Astaro.org

NO IPS update!?

2013-12-14

Hi!

i didn recive any update in last 2 months.

Snort update 2 / 7

New Rules 12-12-2013: Snort :: Changes 2013-12-12

* 1:28907 <-> ENABLED <-> FILE-OTHER Interactive Data eSignal stack buffer overflow attempt (file-other.rules)

* 1:28908 <-> ENABLED <-> SERVER-OTHER Nagios core config manager tfpassword sql injection attempt (server-other.rules)

* 1:28905 <-> ENABLED <-> FILE-OTHER Interactive Data eSignal stack buffer overflow attempt (file-other.rules)

* 1:28906 <-> ENABLED <-> FILE-OTHER Interactive Data eSignal stack buffer overflow attempt (file-other.rules)

* 1:28903 <-> ENABLED <-> FILE-OTHER Interactive Data eSignal stack buffer overflow attempt (file-other.rules)

* 1:28904 <-> ENABLED <-> FILE-OTHER Interactive Data eSignal stack buffer overflow attempt (file-other.rules)

* 1:28902 <-> ENABLED <-> FILE-OTHER Interactive Data eSignal stack buffer overflow attempt (file-other.rules)

* 1:28899 <-> ENABLED <-> FILE-IDENTIFY eSignal .por file attachment detected (file-identify.rules)

* 1:28894 <-> ENABLED <-> FILE-IDENTIFY eSignal .ets file attachment detected (file-identify.rules)

* 1:28896 <-> ENABLED <-> FILE-IDENTIFY eSignal .quo file attachment detected (file-identify.rules)

* 1:28897 <-> ENABLED <-> FILE-IDENTIFY eSignal .sum file attachment detected (file-identify.rules)

* 1:28900 <-> ENABLED <-> FILE-IDENTIFY eSignal .sum file attachment detected (file-identify.rules)

* 1:28901 <-> ENABLED <-> FILE-IDENTIFY eSignal .ets file download request (file-identify.rules)

* 1:28895 <-> ENABLED <-> FILE-IDENTIFY eSignal .por file attachment detected (file-identify.rules)

* 1:28898 <-> ENABLED <-> FILE-IDENTIFY eSignal .ets file attachment detected (file-identify.rules)

* 1:28912 <-> DISABLED <-> SERVER-WEBAPP Joomla simple RSS reader admin.rssreader.php remote file include attempt (server-webapp.rules)

* 1:28911 <-> ENABLED <-> EXPLOIT-KIT Neutrino exploit kit initial outbound request - generic detection (exploit-kit.rules)

* 1:28910 <-> DISABLED <-> SERVER-WEBAPP mcRefer install.php arbitrary PHP code injection attempt (server-webapp.rules)

* 1:28909 <-> DISABLED <-> SERVER-WEBAPP OTManager ADM_Pagina.php remote file include attempt (server-webapp.rules)

Modified Rules:

* 1:28496 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer createRange user after free attempt (browser-ie.rules)

* 1:28893 <-> DISABLED <-> BROWSER-OTHER known revoked certificate for Tresor CA (browser-other.rules)

* 1:20843 <-> ENABLED <-> FILE-OTHER Interactive Data eSignal stack buffer overflow attempt (file-other.rules)