) * 1:23817 <-> ENABLED <-> FILE-IDENTIFY JPEG2000 file attachment detected (file-identify.rules) * 1:23818 <-> ENABLED <-> FILE-IDENTIFY JPEG2000 file attachment detected (file-identify.rules) * 1:23820 <-> ENABLED <-> FILE-IDENTIFY JPEG2000 file attachment detected (file-identify.rules) * 1:23821 <-> ENABLED <-> FILE-IDENTIFY JPEG2000 file attachment detected (file-identify.rules) * 1:24046 <-> ENABLED <-> FILE-IDENTIFY Winamp skin file wsz file attachment detected (file-identify.rules) * 1:24047 <-> ENABLED <-> FILE-IDENTIFY Winamp skin file wsz file attachment detected (file-identify.rules) * 1:24049 <-> ENABLED <-> FILE-IDENTIFY Winamp skin file wal file attachment detected (file-identify.rules) * 1:24050 <-> ENABLED <-> FILE-IDENTIFY Winamp skin file wal file attachment detected (file-identify.rules) * 1:24072 <-> ENABLED <-> FILE-IDENTIFY GZip file attachment detected (file-identify.rules) * 1:24073 <-> ENABLED <-> FILE-IDENTIFY GZip file attachment detected (file-identify.rules) * 1:24075 <-> ENABLED <-> FILE-IDENTIFY MP3 file attachment detected (file-identify.rules) * 1:24076 <-> ENABLED <-> FILE-IDENTIFY MP3 file attachment detected (file-identify.rules) * 1:24078 <-> ENABLED <-> FILE-IDENTIFY RMF file attachment detected (file-identify.rules) * 1:24079 <-> ENABLED <-> FILE-IDENTIFY RMF file attachment detected (file-identify.rules) * 1:24080 <-> ENABLED <-> FILE-IDENTIFY Microsoft Works file attachment detected (file-identify.rules) * 1:24081 <-> ENABLED <-> FILE-IDENTIFY Microsoft Works file attachment detected (file-identify.rules) * 1:24100 <-> ENABLED <-> FILE-IDENTIFY PLF file attachment detected (file-identify.rules) * 1:24101 <-> ENABLED <-> FILE-IDENTIFY PLF file attachment detected (file-identify.rules) * 1:24157 <-> ENABLED <-> FILE-IDENTIFY .rtx file attachment detected (file-identify.rules) * 1:24158 <-> ENABLED <-> FILE-IDENTIFY .rtx file attachment detected (file-identify.rules) * 1:24453 <-> ENABLED <-> FILE-IDENTIFY Webm file attachment detected (file-identify.rules) * 1:24454 <-> ENABLED <-> FILE-IDENTIFY Webm file attachment detected (file-identify.rules) * 1:24460 <-> ENABLED <-> FILE-IDENTIFY PSD file attachment detected (file-identify.rules) * 1:24461 <-> ENABLED <-> FILE-IDENTIFY PSD file attachment detected (file-identify.rules) * 1:24463 <-> ENABLED <-> FILE-IDENTIFY TIFF file attachment detected (file-identify.rules) * 1:24464 <-> ENABLED <-> FILE-IDENTIFY TIFF file attachment detected (file-identify.rules) * 1:24468 <-> ENABLED <-> FILE-IDENTIFY XCF file attachment detected (file-identify.rules) * 1:24469 <-> ENABLED <-> FILE-IDENTIFY XCF file attachment detected (file-identify.rules) * 1:24472 <-> ENABLED <-> FILE-IDENTIFY FLV file attachment detected (file-identify.rules) * 1:24473 <-> ENABLED <-> FILE-IDENTIFY FLV file attachment detected (file-identify.rules) * 1:24709 <-> ENABLED <-> FILE-IDENTIFY Netop Remote Control file attachment detected (file-identify.rules) * 1:974 <-> DISABLED <-> SERVER-IIS Microsoft Windows IIS directory traversal attempt (server-iis.rules) * 1:33563 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word document with embedded networking script (file-office.rules) * 1:33562 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word document with embedded networking script (file-office.rules) * 1:33027 <-> ENABLED <-> FILE-IDENTIFY Publish-iT PUI file attachment detected (file-identify.rules) * 1:33026 <-> ENABLED <-> FILE-IDENTIFY Publish-iT PUI file attachment detected (file-identify.rules) * 1:32946 <-> ENABLED <-> FILE-IDENTIFY .scr executable screensaver file attachment detected (file-identify.rules) * 1:32945 <-> ENABLED <-> FILE-IDENTIFY .scr executable screensaver file attachment detected (file-identify.rules) * 1:32763 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer TextRange after free attempt (browser-ie.rules) * 1:32762 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer TextRange after free attempt (browser-ie.rules) * 1:32617 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Registry file attachment detected (file-identify.rules) * 1:32616 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Registry file attachment detected (file-identify.rules) * 1:32435 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word fcPlfguidUim out-of-bounds attempt (file-office.rules) * 1:32434 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word lcbPlcffndTxt out-of-bounds attempt (file-office.rules) * 1:32433 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word fcPlfguidUim out-of-bounds attempt (file-office.rules) * 1:32432 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word lcbPlcffndTxt out-of-bounds attempt (file-office.rules) * 1:32380 <-> ENABLED <-> FILE-IDENTIFY dib file attachment detected (file-identify.rules) * 1:32378 <-> ENABLED <-> FILE-IDENTIFY bmp file attachment detected (file-identify.rules) * 1:32252 <-> ENABLED <-> FILE-IDENTIFY Basic Control Engine file attachment detected (file-identify.rules) * 1:32251 <-> ENABLED <-> FILE-IDENTIFY Basic Control Engine file attachment detected (file-identify.rules) * 1:32135 <-> ENABLED <-> FILE-IDENTIFY XBM file attachment detected (file-identify.rules) * 1:32134 <-> ENABLED <-> FILE-IDENTIFY XBM file attachment detected (file-identify.rules) * 1:31868 <-> ENABLED <-> FILE-IDENTIFY JPEG file attachment detected (file-identify.rules) * 1:31867 <-> ENABLED <-> FILE-IDENTIFY JPEG file attachment detected (file-identify.rules) * 1:31866 <-> ENABLED <-> FILE-IDENTIFY JPEG file attachment detected (file-identify.rules) * 1:31865 <-> ENABLED <-> FILE-IDENTIFY JPEG file attachment detected (file-identify.rules) * 1:31717 <-> ENABLED <-> MALWARE-CNC Win.Trojan.SoftPulse variant outbound connection attempt (malware-cnc.rules) * 1:30759 <-> ENABLED <-> FILE-IDENTIFY ABC Music Notation file attachment detected (file-identify.rules) * 1:30758 <-> ENABLED <-> FILE-IDENTIFY ABC Music Notation file attachment detected (file-identify.rules) * 1:24822 <-> ENABLED <-> FILE-IDENTIFY Computer Graphics Metafile file attachment detected (file-identify.rules) * 1:24821 <-> ENABLED <-> FILE-IDENTIFY Computer Graphics Metafile file attachment detected (file-identify.rules) * 1:24825 <-> ENABLED <-> FILE-IDENTIFY RealPlayer skin file attachment detected (file-identify.rules) * 1:30016 <-> ENABLED <-> FILE-IDENTIFY OS/2 Metafile file attachment detected (file-identify.rules) * 1:30015 <-> ENABLED <-> FILE-IDENTIFY OS/2 Metafile file attachment detected (file-identify.rules) * 1:29714 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer overlapping object boundaries memory corruption attempt (browser-ie.rules) * 1:29713 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer overlapping object boundaries memory corruption attempt (browser-ie.rules) * 1:29613 <-> ENABLED <-> FILE-IDENTIFY XPS file attachment detected (file-identify.rules) * 1:29612 <-> ENABLED <-> FILE-IDENTIFY XPS file attachment detected (file-identify.rules) * 1:29406 <-> ENABLED <-> FILE-IDENTIFY Microsoft Internet Shortcut file attachment detected (file-identify.rules) * 1:29405 <-> ENABLED <-> FILE-IDENTIFY Microsoft Internet Shortcut file attachment detected (file-identify.rules) * 1:29386 <-> ENABLED <-> FILE-IDENTIFY Adobe AIR file attachment detected (file-identify.rules) * 1:29385 <-> ENABLED <-> FILE-IDENTIFY Adobe AIR file attachment detected (file-identify.rules) * 1:29275 <-> ENABLED <-> FILE-IDENTIFY XFDL file attachment detected (file-identify.rules) * 1:29274 <-> ENABLED <-> FILE-IDENTIFY XFDL file attachment detected (file-identify.rules) * 1:29007 <-> ENABLED <-> FILE-IDENTIFY XWD image file attachment detected (file-identify.rules) * 1:29006 <-> ENABLED <-> FILE-IDENTIFY XWD image file attachment detected (file-identify.rules) * 1:28900 <-> ENABLED <-> FILE-IDENTIFY eSignal .sum file attachment detected (file-identify.rules) * 1:28899 <-> ENABLED <-> FILE-IDENTIFY eSignal .por file attachment detected (file-identify.rules) * 1:28898 <-> ENABLED <-> FILE-IDENTIFY eSignal .ets file attachment detected (file-identify.rules) * 1:28897 <-> ENABLED <-> FILE-IDENTIFY eSignal .sum file attachment detected (file-identify.rules) * 1:28896 <-> ENABLED <-> FILE-IDENTIFY eSignal .quo file attachment detected (file-identify.rules) * 1:28895 <-> ENABLED <-> FILE-IDENTIFY eSignal .por file attachment detected (file-identify.rules) * 1:28894 <-> ENABLED <-> FILE-IDENTIFY eSignal .ets file attachment detected (file-identify.rules) * 1:28572 <-> ENABLED <-> FILE-IDENTIFY FDF file attachment detected (file-identify.rules) * 1:28571 <-> ENABLED <-> FILE-IDENTIFY FDF file attachment detected (file-identify.rules) * 1:28508 <-> ENABLED <-> FILE-IDENTIFY Microsoft Write file download file attachment detected (file-identify.rules) * 1:28507 <-> ENABLED <-> FILE-IDENTIFY Microsoft Write file download file attachment detected (file-identify.rules) * 1:28383 <-> ENABLED <-> FILE-IDENTIFY HTML Help Index download file attachment detected (file-identify.rules) * 1:28384 <-> ENABLED <-> FILE-IDENTIFY HTML Help Index download file attachment detected (file-identify.rules) * 1:28370 <-> ENABLED <-> FILE-IDENTIFY CIS file attachment detected (file-identify.rules) * 1:28369 <-> ENABLED <-> FILE-IDENTIFY CIS file attachment detected (file-identify.rules) * 1:28353 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CTableLayout memory corruption attempt (browser-ie.rules) * 1:28352 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CTableLayout memory corruption attempt (browser-ie.rules) * 1:27530 <-> DISABLED <-> FILE-IMAGE Directshow GIF logical height overflow attempt (file-image.rules) * 1:27529 <-> DISABLED <-> FILE-IMAGE Directshow GIF logical height overflow attempt (file-image.rules) * 1:27528 <-> DISABLED <-> FILE-IMAGE Directshow GIF logical width overflow attempt (file-image.rules) * 1:27527 <-> DISABLED <-> FILE-IMAGE Directshow GIF logical height overflow attempt (file-image.rules) * 1:27525 <-> DISABLED <-> FILE-IMAGE Directshow GIF logical width overflow attempt (file-image.rules) * 1:27526 <-> DISABLED <-> FILE-IMAGE Directshow GIF logical height overflow attempt (file-image.rules) * 1:27276 <-> ENABLED <-> FILE-IDENTIFY Trimble SketchUp file attachment detected (file-identify.rules) * 1:27275 <-> ENABLED <-> FILE-IDENTIFY Trimble SketchUp file attachment detected (file-identify.rules) * 1:26904 <-> ENABLED <-> FILE-IDENTIFY Android APK download file attachment detected (file-identify.rules) * 1:26903 <-> ENABLED <-> FILE-IDENTIFY Android APK download file attachment detected (file-identify.rules) * 1:26516 <-> ENABLED <-> FILE-IDENTIFY maplet file attachment detected (file-identify.rules) * 1:26515 <-> ENABLED <-> FILE-IDENTIFY maplet file attachment detected (file-identify.rules) * 1:26494 <-> ENABLED <-> FILE-IDENTIFY KingView KingMessage log file attachment detected (file-identify.rules) * 1:26493 <-> ENABLED <-> FILE-IDENTIFY KingView KingMessage log file attachment detected (file-identify.rules) * 1:26466 <-> ENABLED <-> FILE-IDENTIFY XUL file attachment detected (file-identify.rules) * 1:26465 <-> ENABLED <-> FILE-IDENTIFY XUL file attachment detected (file-identify.rules) * 1:26457 <-> ENABLED <-> FILE-IDENTIFY Stream redirector file attachment detected (file-identify.rules) * 1:26456 <-> ENABLED <-> FILE-IDENTIFY Stream redirector file attachment detected (file-identify.rules) * 1:24902 <-> ENABLED <-> FILE-IDENTIFY JNLP file attachment detected (file-identify.rules) * 1:26423 <-> ENABLED <-> FILE-IDENTIFY Metalink File file attachment detected (file-identify.rules) * 1:24826 <-> ENABLED <-> FILE-IDENTIFY RealPlayer skin file attachment detected (file-identify.rules) * 1:25033 <-> ENABLED <-> FILE-IDENTIFY Microsoft Silverlight application file attachment detected (file-identify.rules) * 1:25034 <-> ENABLED <-> FILE-IDENTIFY Microsoft Silverlight application file attachment detected (file-identify.rules) * 1:26422 <-> ENABLED <-> FILE-IDENTIFY Metalink File file attachment detected (file-identify.rules) * 1:25307 <-> ENABLED <-> FILE-IDENTIFY Adobe Audition Session file attachment detected (file-identify.rules) * 1:25308 <-> ENABLED <-> FILE-IDENTIFY Adobe Audition Session file attachment detected (file-identify.rules) * 1:25374 <-> ENABLED <-> FILE-IDENTIFY Apple Quicktime Targa Image file attachment detected (file-identify.rules) * 1:25375 <-> ENABLED <-> FILE-IDENTIFY Apple Quicktime Targa Image file attachment detected (file-identify.rules) * 1:26208 <-> ENABLED <-> FILE-IDENTIFY CyberLink Power2Go file attachment detected (file-identify.rules) * 1:25605 <-> ENABLED <-> FILE-IDENTIFY Csound audio file file attachment detected (file-identify.rules) * 1:25606 <-> ENABLED <-> FILE-IDENTIFY Csound audio file file attachment detected (file-identify.rules) * 1:25797 <-> DISABLED <-> FILE-MULTIMEDIA VideoLAN VLC Media Player XSPF memory corruption attempt (file-multimedia.rules) * 1:25929 <-> ENABLED <-> FILE-IDENTIFY Ogg file attachment detected (file-identify.rules) * 1:26207 <-> ENABLED <-> FILE-IDENTIFY CyberLink Power2Go file attachment detected (file-identify.rules) * 1:25930 <-> ENABLED <-> FILE-IDENTIFY Ogg file attachment detected (file-identify.rules) * 1:25932 <-> ENABLED <-> FILE-IDENTIFY Ogg file attachment detected (file-identify.rules) * 1:25933 <-> ENABLED <-> FILE-IDENTIFY Ogg file attachment detected (file-identify.rules) * 1:25935 <-> ENABLED <-> FILE-IDENTIFY Ogg file attachment detected (file-identify.rules) * 1:26128 <-> ENABLED <-> FILE-IDENTIFY Microsoft Internet Explorer HTML Component file attachment detected (file-identify.rules) * 1:25936 <-> ENABLED <-> FILE-IDENTIFY Ogg file attachment detected (file-identify.rules) * 1:25938 <-> ENABLED <-> FILE-IDENTIFY Ogg file attachment detected (file-identify.rules) * 1:25939 <-> ENABLED <-> FILE-IDENTIFY Ogg file attachment detected (file-identify.rules) * 1:25941 <-> ENABLED <-> FILE-IDENTIFY Ogg file attachment detected (file-identify.rules) * 1:26127 <-> ENABLED <-> FILE-IDENTIFY Microsoft Internet Explorer HTML Component file attachment detected (file-identify.rules) * 1:25942 <-> ENABLED <-> FILE-IDENTIFY Ogg file attachment detected (file-identify.rules) * 1:25944 <-> ENABLED <-> FILE-IDENTIFY Ogg file attachment detected (file-identify.rules) * 1:26085 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Excel file attachment detected (file-identify.rules) * 1:24903 <-> ENABLED <-> FILE-IDENTIFY JNLP file attachment detected (file-identify.rules) * 1:26084 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Excel file attachment detected (file-identify.rules) * 1:26065 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Word docm file attachment detected (file-identify.rules) * 1:26064 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Word docm file attachment detected (file-identify.rules) * 1:26062 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office PowerPoint file attachment detected (file-identify.rules) * 1:24710 <-> ENABLED <-> FILE-IDENTIFY Netop Remote Control file attachment detected (file-identify.rules) * 1:26061 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office PowerPoint file attachment detected (file-identify.rules) * 1:25945 <-> ENABLED <-> FILE-IDENTIFY Ogg file attachment detected (file-identify.rules) * 3:19187 <-> ENABLED <-> PROTOCOL-DNS TMG Firewall Client long host entry exploit attempt (protocol-dns.rules)
This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 2970.
The format of the file is:
gid:sid <-> Default rule state <-> Message (rule group)
* 1:33591 <-> DISABLED <-> FILE-IMAGE Adobe Photoshop CS4 TIFF parsing heap overflow attempt (file-image.rules) * 1:33590 <-> DISABLED <-> FILE-IMAGE Adobe Photoshop CS4 TIFF parsing heap overflow attempt (file-image.rules) * 1:33589 <-> DISABLED <-> FILE-IMAGE Adobe Photoshop CS4 TIFF parsing heap overflow attempt (file-image.rules) * 1:33588 <-> DISABLED <-> FILE-OTHER Oracle Java WebStart JNLP stack buffer overflow attempt (file-other.rules) * 1:33586 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime Image Description Atom sign extension memory corruption attempt (file-multimedia.rules) * 1:33585 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ASnative command execution attempt (file-flash.rules) * 1:33584 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ASnative command execution attempt (file-flash.rules) * 1:33583 <-> DISABLED <-> PROTOCOL-DNS ISC BIND recursive resolver resource consumption denial of service attempt (protocol-dns.rules) * 1:33582 <-> DISABLED <-> SERVER-SAMBA Samba WINS Server Name Registration handling stack buffer overflow attempt (server-samba.rules) * 1:33581 <-> DISABLED <-> SERVER-WEBAPP nginx URI processing security bypass attempt (server-webapp.rules) * 1:33580 <-> DISABLED <-> PUA-ADWARE SuperFish adware outbound connection attempt (pua-adware.rules) * 1:33579 <-> DISABLED <-> BROWSER-PLUGINS Facebook Photo Uploader ActiveX clsid access attempt (browser-plugins.rules) * 1:33578 <-> ENABLED <-> FILE-MULTIMEDIA Apple QuickTime STSD JPEG atom heap corruption attempt (file-multimedia.rules) * 1:33577 <-> ENABLED <-> FILE-MULTIMEDIA Apple QuickTime STSD JPEG atom heap corruption attempt (file-multimedia.rules) * 1:33576 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime STSD JPEG atom heap corruption attempt (file-multimedia.rules) * 1:33575 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime STSD JPEG atom heap corruption attempt (file-multimedia.rules) * 1:33574 <-> DISABLED <-> SERVER-WEBAPP ManageEngine Multiple Products FailOverHelperServlet information disclosure attempt (server-webapp.rules) * 1:33573 <-> DISABLED <-> SERVER-WEBAPP ManageEngine Multiple Products FailOverHelperServlet information disclosure attempt (server-webapp.rules) * 1:33572 <-> DISABLED <-> FILE-OTHER Adobe Reader ETB baseurl memory corruption attempt (file-other.rules) * 1:33571 <-> DISABLED <-> FILE-OTHER Adobe Reader ETB baseurl memory corruption attempt (file-other.rules) * 1:33570 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CTableLayout memory corruption attempt (browser-ie.rules) * 1:33569 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CTableLayout memory corruption attempt (browser-ie.rules) * 1:33568 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word border use-after-free attempt (file-office.rules) * 1:33567 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word border use-after-free attempt (file-office.rules) * 1:33566 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox 3 xsl parsing heap overflow attempt (browser-firefox.rules) * 1:33565 <-> DISABLED <-> SERVER-OTHER McAfee E-Business Server remote preauth code execution attempt (server-other.rules) * 1:33564 <-> DISABLED <-> SERVER-MAIL GNU Mailman date field buffer overflow attempt (server-mail.rules) * 3:33587 <-> ENABLED <-> FILE-OFFICE Microsoft RTF improper listoverride nesting attempt (file-office.rules)
* 1:24075 <-> ENABLED <-> FILE-IDENTIFY MP3 file attachment detected (file-identify.rules) * 1:24073 <-> ENABLED <-> FILE-IDENTIFY GZip file attachment detected (file-identify.rules) * 1:24072 <-> ENABLED <-> FILE-IDENTIFY GZip file attachment detected (file-identify.rules) * 1:24050 <-> ENABLED <-> FILE-IDENTIFY Winamp skin file wal file attachment detected (file-identify.rules) * 1:24049 <-> ENABLED <-> FILE-IDENTIFY Winamp skin file wal file attachment detected (file-identify.rules) * 1:24047 <-> ENABLED <-> FILE-IDENTIFY Winamp skin file wsz file attachment detected (file-identify.rules) * 1:24046 <-> ENABLED <-> FILE-IDENTIFY Winamp skin file wsz file attachment detected (file-identify.rules) * 1:23821 <-> ENABLED <-> FILE-IDENTIFY JPEG2000 file attachment detected (file-identify.rules) * 1:23820 <-> ENABLED <-> FILE-IDENTIFY JPEG2000 file attachment detected (file-identify.rules) * 1:23818 <-> ENABLED <-> FILE-IDENTIFY JPEG2000 file attachment detected (file-identify.rules) * 1:974 <-> DISABLED <-> SERVER-IIS Microsoft Windows IIS directory traversal attempt (server-iis.rules) * 1:33563 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word document with embedded networking script (file-office.rules) * 1:33562 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word document with embedded networking script (file-office.rules) * 1:33027 <-> ENABLED <-> FILE-IDENTIFY Publish-iT PUI file attachment detected (file-identify.rules) * 1:33026 <-> ENABLED <-> FILE-IDENTIFY Publish-iT PUI file attachment detected (file-identify.rules) * 1:32946 <-> ENABLED <-> FILE-IDENTIFY .scr executable screensaver file attachment detected (file-identify.rules) * 1:32945 <-> ENABLED <-> FILE-IDENTIFY .scr executable screensaver file attachment detected (file-identify.rules) * 1:32763 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer TextRange after free attempt (browser-ie.rules) * 1:32762 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer TextRange after free attempt (browser-ie.rules) * 1:32617 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Registry file attachment detected (file-identify.rules) * 1:32616 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Registry file attachment detected (file-identify.rules) * 1:32435 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word fcPlfguidUim out-of-bounds attempt (file-office.rules) * 1:32434 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word lcbPlcffndTxt out-of-bounds attempt (file-office.rules) * 1:32433 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word fcPlfguidUim out-of-bounds attempt (file-office.rules) * 1:32432 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word lcbPlcffndTxt out-of-bounds attempt (file-office.rules) * 1:32380 <-> ENABLED <-> FILE-IDENTIFY dib file attachment detected (file-identify.rules) * 1:32378 <-> ENABLED <-> FILE-IDENTIFY bmp file attachment detected (file-identify.rules) * 1:32252 <-> ENABLED <-> FILE-IDENTIFY Basic Control Engine file attachment detected (file-identify.rules) * 1:32251 <-> ENABLED <-> FILE-IDENTIFY Basic Control Engine file attachment detected (file-identify.rules) * 1:32135 <-> ENABLED <-> FILE-IDENTIFY XBM file attachment detected (file-identify.rules) * 1:32134 <-> ENABLED <-> FILE-IDENTIFY XBM file attachment detected (file-identify.rules) * 1:31868 <-> ENABLED <-> FILE-IDENTIFY JPEG file attachment detected (file-identify.rules) * 1:31867 <-> ENABLED <-> FILE-IDENTIFY JPEG file attachment detected (file-identify.rules) * 1:31866 <-> ENABLED <-> FILE-IDENTIFY JPEG file attachment detected (file-identify.rules) * 1:31865 <-> ENABLED <-> FILE-IDENTIFY JPEG file attachment detected (file-identify.rules) * 1:31717 <-> ENABLED <-> MALWARE-CNC Win.Trojan.SoftPulse variant outbound connection attempt (malware-cnc.rules) * 1:30759 <-> ENABLED <-> FILE-IDENTIFY ABC Music Notation file attachment detected (file-identify.rules) * 1:30758 <-> ENABLED <-> FILE-IDENTIFY ABC Music Notation file attachment detected (file-identify.rules) * 1:30016 <-> ENABLED <-> FILE-IDENTIFY OS/2 Metafile file attachment detected (file-identify.rules) * 1:30015 <-> ENABLED <-> FILE-IDENTIFY OS/2 Metafile file attachment detected (file-identify.rules) * 1:29714 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer overlapping object boundaries memory corruption attempt (browser-ie.rules) * 1:29713 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer overlapping object boundaries memory corruption attempt (browser-ie.rules) * 1:29613 <-> ENABLED <-> FILE-IDENTIFY XPS file attachment detected (file-identify.rules) * 1:29612 <-> ENABLED <-> FILE-IDENTIFY XPS file attachment detected (file-identify.rules) * 1:29406 <-> ENABLED <-> FILE-IDENTIFY Microsoft Internet Shortcut file attachment detected (file-identify.rules) * 1:29405 <-> ENABLED <-> FILE-IDENTIFY Microsoft Internet Shortcut file attachment detected (file-identify.rules) * 1:29386 <-> ENABLED <-> FILE-IDENTIFY Adobe AIR file attachment detected (file-identify.rules) * 1:29385 <-> ENABLED <-> FILE-IDENTIFY Adobe AIR file attachment detected (file-identify.rules) * 1:29275 <-> ENABLED <-> FILE-IDENTIFY XFDL file attachment detected (file-identify.rules) * 1:29274 <-> ENABLED <-> FILE-IDENTIFY XFDL file attachment detected (file-identify.rules) * 1:29007 <-> ENABLED <-> FILE-IDENTIFY XWD image file attachment detected (file-identify.rules) * 1:29006 <-> ENABLED <-> FILE-IDENTIFY XWD image file attachment detected (file-identify.rules) * 1:28900 <-> ENABLED <-> FILE-IDENTIFY eSignal .sum file attachment detected (file-identify.rules) * 1:28899 <-> ENABLED <-> FILE-IDENTIFY eSignal .por file attachment detected (file-identify.rules) * 1:28898 <-> ENABLED <-> FILE-IDENTIFY eSignal .ets file attachment detected (file-identify.rules) * 1:28897 <-> ENABLED <-> FILE-IDENTIFY eSignal .sum file attachment detected (file-identify.rules) * 1:28896 <-> ENABLED <-> FILE-IDENTIFY eSignal .quo file attachment detected (file-identify.rules) * 1:28895 <-> ENABLED <-> FILE-IDENTIFY eSignal .por file attachment detected (file-identify.rules) * 1:28894 <-> ENABLED <-> FILE-IDENTIFY eSignal .ets file attachment detected (file-identify.rules) * 1:28572 <-> ENABLED <-> FILE-IDENTIFY FDF file attachment detected (file-identify.rules) * 1:28571 <-> ENABLED <-> FILE-IDENTIFY FDF file attachment detected (file-identify.rules) * 1:28508 <-> ENABLED <-> FILE-IDENTIFY Microsoft Write file download file attachment detected (file-identify.rules) * 1:28507 <-> ENABLED <-> FILE-IDENTIFY Microsoft Write file download file attachment detected (file-identify.rules) * 1:28384 <-> ENABLED <-> FILE-IDENTIFY HTML Help Index download file attachment detected (file-identify.rules) * 1:28383 <-> ENABLED <-> FILE-IDENTIFY HTML Help Index download file attachment detected (file-identify.rules) * 1:28370 <-> ENABLED <-> FILE-IDENTIFY CIS file attachment detected (file-identify.rules) * 1:28369 <-> ENABLED <-> FILE-IDENTIFY CIS file attachment detected (file-identify.rules) * 1:28353 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CTableLayout memory corruption attempt (browser-ie.rules) * 1:28352 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CTableLayout memory corruption attempt (browser-ie.rules) * 1:27530 <-> DISABLED <-> FILE-IMAGE Directshow GIF logical height overflow attempt (file-image.rules) * 1:27529 <-> DISABLED <-> FILE-IMAGE Directshow GIF logical height overflow attempt (file-image.rules) * 1:27528 <-> DISABLED <-> FILE-IMAGE Directshow GIF logical width overflow attempt (file-image.rules) * 1:27527 <-> DISABLED <-> FILE-IMAGE Directshow GIF logical height overflow attempt (file-image.rules) * 1:27526 <-> DISABLED <-> FILE-IMAGE Directshow GIF logical height overflow attempt (file-image.rules) * 1:27525 <-> DISABLED <-> FILE-IMAGE Directshow GIF logical width overflow attempt (file-image.rules) * 1:27276 <-> ENABLED <-> FILE-IDENTIFY Trimble SketchUp file attachment detected (file-identify.rules) * 1:27275 <-> ENABLED <-> FILE-IDENTIFY Trimble SketchUp file attachment detected (file-identify.rules) * 1:26904 <-> ENABLED <-> FILE-IDENTIFY Android APK download file attachment detected (file-identify.rules) * 1:26903 <-> ENABLED <-> FILE-IDENTIFY Android APK download file attachment detected (file-identify.rules) * 1:26516 <-> ENABLED <-> FILE-IDENTIFY maplet file attachment detected (file-identify.rules) * 1:26515 <-> ENABLED <-> FILE-IDENTIFY maplet file attachment detected (file-identify.rules) * 1:26494 <-> ENABLED <-> FILE-IDENTIFY KingView KingMessage log file attachment detected (file-identify.rules) * 1:26493 <-> ENABLED <-> FILE-IDENTIFY KingView KingMessage log file attachment detected (file-identify.rules) * 1:26466 <-> ENABLED <-> FILE-IDENTIFY XUL file attachment detected (file-identify.rules) * 1:26465 <-> ENABLED <-> FILE-IDENTIFY XUL file attachment detected (file-identify.rules) * 1:26457 <-> ENABLED <-> FILE-IDENTIFY Stream redirector file attachment detected (file-identify.rules) * 1:26456 <-> ENABLED <-> FILE-IDENTIFY Stream redirector file attachment detected (file-identify.rules) * 1:26423 <-> ENABLED <-> FILE-IDENTIFY Metalink File file attachment detected (file-identify.rules) * 1:26422 <-> ENABLED <-> FILE-IDENTIFY Metalink File file attachment detected (file-identify.rules) * 1:26208 <-> ENABLED <-> FILE-IDENTIFY CyberLink Power2Go file attachment detected (file-identify.rules) * 1:26207 <-> ENABLED <-> FILE-IDENTIFY CyberLink Power2Go file attachment detected (file-identify.rules) * 1:26128 <-> ENABLED <-> FILE-IDENTIFY Microsoft Internet Explorer HTML Component file attachment detected (file-identify.rules) * 1:26127 <-> ENABLED <-> FILE-IDENTIFY Microsoft Internet Explorer HTML Component file attachment detected (file-identify.rules) * 1:26085 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Excel file attachment detected (file-identify.rules) * 1:26084 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Excel file attachment detected (file-identify.rules) * 1:26065 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Word docm file attachment detected (file-identify.rules) * 1:26064 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Word docm file attachment detected (file-identify.rules) * 1:26062 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office PowerPoint file attachment detected (file-identify.rules) * 1:26061 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office PowerPoint file attachment detected (file-identify.rules) * 1:25945 <-> ENABLED <-> FILE-IDENTIFY Ogg file attachment detected (file-identify.rules) * 1:25944 <-> ENABLED <-> FILE-IDENTIFY Ogg file attachment detected (file-identify.rules) * 1:25942 <-> ENABLED <-> FILE-IDENTIFY Ogg file attachment detected (file-identify.rules) * 1:25941 <-> ENABLED <-> FILE-IDENTIFY Ogg file attachment detected (file-identify.rules) * 1:25939 <-> ENABLED <-> FILE-IDENTIFY Ogg file attachment detected (file-identify.rules) * 1:25938 <-> ENABLED <-> FILE-IDENTIFY Ogg file attachment detected (file-identify.rules) * 1:25936 <-> ENABLED <-> FILE-IDENTIFY Ogg file attachment detected (file-identify.rules) * 1:25935 <-> ENABLED <-> FILE-IDENTIFY Ogg file attachment detected (file-identify.rules) * 1:25933 <-> ENABLED <-> FILE-IDENTIFY Ogg file attachment detected (file-identify.rules) * 1:25932 <-> ENABLED <-> FILE-IDENTIFY Ogg file attachment detected (file-identify.rules) * 1:25930 <-> ENABLED <-> FILE-IDENTIFY Ogg file attachment detected (file-identify.rules) * 1:25929 <-> ENABLED <-> FILE-IDENTIFY Ogg file attachment detected (file-identify.rules) * 1:25797 <-> DISABLED <-> FILE-MULTIMEDIA VideoLAN VLC Media Player XSPF memory corruption attempt (file-multimedia.rules) * 1:25606 <-> ENABLED <-> FILE-IDENTIFY Csound audio file file attachment detected (file-identify.rules) * 1:25605 <-> ENABLED <-> FILE-IDENTIFY Csound audio file file attachment detected (file-identify.rules) * 1:25375 <-> ENABLED <-> FILE-IDENTIFY Apple Quicktime Targa Image file attachment detected (file-identify.rules) * 1:25374 <-> ENABLED <-> FILE-IDENTIFY Apple Quicktime Targa Image file attachment detected (file-identify.rules) * 1:25308 <-> ENABLED <-> FILE-IDENTIFY Adobe Audition Session file attachment detected (file-identify.rules) * 1:25307 <-> ENABLED <-> FILE-IDENTIFY Adobe Audition Session file attachment detected (file-identify.rules) * 1:25034 <-> ENABLED <-> FILE-IDENTIFY Microsoft Silverlight application file attachment detected (file-identify.rules) * 1:25033 <-> ENABLED <-> FILE-IDENTIFY Microsoft Silverlight application file attachment detected (file-identify.rules) * 1:24903 <-> ENABLED <-> FILE-IDENTIFY JNLP file attachment detected (file-identify.rules) * 1:24902 <-> ENABLED <-> FILE-IDENTIFY JNLP file attachment detected (file-identify.rules) * 1:24826 <-> ENABLED <-> FILE-IDENTIFY RealPlayer skin file attachment detected (file-identify.rules) * 1:24825 <-> ENABLED <-> FILE-IDENTIFY RealPlayer skin file attachment detected (file-identify.rules) * 1:24822 <-> ENABLED <-> FILE-IDENTIFY Computer Graphics Metafile file attachment detected (file-identify.rules) * 1:24821 <-> ENABLED <-> FILE-IDENTIFY Computer Graphics Metafile file attachment detected (file-identify.rules) * 1:24710 <-> ENABLED <-> FILE-IDENTIFY Netop Remote Control file attachment detected (file-identify.rules) * 1:24709 <-> ENABLED <-> FILE-IDENTIFY Netop Remote Control file attachment detected (file-identify.rules) * 1:24473 <-> ENABLED <-> FILE-IDENTIFY FLV file attachment detected (file-identify.rules) * 1:24472 <-> ENABLED <-> FILE-IDENTIFY FLV file attachment detected (file-identify.rules) * 1:24469 <-> ENABLED <-> FILE-IDENTIFY XCF file attachment detected (file-identify.rules) * 1:24468 <-> ENABLED <-> FILE-IDENTIFY XCF file attachment detected (file-identify.rules) * 1:24464 <-> ENABLED <-> FILE-IDENTIFY TIFF file attachment detected (file-identify.rules) * 1:24463 <-> ENABLED <-> FILE-IDENTIFY TIFF file attachment detected (file-identify.rules) * 1:24461 <-> ENABLED <-> FILE-IDENTIFY PSD file attachment detected (file-identify.rules) * 1:24460 <-> ENABLED <-> FILE-IDENTIFY PSD file attachment detected (file-identify.rules) * 1:24454 <-> ENABLED <-> FILE-IDENTIFY Webm file attachment detected (file-identify.rules) * 1:24453 <-> ENABLED <-> FILE-IDENTIFY Webm file attachment detected (file-identify.rules) * 1:24158 <-> ENABLED <-> FILE-IDENTIFY .rtx file attachment detected (file-identify.rules) * 1:24157 <-> ENABLED <-> FILE-IDENTIFY .rtx file attachment detected (file-identify.rules) * 1:24101 <-> ENABLED <-> FILE-IDENTIFY PLF file attachment detected (file-identify.rules) * 1:24100 <-> ENABLED <-> FILE-IDENTIFY PLF file attachment detected (file-identify.rules) * 1:24081 <-> ENABLED <-> FILE-IDENTIFY Microsoft Works file attachment detected (file-identify.rules) * 1:24080 <-> ENABLED <-> FILE-IDENTIFY Microsoft Works file attachment detected (file-identify.rules) * 1:24079 <-> ENABLED <-> FILE-IDENTIFY RMF file attachment detected (file-identify.rules) * 1:24078 <-> ENABLED <-> FILE-IDENTIFY RMF file attachment detected (file-identify.rules) * 1:24076 <-> ENABLED <-> FILE-IDENTIFY MP3 file attachment detected (file-identify.rules) * 1:23817 <-> ENABLED <-> FILE-IDENTIFY JPEG2000 file attachment detected (file-identify.rules) * 1:23815 <-> ENABLED <-> FILE-IDENTIFY JPEG2000 file attachment detected (file-identify.rules) * 1:23814 <-> ENABLED <-> FILE-IDENTIFY JPEG2000 file attachment detected (file-identify.rules) * 1:23812 <-> ENABLED <-> FILE-IDENTIFY JPEG2000 file attachment detected (file-identify.rules) * 1:23811 <-> ENABLED <-> FILE-IDENTIFY JPEG2000 file attachment detected (file-identify.rules) * 1:23809 <-> ENABLED <-> FILE-IDENTIFY JPEG2000 file attachment detected (file-identify.rules) * 1:23808 <-> ENABLED <-> FILE-IDENTIFY JPEG2000 file attachment detected (file-identify.rules) * 1:23638 <-> ENABLED <-> FILE-IDENTIFY Java .class file attachment detected (file-identify.rules) * 1:23637 <-> ENABLED <-> FILE-IDENTIFY Java .class file attachment detected (file-identify.rules) * 1:23498 <-> ENABLED <-> FILE-IDENTIFY CUR file attachment detected (file-identify.rules) * 1:23497 <-> ENABLED <-> FILE-IDENTIFY CUR file attachment detected (file-identify.rules) * 1:23488 <-> ENABLED <-> FILE-IDENTIFY JOB file attachment detected (file-identify.rules) * 1:23487 <-> ENABLED <-> FILE-IDENTIFY JOB file attachment detected (file-identify.rules) * 1:23476 <-> ENABLED <-> FILE-IDENTIFY PLP file attachment detected (file-identify.rules) * 1:23475 <-> ENABLED <-> FILE-IDENTIFY PLP file attachment detected (file-identify.rules) * 1:23349 <-> ENABLED <-> FILE-IDENTIFY Lotus file attachment detected (file-identify.rules) * 1:23348 <-> ENABLED <-> FILE-IDENTIFY Lotus file attachment detected (file-identify.rules) * 1:23321 <-> ENABLED <-> FILE-IDENTIFY TAR file attachment detected (file-identify.rules) * 1:23320 <-> ENABLED <-> FILE-IDENTIFY TAR file attachment detected (file-identify.rules) * 1:23207 <-> ENABLED <-> FILE-IDENTIFY Windows Media Metafile file attachment detected (file-identify.rules) * 1:23206 <-> ENABLED <-> FILE-IDENTIFY Windows Media Metafile file attachment detected (file-identify.rules) * 1:23204 <-> ENABLED <-> FILE-IDENTIFY Windows Media Metafile file attachment detected (file-identify.rules) * 1:23203 <-> ENABLED <-> FILE-IDENTIFY Windows Media Metafile file attachment detected (file-identify.rules) * 1:23201 <-> ENABLED <-> FILE-IDENTIFY Windows Media Metafile file attachment detected (file-identify.rules) * 1:23200 <-> ENABLED <-> FILE-IDENTIFY Windows Media Metafile file attachment detected (file-identify.rules) * 1:23198 <-> ENABLED <-> FILE-IDENTIFY Windows Media Metafile file attachment detected (file-identify.rules) * 1:23197 <-> ENABLED <-> FILE-IDENTIFY Windows Media Metafile file attachment detected (file-identify.rules) * 1:23195 <-> ENABLED <-> FILE-IDENTIFY Windows Media Metafile file attachment detected (file-identify.rules) * 1:23194 <-> ENABLED <-> FILE-IDENTIFY Windows Media Metafile file attachment detected (file-identify.rules) * 1:23192 <-> ENABLED <-> FILE-IDENTIFY Windows Media Metafile file attachment detected (file-identify.rules) * 1:23191 <-> ENABLED <-> FILE-IDENTIFY Windows Media Metafile file attachment detected (file-identify.rules) * 1:23189 <-> ENABLED <-> FILE-IDENTIFY Windows Media Metafile file attachment detected (file-identify.rules) * 1:23188 <-> ENABLED <-> FILE-IDENTIFY Windows Media Metafile file attachment detected (file-identify.rules) * 1:23169 <-> ENABLED <-> FILE-IDENTIFY MPG video stream file attachment detected (file-identify.rules) * 1:23168 <-> ENABLED <-> FILE-IDENTIFY MPG video stream file attachment detected (file-identify.rules) * 1:23013 <-> ENABLED <-> FILE-IDENTIFY Collada file attachment detected (file-identify.rules) * 1:23012 <-> ENABLED <-> FILE-IDENTIFY Collada file attachment detected (file-identify.rules) * 1:23003 <-> ENABLED <-> FILE-IDENTIFY CSV file attachment detected (file-identify.rules) * 1:23002 <-> ENABLED <-> FILE-IDENTIFY CSV file attachment detected (file-identify.rules) * 1:23001 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Media Player DVR file attachment detected (file-identify.rules) * 1:23000 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Media Player DVR file attachment detected (file-identify.rules) * 1:22998 <-> ENABLED <-> FILE-IDENTIFY MHTML file attachment detected (file-identify.rules) * 1:22997 <-> ENABLED <-> FILE-IDENTIFY MHTML file attachment detected (file-identify.rules) * 1:22996 <-> ENABLED <-> FILE-IDENTIFY Apple QuickTime Movie file attachment detected (file-identify.rules) * 1:22995 <-> ENABLED <-> FILE-IDENTIFY Apple QuickTime Movie file attachment detected (file-identify.rules) * 1:22994 <-> ENABLED <-> FILE-IDENTIFY MP4 file attachment detected (file-identify.rules) * 1:22993 <-> ENABLED <-> FILE-IDENTIFY MP4 file attachment detected (file-identify.rules) * 1:22992 <-> ENABLED <-> FILE-IDENTIFY QT file attachment detected (file-identify.rules) * 1:22991 <-> ENABLED <-> FILE-IDENTIFY QT file attachment detected (file-identify.rules) * 1:22990 <-> ENABLED <-> FILE-IDENTIFY SKM file attachment detected (file-identify.rules) * 1:22989 <-> ENABLED <-> FILE-IDENTIFY SKM file attachment detected (file-identify.rules) * 1:22988 <-> ENABLED <-> FILE-IDENTIFY k3g file attachment detected (file-identify.rules) * 1:22987 <-> ENABLED <-> FILE-IDENTIFY k3g file attachment detected (file-identify.rules) * 1:22986 <-> ENABLED <-> FILE-IDENTIFY 3G2 file attachment detected (file-identify.rules) * 1:22985 <-> ENABLED <-> FILE-IDENTIFY 3G2 file attachment detected (file-identify.rules) * 1:22984 <-> ENABLED <-> FILE-IDENTIFY 3GP file attachment detected (file-identify.rules) * 1:22983 <-> ENABLED <-> FILE-IDENTIFY 3GP file attachment detected (file-identify.rules) * 1:22982 <-> ENABLED <-> FILE-IDENTIFY M4B file attachment detected (file-identify.rules) * 1:22981 <-> ENABLED <-> FILE-IDENTIFY M4B file attachment detected (file-identify.rules) * 1:22980 <-> ENABLED <-> FILE-IDENTIFY M4V file attachment detected (file-identify.rules) * 1:22979 <-> ENABLED <-> FILE-IDENTIFY M4V file attachment detected (file-identify.rules) * 1:22978 <-> ENABLED <-> FILE-IDENTIFY M4R file attachment detected (file-identify.rules) * 1:22977 <-> ENABLED <-> FILE-IDENTIFY M4R file attachment detected (file-identify.rules) * 1:22976 <-> ENABLED <-> FILE-IDENTIFY M4P file attachment detected (file-identify.rules) * 1:22975 <-> ENABLED <-> FILE-IDENTIFY M4P file attachment detected (file-identify.rules) * 1:22974 <-> ENABLED <-> FILE-IDENTIFY M4A file attachment detected (file-identify.rules) * 1:22973 <-> ENABLED <-> FILE-IDENTIFY M4A file attachment detected (file-identify.rules) * 1:22972 <-> ENABLED <-> FILE-IDENTIFY m3u playlist file file attachment detected (file-identify.rules) * 1:22971 <-> ENABLED <-> FILE-IDENTIFY MPEG Layer 3 playlist file attachment detected (file-identify.rules) * 1:22970 <-> ENABLED <-> FILE-IDENTIFY remote desktop configuration file attachment detected (file-identify.rules) * 1:22969 <-> ENABLED <-> FILE-IDENTIFY remote desktop configuration file attachment detected (file-identify.rules) * 1:22968 <-> ENABLED <-> FILE-IDENTIFY RealNetworks RealPlayer RP file attachment detected (file-identify.rules) * 1:22967 <-> ENABLED <-> FILE-IDENTIFY RealNetworks RealPlayer RP file attachment detected (file-identify.rules) * 1:22966 <-> ENABLED <-> FILE-IDENTIFY RealNetworks RealPlayer RT file attachment detected (file-identify.rules) * 1:22965 <-> ENABLED <-> FILE-IDENTIFY RealNetworks RealPlayer RT file attachment detected (file-identify.rules) * 1:22964 <-> ENABLED <-> FILE-IDENTIFY RealNetworks RealPlayer RMP file attachment detected (file-identify.rules) * 1:22963 <-> ENABLED <-> FILE-IDENTIFY RealNetworks RealPlayer RMP file attachment detected (file-identify.rules) * 1:22962 <-> ENABLED <-> FILE-IDENTIFY RealNetworks RealPlayer RAM file attachment detected (file-identify.rules) * 1:22961 <-> ENABLED <-> FILE-IDENTIFY RealNetworks RealPlayer RAM file attachment detected (file-identify.rules) * 1:22956 <-> ENABLED <-> FILE-IDENTIFY AMF file attachment detected (file-identify.rules) * 1:22955 <-> ENABLED <-> FILE-IDENTIFY AMF file attachment detected (file-identify.rules) * 1:22945 <-> ENABLED <-> FILE-IDENTIFY NAB file attachment detected (file-identify.rules) * 1:22944 <-> ENABLED <-> FILE-IDENTIFY NAB file attachment detected (file-identify.rules) * 1:22084 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office PowerPoint pptx file attachment detected (file-identify.rules) * 1:22083 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office PowerPoint pptx file attachment detected (file-identify.rules) * 1:22045 <-> ENABLED <-> FILE-IDENTIFY XM file attachment detected (file-identify.rules) * 1:22044 <-> ENABLED <-> FILE-IDENTIFY XM file attachment detected (file-identify.rules) * 1:22027 <-> ENABLED <-> FILE-IDENTIFY Microsoft Visual Studio VAP file attachment detected (file-identify.rules) * 1:22026 <-> ENABLED <-> FILE-IDENTIFY Microsoft Visual Studio VAP file attachment detected (file-identify.rules) * 1:22023 <-> ENABLED <-> FILE-IDENTIFY Microsoft Visual Studio SLN file attachment detected (file-identify.rules) * 1:22022 <-> ENABLED <-> FILE-IDENTIFY Microsoft Visual Studio SLN file attachment detected (file-identify.rules) * 1:22019 <-> ENABLED <-> FILE-IDENTIFY Microsoft Visual Studio PKP file attachment detected (file-identify.rules) * 1:22018 <-> ENABLED <-> FILE-IDENTIFY Microsoft Visual Studio PKP file attachment detected (file-identify.rules) * 1:22015 <-> ENABLED <-> FILE-IDENTIFY Microsoft Visual Studio DBP file attachment detected (file-identify.rules) * 1:22014 <-> ENABLED <-> FILE-IDENTIFY Microsoft Visual Studio DBP file attachment detected (file-identify.rules) * 1:21957 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows hlp file attachment detected (file-identify.rules) * 1:21956 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows hlp file attachment detected (file-identify.rules) * 1:21948 <-> DISABLED <-> FILE-IMAGE Adobe Photoshop CS4 TIFF parsing heap overflow attempt (file-image.rules) * 1:21909 <-> ENABLED <-> FILE-IDENTIFY Portable Executable file attachment detected (file-identify.rules) * 1:21908 <-> ENABLED <-> FILE-IDENTIFY Portable Executable file attachment detected (file-identify.rules) * 1:21895 <-> ENABLED <-> FILE-IDENTIFY SVG file attachment detected (file-identify.rules) * 1:21894 <-> ENABLED <-> FILE-IDENTIFY SVG file attachment detected (file-identify.rules) * 1:21893 <-> ENABLED <-> FILE-IDENTIFY Adobe Director Movie file attachment detected (file-identify.rules) * 1:21892 <-> ENABLED <-> FILE-IDENTIFY Adobe Director Movie file attachment detected (file-identify.rules) * 1:21891 <-> ENABLED <-> FILE-IDENTIFY Adobe Director Movie file attachment detected (file-identify.rules) * 1:21890 <-> ENABLED <-> FILE-IDENTIFY Adobe Director Movie file attachment detected (file-identify.rules) * 1:21889 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Movie Maker file attachment detected (file-identify.rules) * 1:21888 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Movie Maker file attachment detected (file-identify.rules) * 1:21887 <-> ENABLED <-> FILE-IDENTIFY OpenType Font file attachment detected (file-identify.rules) * 1:21886 <-> ENABLED <-> FILE-IDENTIFY OpenType Font file attachment detected (file-identify.rules) * 1:21885 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Publisher file attachment detected (file-identify.rules) * 1:21884 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Publisher file attachment detected (file-identify.rules) * 1:21880 <-> ENABLED <-> FILE-IDENTIFY Microsoft search file attachment detected (file-identify.rules) * 1:21879 <-> ENABLED <-> FILE-IDENTIFY Microsoft search file attachment detected (file-identify.rules) * 1:21873 <-> ENABLED <-> FILE-IDENTIFY GIF file attachment detected (file-identify.rules) * 1:21872 <-> ENABLED <-> FILE-IDENTIFY GIF file attachment detected (file-identify.rules) * 1:21871 <-> ENABLED <-> FILE-IDENTIFY CNT file attachment detected (file-identify.rules) * 1:21870 <-> ENABLED <-> FILE-IDENTIFY CNT file attachment detected (file-identify.rules) * 1:21868 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Fax Cover page document file attachment detected (file-identify.rules) * 1:21867 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Fax Cover page document file attachment detected (file-identify.rules) * 1:21866 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Fax Cover page document file attachment detected (file-identify.rules) * 1:21865 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Fax Cover page document file attachment detected (file-identify.rules) * 1:21864 <-> ENABLED <-> FILE-IDENTIFY Google Chrome extension file attachment detected (file-identify.rules) * 1:21863 <-> ENABLED <-> FILE-IDENTIFY Google Chrome extension file attachment detected (file-identify.rules) * 1:21862 <-> ENABLED <-> FILE-IDENTIFY WRF file attachment detected (file-identify.rules) * 1:21861 <-> ENABLED <-> FILE-IDENTIFY WRF file attachment detected (file-identify.rules) * 1:21857 <-> ENABLED <-> FILE-IDENTIFY ZIP file attachment detected (file-identify.rules) * 1:21856 <-> ENABLED <-> FILE-IDENTIFY ZIP file attachment detected (file-identify.rules) * 1:21855 <-> ENABLED <-> FILE-IDENTIFY LNK file attachment detected (file-identify.rules) * 1:21854 <-> ENABLED <-> FILE-IDENTIFY LNK file attachment detected (file-identify.rules) * 1:21816 <-> ENABLED <-> FILE-IDENTIFY LZH file attachment detected (file-identify.rules) * 1:21815 <-> ENABLED <-> FILE-IDENTIFY LZH file attachment detected (file-identify.rules) * 1:21813 <-> ENABLED <-> FILE-IDENTIFY Apple Quicktime FLIC animation file file attachment detected (file-identify.rules) * 1:21812 <-> ENABLED <-> FILE-IDENTIFY Apple Quicktime FLIC animation file file attachment detected (file-identify.rules) * 1:21809 <-> ENABLED <-> FILE-IDENTIFY Adobe Download Manager aom file attachment detected (file-identify.rules) * 1:21808 <-> ENABLED <-> FILE-IDENTIFY Adobe Download Manager aom file attachment detected (file-identify.rules) * 1:21804 <-> ENABLED <-> FILE-IDENTIFY HT-MP3Player file attachment detected (file-identify.rules) * 1:21803 <-> ENABLED <-> FILE-IDENTIFY HT-MP3Player file attachment detected (file-identify.rules) * 1:21750 <-> ENABLED <-> FILE-IDENTIFY HPJ file attachment detected (file-identify.rules) * 1:21749 <-> ENABLED <-> FILE-IDENTIFY HPJ file attachment detected (file-identify.rules) * 1:21747 <-> ENABLED <-> FILE-IDENTIFY RTF file attachment detected (file-identify.rules) * 1:21746 <-> ENABLED <-> FILE-IDENTIFY RTF file attachment detected (file-identify.rules) * 1:21745 <-> ENABLED <-> FILE-IDENTIFY AVI file attachment detected (file-identify.rules) * 1:21744 <-> ENABLED <-> FILE-IDENTIFY AVI file attachment detected (file-identify.rules) * 1:21743 <-> ENABLED <-> FILE-IDENTIFY Embedded Open Type Font file attachment detected (file-identify.rules) * 1:21742 <-> ENABLED <-> FILE-IDENTIFY Embedded Open Type Font file attachment detected (file-identify.rules) * 1:21741 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Media asx file attachment detected (file-identify.rules) * 1:21740 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Media asx file attachment detected (file-identify.rules) * 1:21739 <-> ENABLED <-> FILE-IDENTIFY JPG file attachment detected (file-identify.rules) * 1:21738 <-> ENABLED <-> FILE-IDENTIFY JPG file attachment detected (file-identify.rules) * 1:21737 <-> ENABLED <-> FILE-IDENTIFY JPG file attachment detected (file-identify.rules) * 1:21736 <-> ENABLED <-> FILE-IDENTIFY JPG file attachment detected (file-identify.rules) * 1:21735 <-> ENABLED <-> FILE-IDENTIFY JPG file attachment detected (file-identify.rules) * 1:21734 <-> ENABLED <-> FILE-IDENTIFY JPG file attachment detected (file-identify.rules) * 1:21733 <-> ENABLED <-> FILE-IDENTIFY JPG file attachment detected (file-identify.rules) * 1:21732 <-> ENABLED <-> FILE-IDENTIFY JPG file attachment detected (file-identify.rules) * 1:21731 <-> ENABLED <-> FILE-IDENTIFY JPG file attachment detected (file-identify.rules) * 1:21730 <-> ENABLED <-> FILE-IDENTIFY JPG file attachment detected (file-identify.rules) * 1:21729 <-> ENABLED <-> FILE-IDENTIFY JPG file attachment detected (file-identify.rules) * 1:21728 <-> ENABLED <-> FILE-IDENTIFY JPG file attachment detected (file-identify.rules) * 1:21726 <-> ENABLED <-> FILE-IDENTIFY ANI file attachment detected (file-identify.rules) * 1:21725 <-> ENABLED <-> FILE-IDENTIFY ANI file attachment detected (file-identify.rules) * 1:21723 <-> ENABLED <-> FILE-IDENTIFY AFM file attachment detected (file-identify.rules) * 1:21722 <-> ENABLED <-> FILE-IDENTIFY AFM file attachment detected (file-identify.rules) * 1:21720 <-> ENABLED <-> FILE-IDENTIFY PFM file attachment detected (file-identify.rules) * 1:21719 <-> ENABLED <-> FILE-IDENTIFY PFM file attachment detected (file-identify.rules) * 1:21717 <-> ENABLED <-> FILE-IDENTIFY PFB file attachment detected (file-identify.rules) * 1:21716 <-> ENABLED <-> FILE-IDENTIFY PFB file attachment detected (file-identify.rules) * 1:21714 <-> ENABLED <-> FILE-IDENTIFY PFA file attachment detected (file-identify.rules) * 1:21713 <-> ENABLED <-> FILE-IDENTIFY PFA file attachment detected (file-identify.rules) * 1:21710 <-> ENABLED <-> FILE-IDENTIFY AIFF file attachment detected (file-identify.rules) * 1:21709 <-> ENABLED <-> FILE-IDENTIFY AIFF file attachment detected (file-identify.rules) * 1:21708 <-> ENABLED <-> FILE-IDENTIFY Microsoft Works file attachment detected (file-identify.rules) * 1:21707 <-> ENABLED <-> FILE-IDENTIFY Microsoft Works file attachment detected (file-identify.rules) * 1:21706 <-> ENABLED <-> FILE-IDENTIFY BitTorrent torrent file attachment detected (file-identify.rules) * 1:21705 <-> ENABLED <-> FILE-IDENTIFY BitTorrent torrent file attachment detected (file-identify.rules) * 1:21704 <-> ENABLED <-> FILE-IDENTIFY 4XM file attachment detected (file-identify.rules) * 1:21703 <-> ENABLED <-> FILE-IDENTIFY 4XM file attachment detected (file-identify.rules) * 1:21702 <-> ENABLED <-> FILE-IDENTIFY FlashPix file attachment detected (file-identify.rules) * 1:21701 <-> ENABLED <-> FILE-IDENTIFY FlashPix file attachment detected (file-identify.rules) * 1:21700 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Excel xlw file attachment detected (file-identify.rules) * 1:21699 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Excel xlw file attachment detected (file-identify.rules) * 1:21698 <-> ENABLED <-> FILE-IDENTIFY SAMI file attachment detected (file-identify.rules) * 1:21697 <-> ENABLED <-> FILE-IDENTIFY SAMI file attachment detected (file-identify.rules) * 1:21696 <-> ENABLED <-> FILE-IDENTIFY SMI file attachment detected (file-identify.rules) * 1:21695 <-> ENABLED <-> FILE-IDENTIFY SMI file attachment detected (file-identify.rules) * 1:21694 <-> ENABLED <-> FILE-IDENTIFY FLAC file attachment detected (file-identify.rules) * 1:21693 <-> ENABLED <-> FILE-IDENTIFY FLAC file attachment detected (file-identify.rules) * 1:21692 <-> ENABLED <-> FILE-IDENTIFY SMIL file attachment detected (file-identify.rules) * 1:21691 <-> ENABLED <-> FILE-IDENTIFY SMIL file attachment detected (file-identify.rules) * 1:21688 <-> ENABLED <-> FILE-IDENTIFY PLS file attachment detected (file-identify.rules) * 1:21687 <-> ENABLED <-> FILE-IDENTIFY PLS file attachment detected (file-identify.rules) * 1:21652 <-> ENABLED <-> FILE-IDENTIFY QuickDraw/PICT file attachment detected (file-identify.rules) * 1:21651 <-> ENABLED <-> FILE-IDENTIFY QuickDraw/PICT file attachment detected (file-identify.rules) * 1:21649 <-> ENABLED <-> FILE-IDENTIFY QuickDraw/PICT file attachment detected (file-identify.rules) * 1:21648 <-> ENABLED <-> FILE-IDENTIFY QuickDraw/PICT file attachment detected (file-identify.rules) * 1:21628 <-> ENABLED <-> FILE-IDENTIFY SUM file attachment detected (file-identify.rules) * 1:21627 <-> ENABLED <-> FILE-IDENTIFY SUM file attachment detected (file-identify.rules) * 1:21626 <-> ENABLED <-> FILE-IDENTIFY POR file attachment detected (file-identify.rules) * 1:21625 <-> ENABLED <-> FILE-IDENTIFY POR file attachment detected (file-identify.rules) * 1:21624 <-> ENABLED <-> FILE-IDENTIFY QUO file attachment detected (file-identify.rules) * 1:21623 <-> ENABLED <-> FILE-IDENTIFY QUO file attachment detected (file-identify.rules) * 1:21618 <-> ENABLED <-> FILE-IDENTIFY RT file attachment detected (file-identify.rules) * 1:21617 <-> ENABLED <-> FILE-IDENTIFY RT file attachment detected (file-identify.rules) * 1:21616 <-> ENABLED <-> FILE-IDENTIFY WMF file attachment detected (file-identify.rules) * 1:21615 <-> ENABLED <-> FILE-IDENTIFY WMF file attachment detected (file-identify.rules) * 1:21614 <-> ENABLED <-> FILE-IDENTIFY PNG file attachment detected (file-identify.rules) * 1:21613 <-> ENABLED <-> FILE-IDENTIFY PNG file attachment detected (file-identify.rules) * 1:21612 <-> ENABLED <-> FILE-IDENTIFY RAT file attachment detected (file-identify.rules) * 1:21611 <-> ENABLED <-> FILE-IDENTIFY RAT file attachment detected (file-identify.rules) * 1:21586 <-> ENABLED <-> FILE-IDENTIFY VisiWave VWR file attachment detected (file-identify.rules) * 1:21585 <-> ENABLED <-> FILE-IDENTIFY VisiWave VWR file attachment detected (file-identify.rules) * 1:21575 <-> ENABLED <-> FILE-IDENTIFY Microsoft Visual Studio addin file attachment detected (file-identify.rules) * 1:21574 <-> ENABLED <-> FILE-IDENTIFY Microsoft Visual Studio addin file attachment detected (file-identify.rules) * 1:21500 <-> ENABLED <-> FILE-IDENTIFY XML file attachment detected (file-identify.rules) * 1:21499 <-> ENABLED <-> FILE-IDENTIFY XML file attachment detected (file-identify.rules) * 1:21479 <-> ENABLED <-> FILE-IDENTIFY CHM file attachment detected (file-identify.rules) * 1:21478 <-> ENABLED <-> FILE-IDENTIFY CHM file attachment detected (file-identify.rules) * 1:21433 <-> ENABLED <-> FILE-IDENTIFY MPPL file attachment detected (file-identify.rules) * 1:21432 <-> ENABLED <-> FILE-IDENTIFY MPPL file attachment detected (file-identify.rules) * 1:21412 <-> ENABLED <-> FILE-IDENTIFY paq8o file attachment detected (file-identify.rules) * 1:21411 <-> ENABLED <-> FILE-IDENTIFY paq8o file attachment detected (file-identify.rules) * 1:21296 <-> ENABLED <-> FILE-IDENTIFY FON file attachment detected (file-identify.rules) * 1:21295 <-> ENABLED <-> FILE-IDENTIFY FON file attachment detected (file-identify.rules) * 1:21287 <-> ENABLED <-> FILE-IDENTIFY XSLT file attachment detected (file-identify.rules) * 1:21286 <-> ENABLED <-> FILE-IDENTIFY XSLT file attachment detected (file-identify.rules) * 1:21284 <-> ENABLED <-> FILE-IDENTIFY XSL file attachment detected (file-identify.rules) * 1:21283 <-> ENABLED <-> FILE-IDENTIFY XSL file attachment detected (file-identify.rules) * 1:21153 <-> ENABLED <-> FILE-IDENTIFY S3M file attachment detected (file-identify.rules) * 1:21152 <-> ENABLED <-> FILE-IDENTIFY S3M file attachment detected (file-identify.rules) * 1:21111 <-> ENABLED <-> FILE-IDENTIFY MPEG video stream file attachment detected (file-identify.rules) * 1:21110 <-> ENABLED <-> FILE-IDENTIFY MPEG video stream file attachment detected (file-identify.rules) * 1:21062 <-> ENABLED <-> FILE-IDENTIFY AVI file attachment detected (file-identify.rules) * 1:21061 <-> ENABLED <-> FILE-IDENTIFY AVI file attachment detected (file-identify.rules) * 1:21054 <-> ENABLED <-> FILE-IDENTIFY UltraISO CUE file attachment detected (file-identify.rules) * 1:21053 <-> ENABLED <-> FILE-IDENTIFY UltraISO CUE file attachment detected (file-identify.rules) * 1:21036 <-> ENABLED <-> FILE-IDENTIFY PDF file attachment detected (file-identify.rules) * 1:21035 <-> ENABLED <-> FILE-IDENTIFY PDF file attachment detected (file-identify.rules) * 1:21017 <-> ENABLED <-> FILE-IDENTIFY cyb Cytel Studio file attachment detected (file-identify.rules) * 1:21016 <-> ENABLED <-> FILE-IDENTIFY Cytel Studio cyb file attachment detected (file-identify.rules) * 1:21014 <-> ENABLED <-> FILE-IDENTIFY Cytel Studio cy3 file attachment detected (file-identify.rules) * 1:21013 <-> ENABLED <-> FILE-IDENTIFY Cytel Studio cy3 file attachment detected (file-identify.rules) * 1:21010 <-> ENABLED <-> FILE-IDENTIFY Microsoft Money file attachment detected (file-identify.rules) * 1:21009 <-> ENABLED <-> FILE-IDENTIFY Microsoft Money file attachment detected (file-identify.rules) * 1:21002 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word border use-after-free attempt (file-office.rules) * 1:20987 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Word docx file attachment detected (file-identify.rules) * 1:20986 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Word docx file attachment detected (file-identify.rules) * 1:20983 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office PowerPoint file attachment detected (file-identify.rules) * 1:20982 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office PowerPoint file attachment detected (file-identify.rules) * 1:20981 <-> ENABLED <-> FILE-IDENTIFY OTF file attachment detected (file-identify.rules) * 1:20980 <-> ENABLED <-> FILE-IDENTIFY OTF file attachment detected (file-identify.rules) * 1:20979 <-> ENABLED <-> FILE-IDENTIFY TTE file attachment detected (file-identify.rules) * 1:20978 <-> ENABLED <-> FILE-IDENTIFY TTE file attachment detected (file-identify.rules) * 1:20948 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file attachment detected (file-identify.rules) * 1:20947 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file attachment detected (file-identify.rules) * 1:20946 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file attachment detected (file-identify.rules) * 1:20945 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file attachment detected (file-identify.rules) * 1:20944 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file attachment detected (file-identify.rules) * 1:20943 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file attachment detected (file-identify.rules) * 1:20942 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file attachment detected (file-identify.rules) * 1:20941 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file attachment detected (file-identify.rules) * 1:20936 <-> ENABLED <-> FILE-IDENTIFY QCP file attachment detected (file-identify.rules) * 1:20935 <-> ENABLED <-> FILE-IDENTIFY QCP file attachment detected (file-identify.rules) * 1:20934 <-> ENABLED <-> FILE-IDENTIFY MKA file attachment detected (file-identify.rules) * 1:20933 <-> ENABLED <-> FILE-IDENTIFY MKA file attachment detected (file-identify.rules) * 1:20932 <-> ENABLED <-> FILE-IDENTIFY MKS file attachment detected (file-identify.rules) * 1:20931 <-> ENABLED <-> FILE-IDENTIFY MKS file attachment detected (file-identify.rules) * 1:20930 <-> ENABLED <-> FILE-IDENTIFY MKV file attachment detected (file-identify.rules) * 1:20929 <-> ENABLED <-> FILE-IDENTIFY MKV file attachment detected (file-identify.rules) * 1:20926 <-> ENABLED <-> FILE-IDENTIFY Adobe Pagemaker file attachment detected (file-identify.rules) * 1:20925 <-> ENABLED <-> FILE-IDENTIFY Adobe Pagemaker file attachment detected (file-identify.rules) * 1:20918 <-> ENABLED <-> FILE-IDENTIFY BAK file attachment detected (file-identify.rules) * 1:20917 <-> ENABLED <-> FILE-IDENTIFY BAK file attachment detected (file-identify.rules) * 1:20916 <-> ENABLED <-> FILE-IDENTIFY caff file attachment detected (file-identify.rules) * 1:20915 <-> ENABLED <-> FILE-IDENTIFY caff file attachment detected (file-identify.rules) * 1:20914 <-> ENABLED <-> FILE-IDENTIFY XML Shareable Playlist Format file attachment detected (file-identify.rules) * 1:20913 <-> ENABLED <-> FILE-IDENTIFY XML Shareable Playlist Format file attachment detected (file-identify.rules) * 1:20912 <-> ENABLED <-> FILE-IDENTIFY EPS file attachment detected (file-identify.rules) * 1:20911 <-> ENABLED <-> FILE-IDENTIFY EPS file attachment detected (file-identify.rules) * 1:20910 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Media ASF file attachment detected (file-identify.rules) * 1:20909 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Media ASF file attachment detected (file-identify.rules) * 1:20908 <-> ENABLED <-> FILE-IDENTIFY DXF file attachment detected (file-identify.rules) * 1:20907 <-> ENABLED <-> FILE-IDENTIFY DXF file attachment detected (file-identify.rules) * 1:20906 <-> ENABLED <-> FILE-IDENTIFY X PixMap file attachment detected (file-identify.rules) * 1:20905 <-> ENABLED <-> FILE-IDENTIFY X PixMap file attachment detected (file-identify.rules) * 1:20899 <-> ENABLED <-> FILE-IDENTIFY MIDI file attachment detected (file-identify.rules) * 1:20898 <-> ENABLED <-> FILE-IDENTIFY MIDI file attachment detected (file-identify.rules) * 1:20896 <-> ENABLED <-> FILE-IDENTIFY AutoDesk 3D Studio Maxscript file attachment detected (file-identify.rules) * 1:20895 <-> ENABLED <-> FILE-IDENTIFY AutoDesk 3D Studio Maxscript file attachment detected (file-identify.rules) * 1:20894 <-> ENABLED <-> FILE-IDENTIFY Video Spirit file attachment detected (file-identify.rules) * 1:20893 <-> ENABLED <-> FILE-IDENTIFY Video Spirit file attachment detected (file-identify.rules) * 1:20857 <-> ENABLED <-> FILE-IDENTIFY TwinVQ file attachment detected (file-identify.rules) * 1:20856 <-> ENABLED <-> FILE-IDENTIFY TwinVQ file attachment detected (file-identify.rules) * 1:20855 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Visio file attachment detected (file-identify.rules) * 1:20854 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Visio file attachment detected (file-identify.rules) * 1:20851 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows EMF metafile file attachment detected (file-identify.rules) * 1:20850 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows EMF metafile file attachment detected (file-identify.rules) * 1:20849 <-> ENABLED <-> FILE-IDENTIFY MAKI file attachment detected (file-identify.rules) * 1:20848 <-> ENABLED <-> FILE-IDENTIFY MAKI file attachment detected (file-identify.rules) * 1:20801 <-> ENABLED <-> FILE-IDENTIFY MIME file type file attachment detected (file-identify.rules) * 1:20800 <-> ENABLED <-> FILE-IDENTIFY MIME file type file attachment detected (file-identify.rules) * 1:20799 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file attachment detected (file-identify.rules) * 1:20798 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file attachment detected (file-identify.rules) * 1:20796 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Word file attachment detected (file-identify.rules) * 1:20795 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Word file attachment detected (file-identify.rules) * 1:20793 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Excel file attachment detected (file-identify.rules) * 1:20792 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Excel file attachment detected (file-identify.rules) * 1:20724 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word border use-after-free attempt (file-office.rules) * 1:18951 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CTableLayout memory corruption attempt (browser-ie.rules) * 1:16376 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CTableLayout memory corruption attempt (browser-ie.rules) * 1:16332 <-> DISABLED <-> SERVER-OTHER Symantec System Center Alert Management System untrusted command execution attempt (server-other.rules) * 1:15882 <-> DISABLED <-> SERVER-OTHER McAfee E-Business Server remote preauth code execution attempt (server-other.rules) * 1:15869 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ASnative command execution attempt (file-flash.rules) * 1:15157 <-> DISABLED <-> FILE-MULTIMEDIA VideoLAN VLC Media Player XSPF memory corruption attempt (file-multimedia.rules) * 3:19187 <-> ENABLED <-> PROTOCOL-DNS TMG Firewall Client long host entry exploit attempt (protocol-dns.rules)
©2024 Cisco and/or its affiliates. Snort, the Snort and Pig logo are registered trademarks of Cisco. All rights reserved.
