*********************** snort-2.8.6 open *********************** [***] Results from Oinkmaster started Mon Jun 12 17:03:58 2017 [***] [+++] Added rules: [+++] 2024376 - ET EXPLOIT Win32/Industroyer DDOS Siemens SIPROTEC (CVE-2015-5374) (emerging-exploit.rules) 2024377 - ET CURRENT_EVENTS Generic Credit Card Information in HTTP POST - Possible Successful Phish Jun 12 2017 (emerging-current_events.rules) 2405061 - ET CNC Shadowserver Reported CnC Server Port 19899 Group 1 (emerging-botcc.portgrouped.rules) 2405062 - ET CNC Shadowserver Reported CnC Server Port 21333 Group 1 (emerging-botcc.portgrouped.rules) 2405063 - ET CNC Shadowserver Reported CnC Server Port 33333 Group 1 (emerging-botcc.portgrouped.rules) [///] Modified active rules: [///] 2400000 - ET DROP Spamhaus DROP Listed Traffic Inbound group 1 (emerging-drop.rules) 2400001 - ET DROP Spamhaus DROP Listed Traffic Inbound group 2 (emerging-drop.rules) 2400002 - ET DROP Spamhaus DROP Listed Traffic Inbound group 3 (emerging-drop.rules) 2400003 - ET DROP Spamhaus DROP Listed Traffic Inbound group 4 (emerging-drop.rules) 2400004 - ET DROP Spamhaus DROP Listed Traffic Inbound group 5 (emerging-drop.rules) 2400005 - ET DROP Spamhaus DROP Listed Traffic Inbound group 6 (emerging-drop.rules) 2400006 - ET DROP Spamhaus DROP Listed Traffic Inbound group 7 (emerging-drop.rules) 2400007 - ET DROP Spamhaus DROP Listed Traffic Inbound group 8 (emerging-drop.rules) 2400008 - ET DROP Spamhaus DROP Listed Traffic Inbound group 9 (emerging-drop.rules) 2400009 - ET DROP Spamhaus DROP Listed Traffic Inbound group 10 (emerging-drop.rules) 2400010 - ET DROP Spamhaus DROP Listed Traffic Inbound group 11 (emerging-drop.rules) 2400011 - ET DROP Spamhaus DROP Listed Traffic Inbound group 12 (emerging-drop.rules) 2400012 - ET DROP Spamhaus DROP Listed Traffic Inbound group 13 (emerging-drop.rules) 2400013 - ET DROP Spamhaus DROP Listed Traffic Inbound group 14 (emerging-drop.rules) 2400014 - ET DROP Spamhaus DROP Listed Traffic Inbound group 15 (emerging-drop.rules) 2400015 - ET DROP Spamhaus DROP Listed Traffic Inbound group 16 (emerging-drop.rules) 2400016 - ET DROP Spamhaus DROP Listed Traffic Inbound group 17 (emerging-drop.rules) 2400017 - ET DROP Spamhaus DROP Listed Traffic Inbound group 18 (emerging-drop.rules) 2400018 - ET DROP Spamhaus DROP Listed Traffic Inbound group 19 (emerging-drop.rules) 2400019 - ET DROP Spamhaus DROP Listed Traffic Inbound group 20 (emerging-drop.rules) 2400020 - ET DROP Spamhaus DROP Listed Traffic Inbound group 21 (emerging-drop.rules) 2400021 - ET DROP Spamhaus DROP Listed Traffic Inbound group 22 (emerging-drop.rules) 2400022 - ET DROP Spamhaus DROP Listed Traffic Inbound group 23 (emerging-drop.rules) 2400023 - ET DROP Spamhaus DROP Listed Traffic Inbound group 24 (emerging-drop.rules) 2400024 - ET DROP Spamhaus DROP Listed Traffic Inbound group 25 (emerging-drop.rules) 2400025 - ET DROP Spamhaus DROP Listed Traffic Inbound group 26 (emerging-drop.rules) 2400026 - ET DROP Spamhaus DROP Listed Traffic Inbound group 27 (emerging-drop.rules) 2400027 - ET DROP Spamhaus DROP Listed Traffic Inbound group 28 (emerging-drop.rules) 2400028 - ET DROP Spamhaus DROP Listed Traffic Inbound group 29 (emerging-drop.rules) 2400029 - ET DROP Spamhaus DROP Listed Traffic Inbound group 30 (emerging-drop.rules) 2400030 - ET DROP Spamhaus DROP Listed Traffic Inbound group 31 (emerging-drop.rules) 2400031 - ET DROP Spamhaus DROP Listed Traffic Inbound group 32 (emerging-drop.rules) 2400032 - ET DROP Spamhaus DROP Listed Traffic Inbound group 33 (emerging-drop.rules) 2400033 - ET DROP Spamhaus DROP Listed Traffic Inbound group 34 (emerging-drop.rules) 2402000 - ET DROP Dshield Block Listed Source group 1 (emerging-dshield.rules) 2402001 - ET DROP Dshield Block Listed Source group 1 (emerging-dshield.rules) 2403300 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 1 (emerging-ciarmy.rules) 2403301 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 1 (emerging-ciarmy.rules) 2403302 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 2 (emerging-ciarmy.rules) 2403303 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 2 (emerging-ciarmy.rules) 2403304 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 3 (emerging-ciarmy.rules) 2403305 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 3 (emerging-ciarmy.rules) 2403306 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 4 (emerging-ciarmy.rules) 2403307 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 4 (emerging-ciarmy.rules) 2403308 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 5 (emerging-ciarmy.rules) 2403309 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 5 (emerging-ciarmy.rules) 2403310 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 6 (emerging-ciarmy.rules) 2403311 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 6 (emerging-ciarmy.rules) 2403312 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 7 (emerging-ciarmy.rules) 2403313 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 7 (emerging-ciarmy.rules) 2403314 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 8 (emerging-ciarmy.rules) 2403315 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 8 (emerging-ciarmy.rules) 2403316 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 9 (emerging-ciarmy.rules) 2403317 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 9 (emerging-ciarmy.rules) 2403318 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 10 (emerging-ciarmy.rules) 2403319 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 10 (emerging-ciarmy.rules) 2403320 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 11 (emerging-ciarmy.rules) 2403321 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 11 (emerging-ciarmy.rules) 2403322 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 12 (emerging-ciarmy.rules) 2403323 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 12 (emerging-ciarmy.rules) 2403324 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 13 (emerging-ciarmy.rules) 2403325 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 13 (emerging-ciarmy.rules) 2403326 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 14 (emerging-ciarmy.rules) 2403327 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 14 (emerging-ciarmy.rules) 2403328 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 15 (emerging-ciarmy.rules) 2403329 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 15 (emerging-ciarmy.rules) 2403330 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 16 (emerging-ciarmy.rules) 2403331 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 16 (emerging-ciarmy.rules) 2403332 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 17 (emerging-ciarmy.rules) 2403333 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 17 (emerging-ciarmy.rules) 2403334 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 18 (emerging-ciarmy.rules) 2403335 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 18 (emerging-ciarmy.rules) 2403336 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 19 (emerging-ciarmy.rules) 2403337 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 19 (emerging-ciarmy.rules) 2403338 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 20 (emerging-ciarmy.rules) 2403339 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 20 (emerging-ciarmy.rules) 2403340 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 21 (emerging-ciarmy.rules) 2403341 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 21 (emerging-ciarmy.rules) 2403342 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 22 (emerging-ciarmy.rules) 2403343 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 22 (emerging-ciarmy.rules) 2403344 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 23 (emerging-ciarmy.rules) 2403345 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 23 (emerging-ciarmy.rules) 2403346 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 24 (emerging-ciarmy.rules) 2403347 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 24 (emerging-ciarmy.rules) 2403348 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 25 (emerging-ciarmy.rules) 2403349 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 25 (emerging-ciarmy.rules) 2403350 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 26 (emerging-ciarmy.rules) 2403351 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 26 (emerging-ciarmy.rules) 2403352 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 27 (emerging-ciarmy.rules) 2403353 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 27 (emerging-ciarmy.rules) 2403354 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 28 (emerging-ciarmy.rules) 2403355 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 28 (emerging-ciarmy.rules) 2403356 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 29 (emerging-ciarmy.rules) 2403357 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 29 (emerging-ciarmy.rules) 2403358 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 30 (emerging-ciarmy.rules) 2403359 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 30 (emerging-ciarmy.rules) 2403360 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 31 (emerging-ciarmy.rules) 2403361 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 31 (emerging-ciarmy.rules) 2403362 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 32 (emerging-ciarmy.rules) 2403363 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 32 (emerging-ciarmy.rules) 2403364 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 33 (emerging-ciarmy.rules) 2403365 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 33 (emerging-ciarmy.rules) 2403366 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 34 (emerging-ciarmy.rules) 2403367 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 34 (emerging-ciarmy.rules) 2403368 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 35 (emerging-ciarmy.rules) 2403369 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 35 (emerging-ciarmy.rules) 2403370 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 36 (emerging-ciarmy.rules) 2403371 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 36 (emerging-ciarmy.rules) 2403372 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 37 (emerging-ciarmy.rules) 2403373 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 37 (emerging-ciarmy.rules) 2403374 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 38 (emerging-ciarmy.rules) 2403375 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 38 (emerging-ciarmy.rules) 2403376 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 39 (emerging-ciarmy.rules) 2403377 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 39 (emerging-ciarmy.rules) 2403378 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 40 (emerging-ciarmy.rules) 2403379 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 40 (emerging-ciarmy.rules) 2403380 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 41 (emerging-ciarmy.rules) 2403381 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 41 (emerging-ciarmy.rules) 2403382 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 42 (emerging-ciarmy.rules) 2403383 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 42 (emerging-ciarmy.rules) 2403384 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 43 (emerging-ciarmy.rules) 2403385 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 43 (emerging-ciarmy.rules) 2403386 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 44 (emerging-ciarmy.rules) 2403387 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 44 (emerging-ciarmy.rules) 2403388 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 45 (emerging-ciarmy.rules) 2403389 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 45 (emerging-ciarmy.rules) 2403390 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 46 (emerging-ciarmy.rules) 2403391 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 46 (emerging-ciarmy.rules) 2403392 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 47 (emerging-ciarmy.rules) 2403393 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 47 (emerging-ciarmy.rules) 2403394 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 48 (emerging-ciarmy.rules) 2403395 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 48 (emerging-ciarmy.rules) 2403396 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 49 (emerging-ciarmy.rules) 2403397 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 49 (emerging-ciarmy.rules) 2403398 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 50 (emerging-ciarmy.rules) 2403399 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 50 (emerging-ciarmy.rules) 2403400 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 51 (emerging-ciarmy.rules) 2403401 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 51 (emerging-ciarmy.rules) 2403402 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 52 (emerging-ciarmy.rules) 2403403 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 52 (emerging-ciarmy.rules) 2403404 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 53 (emerging-ciarmy.rules) 2403405 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 53 (emerging-ciarmy.rules) 2403406 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 54 (emerging-ciarmy.rules) 2403407 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 54 (emerging-ciarmy.rules) 2403408 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 55 (emerging-ciarmy.rules) 2403409 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 55 (emerging-ciarmy.rules) 2403410 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 56 (emerging-ciarmy.rules) 2403411 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 56 (emerging-ciarmy.rules) 2403412 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 57 (emerging-ciarmy.rules) 2403413 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 57 (emerging-ciarmy.rules) 2403414 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 58 (emerging-ciarmy.rules) 2403415 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 58 (emerging-ciarmy.rules) 2403416 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 59 (emerging-ciarmy.rules) 2403417 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 59 (emerging-ciarmy.rules) 2403418 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 60 (emerging-ciarmy.rules) 2403419 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 60 (emerging-ciarmy.rules) 2403420 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 61 (emerging-ciarmy.rules) 2403421 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 61 (emerging-ciarmy.rules) 2403422 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 62 (emerging-ciarmy.rules) 2403423 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 62 (emerging-ciarmy.rules) 2403424 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 63 (emerging-ciarmy.rules) 2403425 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 63 (emerging-ciarmy.rules) 2403426 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 64 (emerging-ciarmy.rules) 2403427 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 64 (emerging-ciarmy.rules) 2403428 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 65 (emerging-ciarmy.rules) 2403429 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 65 (emerging-ciarmy.rules) 2403430 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 66 (emerging-ciarmy.rules) 2403431 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 66 (emerging-ciarmy.rules) 2403432 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 67 (emerging-ciarmy.rules) 2403433 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 67 (emerging-ciarmy.rules) 2403434 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 68 (emerging-ciarmy.rules) 2403435 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 68 (emerging-ciarmy.rules) 2403436 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 69 (emerging-ciarmy.rules) 2403437 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 69 (emerging-ciarmy.rules) 2403438 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 70 (emerging-ciarmy.rules) 2403439 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 70 (emerging-ciarmy.rules) 2403440 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 71 (emerging-ciarmy.rules) 2403441 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 71 (emerging-ciarmy.rules) 2403442 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 72 (emerging-ciarmy.rules) 2403443 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 72 (emerging-ciarmy.rules) 2403444 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 73 (emerging-ciarmy.rules) 2403445 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 73 (emerging-ciarmy.rules) 2403446 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 74 (emerging-ciarmy.rules) 2403447 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 74 (emerging-ciarmy.rules) 2403448 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 75 (emerging-ciarmy.rules) 2403449 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 75 (emerging-ciarmy.rules) 2403450 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 76 (emerging-ciarmy.rules) 2403451 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 76 (emerging-ciarmy.rules) 2403452 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 77 (emerging-ciarmy.rules) 2403453 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 77 (emerging-ciarmy.rules) 2403454 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 78 (emerging-ciarmy.rules) 2403455 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 78 (emerging-ciarmy.rules) 2403456 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 79 (emerging-ciarmy.rules) 2403457 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 79 (emerging-ciarmy.rules) 2403458 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 80 (emerging-ciarmy.rules) 2403459 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 80 (emerging-ciarmy.rules) 2403460 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 81 (emerging-ciarmy.rules) 2403461 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 81 (emerging-ciarmy.rules) 2403462 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 82 (emerging-ciarmy.rules) 2403463 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 82 (emerging-ciarmy.rules) 2403464 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 (emerging-ciarmy.rules) 2403465 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 83 (emerging-ciarmy.rules) 2403466 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 84 (emerging-ciarmy.rules) 2403467 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 84 (emerging-ciarmy.rules) 2403468 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 85 (emerging-ciarmy.rules) 2403469 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 85 (emerging-ciarmy.rules) 2403470 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 (emerging-ciarmy.rules) 2403471 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 86 (emerging-ciarmy.rules) 2403472 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 87 (emerging-ciarmy.rules) 2403473 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 87 (emerging-ciarmy.rules) 2403474 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 88 (emerging-ciarmy.rules) 2403475 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 88 (emerging-ciarmy.rules) 2403476 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 89 (emerging-ciarmy.rules) 2403477 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 89 (emerging-ciarmy.rules) 2403478 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 90 (emerging-ciarmy.rules) 2403479 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 90 (emerging-ciarmy.rules) 2403480 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 91 (emerging-ciarmy.rules) 2403481 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 91 (emerging-ciarmy.rules) 2403482 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 92 (emerging-ciarmy.rules) 2403483 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 92 (emerging-ciarmy.rules) 2403484 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 93 (emerging-ciarmy.rules) 2403485 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 93 (emerging-ciarmy.rules) 2403486 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 94 (emerging-ciarmy.rules) 2403487 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 94 (emerging-ciarmy.rules) 2403488 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 95 (emerging-ciarmy.rules) 2403489 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 95 (emerging-ciarmy.rules) 2403490 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 96 (emerging-ciarmy.rules) 2403491 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 96 (emerging-ciarmy.rules) 2403492 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 97 (emerging-ciarmy.rules) 2403493 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 97 (emerging-ciarmy.rules) 2403494 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 98 (emerging-ciarmy.rules) 2403495 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 98 (emerging-ciarmy.rules) 2403496 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 99 (emerging-ciarmy.rules) 2403497 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 99 (emerging-ciarmy.rules) 2403498 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 100 (emerging-ciarmy.rules) 2403499 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 100 (emerging-ciarmy.rules) 2405000 - ET CNC Shadowserver Reported CnC Server Port 22 Group 1 (emerging-botcc.portgrouped.rules) 2405001 - ET CNC Shadowserver Reported CnC Server Port 80 Group 1 (emerging-botcc.portgrouped.rules) 2405002 - ET CNC Shadowserver Reported CnC Server Port 81 Group 1 (emerging-botcc.portgrouped.rules) 2405003 - ET CNC Shadowserver Reported CnC Server Port 110 Group 1 (emerging-botcc.portgrouped.rules) 2405004 - ET CNC Shadowserver Reported CnC Server Port 443 Group 1 (emerging-botcc.portgrouped.rules) 2405005 - ET CNC Shadowserver Reported CnC Server Port 1023 Group 1 (emerging-botcc.portgrouped.rules) 2405006 - ET CNC Shadowserver Reported CnC Server Port 1080 Group 1 (emerging-botcc.portgrouped.rules) 2405007 - ET CNC Shadowserver Reported CnC Server Port 1337 Group 1 (emerging-botcc.portgrouped.rules) 2405008 - ET CNC Shadowserver Reported CnC Server Port 2319 Group 1 (emerging-botcc.portgrouped.rules) 2405009 - ET CNC Shadowserver Reported CnC Server Port 3211 Group 1 (emerging-botcc.portgrouped.rules) 2405010 - ET CNC Shadowserver Reported CnC Server Port 3303 Group 1 (emerging-botcc.portgrouped.rules) 2405011 - ET CNC Shadowserver Reported CnC Server Port 3306 Group 1 (emerging-botcc.portgrouped.rules) 2405012 - ET CNC Shadowserver Reported CnC Server Port 3333 Group 1 (emerging-botcc.portgrouped.rules) 2405013 - ET CNC Shadowserver Reported CnC Server Port 4042 Group 1 (emerging-botcc.portgrouped.rules) 2405014 - ET CNC Shadowserver Reported CnC Server Port 4244 Group 1 (emerging-botcc.portgrouped.rules) 2405015 - ET CNC Shadowserver Reported CnC Server Port 4318 Group 1 (emerging-botcc.portgrouped.rules) 2405016 - ET CNC Shadowserver Reported CnC Server Port 4466 Group 1 (emerging-botcc.portgrouped.rules) 2405017 - ET CNC Shadowserver Reported CnC Server Port 4676 Group 1 (emerging-botcc.portgrouped.rules) 2405018 - ET CNC Shadowserver Reported CnC Server Port 4949 Group 1 (emerging-botcc.portgrouped.rules) 2405019 - ET CNC Shadowserver Reported CnC Server Port 5050 Group 1 (emerging-botcc.portgrouped.rules) 2405020 - ET CNC Shadowserver Reported CnC Server Port 5900 Group 1 (emerging-botcc.portgrouped.rules) 2405021 - ET CNC Shadowserver Reported CnC Server Port 6532 Group 1 (emerging-botcc.portgrouped.rules) 2405022 - ET CNC Shadowserver Reported CnC Server Port 6556 Group 1 (emerging-botcc.portgrouped.rules) 2405023 - ET CNC Shadowserver Reported CnC Server Port 6567 Group 1 (emerging-botcc.portgrouped.rules) 2405024 - ET CNC Shadowserver Reported CnC Server Port 6660 Group 1 (emerging-botcc.portgrouped.rules) 2405025 - ET CNC Shadowserver Reported CnC Server Port 6662 Group 1 (emerging-botcc.portgrouped.rules) 2405026 - ET CNC Shadowserver Reported CnC Server Port 6663 Group 1 (emerging-botcc.portgrouped.rules) 2405027 - ET CNC Shadowserver Reported CnC Server Port 6664 Group 1 (emerging-botcc.portgrouped.rules) 2405028 - ET CNC Shadowserver Reported CnC Server Port 6665 Group 1 (emerging-botcc.portgrouped.rules) 2405029 - ET CNC Shadowserver Reported CnC Server Port 6666 Group 1 (emerging-botcc.portgrouped.rules) 2405030 - ET CNC Shadowserver Reported CnC Server Port 6667 Group 1 (emerging-botcc.portgrouped.rules) 2405031 - ET CNC Shadowserver Reported CnC Server Port 6667 Group 2 (emerging-botcc.portgrouped.rules) 2405032 - ET CNC Shadowserver Reported CnC Server Port 6667 Group 3 (emerging-botcc.portgrouped.rules) 2405033 - ET CNC Shadowserver Reported CnC Server Port 6667 Group 4 (emerging-botcc.portgrouped.rules) 2405034 - ET CNC Shadowserver Reported CnC Server Port 6667 Group 5 (emerging-botcc.portgrouped.rules) 2405035 - ET CNC Shadowserver Reported CnC Server Port 6667 Group 6 (emerging-botcc.portgrouped.rules) 2405036 - ET CNC Shadowserver Reported CnC Server Port 6667 Group 7 (emerging-botcc.portgrouped.rules) 2405037 - ET CNC Shadowserver Reported CnC Server Port 6667 Group 8 (emerging-botcc.portgrouped.rules) 2405038 - ET CNC Shadowserver Reported CnC Server Port 6667 Group 9 (emerging-botcc.portgrouped.rules) 2405039 - ET CNC Shadowserver Reported CnC Server Port 6667 Group 10 (emerging-botcc.portgrouped.rules) 2405040 - ET CNC Shadowserver Reported CnC Server Port 6668 Group 1 (emerging-botcc.portgrouped.rules) 2405041 - ET CNC Shadowserver Reported CnC Server Port 6669 Group 1 (emerging-botcc.portgrouped.rules) 2405042 - ET CNC Shadowserver Reported CnC Server Port 6764 Group 1 (emerging-botcc.portgrouped.rules) 2405043 - ET CNC Shadowserver Reported CnC Server Port 6767 Group 1 (emerging-botcc.portgrouped.rules) 2405044 - ET CNC Shadowserver Reported CnC Server Port 6768 Group 1 (emerging-botcc.portgrouped.rules) 2405045 - ET CNC Shadowserver Reported CnC Server Port 6900 Group 1 (emerging-botcc.portgrouped.rules) 2405046 - ET CNC Shadowserver Reported CnC Server Port 6967 Group 1 (emerging-botcc.portgrouped.rules) 2405047 - ET CNC Shadowserver Reported CnC Server Port 7000 Group 1 (emerging-botcc.portgrouped.rules) 2405048 - ET CNC Shadowserver Reported CnC Server Port 7070 Group 1 (emerging-botcc.portgrouped.rules) 2405049 - ET CNC Shadowserver Reported CnC Server Port 7100 Group 1 (emerging-botcc.portgrouped.rules) 2405050 - ET CNC Shadowserver Reported CnC Server Port 7173 Group 1 (emerging-botcc.portgrouped.rules) 2405051 - ET CNC Shadowserver Reported CnC Server Port 7663 Group 1 (emerging-botcc.portgrouped.rules) 2405052 - ET CNC Shadowserver Reported CnC Server Port 7665 Group 1 (emerging-botcc.portgrouped.rules) 2405053 - ET CNC Shadowserver Reported CnC Server Port 7770 Group 1 (emerging-botcc.portgrouped.rules) 2405054 - ET CNC Shadowserver Reported CnC Server Port 8080 Group 1 (emerging-botcc.portgrouped.rules) 2405055 - ET CNC Shadowserver Reported CnC Server Port 8089 Group 1 (emerging-botcc.portgrouped.rules) 2405056 - ET CNC Shadowserver Reported CnC Server Port 8585 Group 1 (emerging-botcc.portgrouped.rules) 2405057 - ET CNC Shadowserver Reported CnC Server Port 9000 Group 1 (emerging-botcc.portgrouped.rules) 2405058 - ET CNC Shadowserver Reported CnC Server Port 10324 Group 1 (emerging-botcc.portgrouped.rules) 2405059 - ET CNC Shadowserver Reported CnC Server Port 11830 Group 1 (emerging-botcc.portgrouped.rules) 2405060 - ET CNC Shadowserver Reported CnC Server Port 13001 Group 1 (emerging-botcc.portgrouped.rules) [---] Disabled rules: [---] 2001050 - ET MALWARE CometSystems Spyware (emerging-malware.rules) 2001241 - ET CHAT MSN file transfer request (emerging-chat.rules) 2001242 - ET CHAT MSN file transfer accept (emerging-chat.rules) 2001243 - ET CHAT MSN file transfer reject (emerging-chat.rules) 2001682 - ET CHAT MSN IM Poll via HTTP (emerging-chat.rules) 2001744 - ET MALWARE Searchmiracle.com Spyware Install (install) (emerging-malware.rules) 2001884 - ET MALWARE DesktopTraffic Toolbar Spyware (emerging-malware.rules) 2001998 - ET MALWARE UCMore Spyware Downloading Ads (emerging-malware.rules) 2002088 - ET MALWARE C4tdownload.com Spyware Activity (emerging-malware.rules) 2002740 - ET MALWARE adservs.com Spyware (emerging-malware.rules) 2002780 - ET TROJAN Goldun Reporting User Activity 2 (emerging-trojan.rules) 2002956 - ET MALWARE Bestcount.net Spyware Downloading vxgame (emerging-malware.rules) 2003115 - ET TROJAN - Trojan.Proxy.PPAgent.t (updatea) (emerging-trojan.rules) 2003116 - ET TROJAN - Trojan.Proxy.PPAgent.t (updateb) (emerging-trojan.rules) 2003151 - ET MALWARE Fun Web Products SmileyCentral IEsp2 Install (emerging-malware.rules) 2003153 - ET MALWARE Bestcount.net Spyware Exploit Download (emerging-malware.rules) 2003183 - ET TROJAN Prg Trojan Server Reply (emerging-trojan.rules) 2003190 - ET TROJAN Win32.Lager Trojan Reporting Spam (emerging-trojan.rules) 2003201 - ET MALWARE Thespyguard.com Spyware Install (emerging-malware.rules) 2003202 - ET MALWARE Thespyguard.com Spyware Update Check (emerging-malware.rules) 2003203 - ET MALWARE Hitvirus Fake AV Install (emerging-malware.rules) 2003204 - ET MALWARE Thespyguard.com Spyware Updating (emerging-malware.rules) 2003205 - ET MALWARE User-Agent (Informer from RBC) (emerging-malware.rules) 2003211 - ET MALWARE Best-targeted-traffic.com Spyware Ping (emerging-malware.rules) 2003218 - ET MALWARE Conduit Connect Toolbar Message Download(Many report to be benign) (emerging-malware.rules) 2003219 - ET MALWARE Alexa Spyware Reporting (emerging-malware.rules) 2003221 - ET MALWARE MySearchNow.com Spyware (emerging-malware.rules) 2003222 - ET MALWARE MyWebSearch Toolbar Receiving Config 2 (emerging-malware.rules) 2003238 - ET TROJAN W32.Downloader Tibs.jy Reporting to C&C (emerging-trojan.rules) 2003240 - ET MALWARE New.net Spyware updating (emerging-malware.rules) 2003241 - ET MALWARE New.net Spyware Checkin (emerging-malware.rules) 2003250 - ET EXPLOIT Symantec Remote Management RTVScan Exploit (emerging-exploit.rules) 2003251 - ET MALWARE SpySheriff Intial Phone Home (emerging-malware.rules) 2003253 - ET MALWARE MarketScore Spyware Uploading Data (emerging-malware.rules) 2003297 - ET MALWARE Travel Update Spyware (emerging-malware.rules) 2003298 - ET MALWARE KMIP.net Spyware (emerging-malware.rules) 2003335 - ET USER_AGENTS 2search.org User Agent (2search) (emerging-user_agents.rules) 2003336 - ET MALWARE AntiVermins.com Fake Antispyware Package User-Agent (AntiVerminser) (emerging-malware.rules) 2003345 - ET MALWARE User-Agent (Download UBAgent) - lop.com and other spyware (emerging-malware.rules) 2003365 - ET MALWARE Hotbar Zango Toolbar Spyware User Agent (ZangoToolbar ) (emerging-malware.rules) 2003385 - ET USER_AGENTS sgrunt Dialer User Agent (sgrunt) (emerging-user_agents.rules) 2003399 - ET MALWARE Spyhealer Fake Anti-Spyware Install User-Agent (SpyHealer) (emerging-malware.rules) 2003429 - ET MALWARE xxxtoolbar.com Spyware Install User-Agent (emerging-malware.rules) 2003446 - ET MALWARE Adware Command Client Checkin (emerging-malware.rules) 2003449 - ET USER_AGENTS Webbuying.net Spyware Install User-Agent 2 (wb v1.6.4) (emerging-user_agents.rules) 2003475 - ET P2P ABC Torrent User-Agent (ABC/ABC-3.1.0) (emerging-p2p.rules) 2003515 - ET TROJAN Snatch Reporting User Activity (emerging-trojan.rules) 2003526 - ET MALWARE KMIP.net Spyware 2 (emerging-malware.rules) 2003529 - ET MALWARE Msgplus.net Spyware/Adware User-Agent (MsgPlus3) (emerging-malware.rules) 2003531 - ET MALWARE Antivermins.com Spyware/Adware User-Agent (AntiVermeans) (emerging-malware.rules) 2003567 - ET MALWARE Winsoftware.com Fake AV User-Agent (DNS Extractor) (emerging-malware.rules) 2003569 - ET MALWARE Evidencenuker.com Fake AV/Anti-Spyware User-Agent (EVNUKER) (emerging-malware.rules) 2003598 - ET TROJAN Diazom Trojan User-Agent in Use (cv_v2.0.1) (emerging-trojan.rules) 2003644 - ET MALWARE Generic.Malware.dld User-Agent (Sickloader) (emerging-malware.rules) 2003649 - ET TROJAN Hupigon User Agent Detected (SykO) (emerging-trojan.rules) 2003652 - ET MALWARE CoolStreaming Toolbar (Conduit related) User-Agent (Coolstreaming Tool-Bar) (emerging-malware.rules) 2003931 - ET TROJAN Banker.Delf User-Agent (Varlok_11000) (emerging-trojan.rules) [+++] Added non-rule lines: [+++] -> Added to emerging-ciarmy.rules (1): # Version 3217 -> Added to emerging-drop.rules (2): # VERSION 2605 # Generated 2017-06-11 00:05:01 EDT -> Added to sid-msg.map (56): 2024376 || ET EXPLOIT Win32/Industroyer DDOS Siemens SIPROTEC (CVE-2015-5374) || url,www.welivesecurity.com/wp-content/uploads/2017/06/Win32_Industroyer.pdf 2024377 || ET CURRENT_EVENTS Generic Credit Card Information in HTTP POST - Possible Successful Phish Jun 12 2017 2405008 || ET CNC Shadowserver Reported CnC Server Port 2319 Group 1 || url,www.shadowserver.org || url,doc.emergingthreats.net/bin/view/Main/BotCC 2405009 || ET CNC Shadowserver Reported CnC Server Port 3211 Group 1 || url,www.shadowserver.org || url,doc.emergingthreats.net/bin/view/Main/BotCC 2405010 || ET CNC Shadowserver Reported CnC Server Port 3303 Group 1 || url,www.shadowserver.org || url,doc.emergingthreats.net/bin/view/Main/BotCC 2405011 || ET CNC Shadowserver Reported CnC Server Port 3306 Group 1 || url,www.shadowserver.org || url,doc.emergingthreats.net/bin/view/Main/BotCC 2405012 || ET CNC Shadowserver Reported CnC Server Port 3333 Group 1 || url,www.shadowserver.org || url,doc.emergingthreats.net/bin/view/Main/BotCC 2405013 || ET CNC Shadowserver Reported CnC Server Port 4042 Group 1 || url,www.shadowserver.org || url,doc.emergingthreats.net/bin/view/Main/BotCC 2405014 || ET CNC Shadowserver Reported CnC Server Port 4244 Group 1 || url,www.shadowserver.org || url,doc.emergingthreats.net/bin/view/Main/BotCC 2405015 || ET CNC Shadowserver Reported CnC Server Port 4318 Group 1 || url,www.shadowserver.org || url,doc.emergingthreats.net/bin/view/Main/BotCC 2405016 || ET CNC Shadowserver Reported CnC Server Port 4466 Group 1 || url,www.shadowserver.org || url,doc.emergingthreats.net/bin/view/Main/BotCC 2405017 || ET CNC Shadowserver Reported CnC Server Port 4676 Group 1 || url,www.shadowserver.org || url,doc.emergingthreats.net/bin/view/Main/BotCC 2405018 || ET CNC Shadowserver Reported CnC Server Port 4949 Group 1 || url,www.shadowserver.org || url,doc.emergingthreats.net/bin/view/Main/BotCC 2405019 || ET CNC Shadowserver Reported CnC Server Port 5050 Group 1 || url,www.shadowserver.org || url,doc.emergingthreats.net/bin/view/Main/BotCC 2405020 || ET CNC Shadowserver Reported CnC Server Port 5900 Group 1 || url,www.shadowserver.org || url,doc.emergingthreats.net/bin/view/Main/BotCC 2405021 || ET CNC Shadowserver Reported CnC Server Port 6532 Group 1 || url,www.shadowserver.org || url,doc.emergingthreats.net/bin/view/Main/BotCC 2405022 || ET CNC Shadowserver Reported CnC Server Port 6556 Group 1 || url,www.shadowserver.org || url,doc.emergingthreats.net/bin/view/Main/BotCC 2405023 || ET CNC Shadowserver Reported CnC Server Port 6567 Group 1 || url,www.shadowserver.org || url,doc.emergingthreats.net/bin/view/Main/BotCC 2405024 || ET CNC Shadowserver Reported CnC Server Port 6660 Group 1 || url,www.shadowserver.org || url,doc.emergingthreats.net/bin/view/Main/BotCC 2405025 || ET CNC Shadowserver Reported CnC Server Port 6662 Group 1 || url,www.shadowserver.org || url,doc.emergingthreats.net/bin/view/Main/BotCC 2405026 || ET CNC Shadowserver Reported CnC Server Port 6663 Group 1 || url,www.shadowserver.org || url,doc.emergingthreats.net/bin/view/Main/BotCC 2405027 || ET CNC Shadowserver Reported CnC Server Port 6664 Group 1 || url,www.shadowserver.org || url,doc.emergingthreats.net/bin/view/Main/BotCC 2405028 || ET CNC Shadowserver Reported CnC Server Port 6665 Group 1 || url,www.shadowserver.org || url,doc.emergingthreats.net/bin/view/Main/BotCC 2405029 || ET CNC Shadowserver Reported CnC Server Port 6666 Group 1 || url,www.shadowserver.org || url,doc.emergingthreats.net/bin/view/Main/BotCC 2405030 || ET CNC Shadowserver Reported CnC Server Port 6667 Group 1 || url,www.shadowserver.org || url,doc.emergingthreats.net/bin/view/Main/BotCC 2405031 || ET CNC Shadowserver Reported CnC Server Port 6667 Group 2 || url,www.shadowserver.org || url,doc.emergingthreats.net/bin/view/Main/BotCC 2405032 || ET CNC Shadowserver Reported CnC Server Port 6667 Group 3 || url,www.shadowserver.org || url,doc.emergingthreats.net/bin/view/Main/BotCC 2405033 || ET CNC Shadowserver Reported CnC Server Port 6667 Group 4 || url,www.shadowserver.org || url,doc.emergingthreats.net/bin/view/Main/BotCC 2405034 || ET CNC Shadowserver Reported CnC Server Port 6667 Group 5 || url,www.shadowserver.org || url,doc.emergingthreats.net/bin/view/Main/BotCC 2405035 || ET CNC Shadowserver Reported CnC Server Port 6667 Group 6 || url,www.shadowserver.org || url,doc.emergingthreats.net/bin/view/Main/BotCC 2405036 || ET CNC Shadowserver Reported CnC Server Port 6667 Group 7 || url,www.shadowserver.org || url,doc.emergingthreats.net/bin/view/Main/BotCC 2405037 || ET CNC Shadowserver Reported CnC Server Port 6667 Group 8 || url,www.shadowserver.org || url,doc.emergingthreats.net/bin/view/Main/BotCC 2405038 || ET CNC Shadowserver Reported CnC Server Port 6667 Group 9 || url,www.shadowserver.org || url,doc.emergingthreats.net/bin/view/Main/BotCC 2405039 || ET CNC Shadowserver Reported CnC Server Port 6667 Group 10 || url,www.shadowserver.org || url,doc.emergingthreats.net/bin/view/Main/BotCC 2405040 || ET CNC Shadowserver Reported CnC Server Port 6668 Group 1 || url,www.shadowserver.org || url,doc.emergingthreats.net/bin/view/Main/BotCC 2405041 || ET CNC Shadowserver Reported CnC Server Port 6669 Group 1 || url,www.shadowserver.org || url,doc.emergingthreats.net/bin/view/Main/BotCC 2405042 || ET CNC Shadowserver Reported CnC Server Port 6764 Group 1 || url,www.shadowserver.org || url,doc.emergingthreats.net/bin/view/Main/BotCC 2405043 || ET CNC Shadowserver Reported CnC Server Port 6767 Group 1 || url,www.shadowserver.org || url,doc.emergingthreats.net/bin/view/Main/BotCC 2405046 || ET CNC Shadowserver Reported CnC Server Port 6967 Group 1 || url,www.shadowserver.org || url,doc.emergingthreats.net/bin/view/Main/BotCC 2405047 || ET CNC Shadowserver Reported CnC Server Port 7000 Group 1 || url,www.shadowserver.org || url,doc.emergingthreats.net/bin/view/Main/BotCC 2405048 || ET CNC Shadowserver Reported CnC Server Port 7070 Group 1 || url,www.shadowserver.org || url,doc.emergingthreats.net/bin/view/Main/BotCC 2405049 || ET CNC Shadowserver Reported CnC Server Port 7100 Group 1 || url,www.shadowserver.org || url,doc.emergingthreats.net/bin/view/Main/BotCC 2405050 || ET CNC Shadowserver Reported CnC Server Port 7173 Group 1 || url,www.shadowserver.org || url,doc.emergingthreats.net/bin/view/Main/BotCC 2405051 || ET CNC Shadowserver Reported CnC Server Port 7663 Group 1 || url,www.shadowserver.org || url,doc.emergingthreats.net/bin/view/Main/BotCC 2405052 || ET CNC Shadowserver Reported CnC Server Port 7665 Group 1 || url,www.shadowserver.org || url,doc.emergingthreats.net/bin/view/Main/BotCC 2405053 || ET CNC Shadowserver Reported CnC Server Port 7770 Group 1 || url,www.shadowserver.org || url,doc.emergingthreats.net/bin/view/Main/BotCC 2405054 || ET CNC Shadowserver Reported CnC Server Port 8080 Group 1 || url,www.shadowserver.org || url,doc.emergingthreats.net/bin/view/Main/BotCC 2405055 || ET CNC Shadowserver Reported CnC Server Port 8089 Group 1 || url,www.shadowserver.org || url,doc.emergingthreats.net/bin/view/Main/BotCC 2405056 || ET CNC Shadowserver Reported CnC Server Port 8585 Group 1 || url,www.shadowserver.org || url,doc.emergingthreats.net/bin/view/Main/BotCC 2405057 || ET CNC Shadowserver Reported CnC Server Port 9000 Group 1 || url,www.shadowserver.org || url,doc.emergingthreats.net/bin/view/Main/BotCC 2405058 || ET CNC Shadowserver Reported CnC Server Port 10324 Group 1 || url,www.shadowserver.org || url,doc.emergingthreats.net/bin/view/Main/BotCC 2405059 || ET CNC Shadowserver Reported CnC Server Port 11830 Group 1 || url,www.shadowserver.org || url,doc.emergingthreats.net/bin/view/Main/BotCC 2405060 || ET CNC Shadowserver Reported CnC Server Port 13001 Group 1 || url,www.shadowserver.org || url,doc.emergingthreats.net/bin/view/Main/BotCC 2405061 || ET CNC Shadowserver Reported CnC Server Port 19899 Group 1 || url,www.shadowserver.org || url,doc.emergingthreats.net/bin/view/Main/BotCC 2405062 || ET CNC Shadowserver Reported CnC Server Port 21333 Group 1 || url,www.shadowserver.org || url,doc.emergingthreats.net/bin/view/Main/BotCC 2405063 || ET CNC Shadowserver Reported CnC Server Port 33333 Group 1 || url,www.shadowserver.org || url,doc.emergingthreats.net/bin/view/Main/BotCC [---] Removed non-rule lines: [---] -> Removed from emerging-ciarmy.rules (1): # Version 3210 -> Removed from emerging-drop.rules (2): # VERSION 2604 # Generated 2017-06-04 00:05:01 EDT -> Removed from sid-msg.map (51): 2405008 || ET CNC Shadowserver Reported CnC Server Port 1881 Group 1 || url,www.shadowserver.org || url,doc.emergingthreats.net/bin/view/Main/BotCC 2405009 || ET CNC Shadowserver Reported CnC Server Port 2319 Group 1 || url,www.shadowserver.org || url,doc.emergingthreats.net/bin/view/Main/BotCC 2405010 || ET CNC Shadowserver Reported CnC Server Port 3211 Group 1 || url,www.shadowserver.org || url,doc.emergingthreats.net/bin/view/Main/BotCC 2405011 || ET CNC Shadowserver Reported CnC Server Port 3303 Group 1 || url,www.shadowserver.org || url,doc.emergingthreats.net/bin/view/Main/BotCC 2405012 || ET CNC Shadowserver Reported CnC Server Port 3306 Group 1 || url,www.shadowserver.org || url,doc.emergingthreats.net/bin/view/Main/BotCC 2405013 || ET CNC Shadowserver Reported CnC Server Port 3333 Group 1 || url,www.shadowserver.org || url,doc.emergingthreats.net/bin/view/Main/BotCC 2405014 || ET CNC Shadowserver Reported CnC Server Port 4042 Group 1 || url,www.shadowserver.org || url,doc.emergingthreats.net/bin/view/Main/BotCC 2405015 || ET CNC Shadowserver Reported CnC Server Port 4244 Group 1 || url,www.shadowserver.org || url,doc.emergingthreats.net/bin/view/Main/BotCC 2405016 || ET CNC Shadowserver Reported CnC Server Port 4318 Group 1 || url,www.shadowserver.org || url,doc.emergingthreats.net/bin/view/Main/BotCC 2405017 || ET CNC Shadowserver Reported CnC Server Port 4466 Group 1 || url,www.shadowserver.org || url,doc.emergingthreats.net/bin/view/Main/BotCC 2405018 || ET CNC Shadowserver Reported CnC Server Port 4676 Group 1 || url,www.shadowserver.org || url,doc.emergingthreats.net/bin/view/Main/BotCC 2405019 || ET CNC Shadowserver Reported CnC Server Port 4949 Group 1 || url,www.shadowserver.org || url,doc.emergingthreats.net/bin/view/Main/BotCC 2405020 || ET CNC Shadowserver Reported CnC Server Port 5050 Group 1 || url,www.shadowserver.org || url,doc.emergingthreats.net/bin/view/Main/BotCC 2405021 || ET CNC Shadowserver Reported CnC Server Port 5900 Group 1 || url,www.shadowserver.org || url,doc.emergingthreats.net/bin/view/Main/BotCC 2405022 || ET CNC Shadowserver Reported CnC Server Port 6532 Group 1 || url,www.shadowserver.org || url,doc.emergingthreats.net/bin/view/Main/BotCC 2405023 || ET CNC Shadowserver Reported CnC Server Port 6556 Group 1 || url,www.shadowserver.org || url,doc.emergingthreats.net/bin/view/Main/BotCC 2405024 || ET CNC Shadowserver Reported CnC Server Port 6567 Group 1 || url,www.shadowserver.org || url,doc.emergingthreats.net/bin/view/Main/BotCC 2405025 || ET CNC Shadowserver Reported CnC Server Port 6660 Group 1 || url,www.shadowserver.org || url,doc.emergingthreats.net/bin/view/Main/BotCC 2405026 || ET CNC Shadowserver Reported CnC Server Port 6662 Group 1 || url,www.shadowserver.org || url,doc.emergingthreats.net/bin/view/Main/BotCC 2405027 || ET CNC Shadowserver Reported CnC Server Port 6663 Group 1 || url,www.shadowserver.org || url,doc.emergingthreats.net/bin/view/Main/BotCC 2405028 || ET CNC Shadowserver Reported CnC Server Port 6664 Group 1 || url,www.shadowserver.org || url,doc.emergingthreats.net/bin/view/Main/BotCC 2405029 || ET CNC Shadowserver Reported CnC Server Port 6665 Group 1 || url,www.shadowserver.org || url,doc.emergingthreats.net/bin/view/Main/BotCC 2405030 || ET CNC Shadowserver Reported CnC Server Port 6666 Group 1 || url,www.shadowserver.org || url,doc.emergingthreats.net/bin/view/Main/BotCC 2405031 || ET CNC Shadowserver Reported CnC Server Port 6667 Group 1 || url,www.shadowserver.org || url,doc.emergingthreats.net/bin/view/Main/BotCC 2405032 || ET CNC Shadowserver Reported CnC Server Port 6667 Group 2 || url,www.shadowserver.org || url,doc.emergingthreats.net/bin/view/Main/BotCC 2405033 || ET CNC Shadowserver Reported CnC Server Port 6667 Group 3 || url,www.shadowserver.org || url,doc.emergingthreats.net/bin/view/Main/BotCC 2405034 || ET CNC Shadowserver Reported CnC Server Port 6667 Group 4 || url,www.shadowserver.org || url,doc.emergingthreats.net/bin/view/Main/BotCC 2405035 || ET CNC Shadowserver Reported CnC Server Port 6667 Group 5 || url,www.shadowserver.org || url,doc.emergingthreats.net/bin/view/Main/BotCC 2405036 || ET CNC Shadowserver Reported CnC Server Port 6667 Group 6 || url,www.shadowserver.org || url,doc.emergingthreats.net/bin/view/Main/BotCC 2405037 || ET CNC Shadowserver Reported CnC Server Port 6667 Group 7 || url,www.shadowserver.org || url,doc.emergingthreats.net/bin/view/Main/BotCC 2405038 || ET CNC Shadowserver Reported CnC Server Port 6667 Group 8 || url,www.shadowserver.org || url,doc.emergingthreats.net/bin/view/Main/BotCC 2405039 || ET CNC Shadowserver Reported CnC Server Port 6667 Group 9 || url,www.shadowserver.org || url,doc.emergingthreats.net/bin/view/Main/BotCC 2405040 || ET CNC Shadowserver Reported CnC Server Port 6667 Group 10 || url,www.shadowserver.org || url,doc.emergingthreats.net/bin/view/Main/BotCC 2405041 || ET CNC Shadowserver Reported CnC Server Port 6668 Group 1 || url,www.shadowserver.org || url,doc.emergingthreats.net/bin/view/Main/BotCC 2405042 || ET CNC Shadowserver Reported CnC Server Port 6669 Group 1 || url,www.shadowserver.org || url,doc.emergingthreats.net/bin/view/Main/BotCC 2405043 || ET CNC Shadowserver Reported CnC Server Port 6764 Group 1 || url,www.shadowserver.org || url,doc.emergingthreats.net/bin/view/Main/BotCC 2405046 || ET CNC Shadowserver Reported CnC Server Port 7000 Group 1 || url,www.shadowserver.org || url,doc.emergingthreats.net/bin/view/Main/BotCC 2405047 || ET CNC Shadowserver Reported CnC Server Port 7100 Group 1 || url,www.shadowserver.org || url,doc.emergingthreats.net/bin/view/Main/BotCC 2405048 || ET CNC Shadowserver Reported CnC Server Port 7770 Group 1 || url,www.shadowserver.org || url,doc.emergingthreats.net/bin/view/Main/BotCC 2405049 || ET CNC Shadowserver Reported CnC Server Port 8080 Group 1 || url,www.shadowserver.org || url,doc.emergingthreats.net/bin/view/Main/BotCC 2405050 || ET CNC Shadowserver Reported CnC Server Port 8089 Group 1 || url,www.shadowserver.org || url,doc.emergingthreats.net/bin/view/Main/BotCC 2405051 || ET CNC Shadowserver Reported CnC Server Port 8585 Group 1 || url,www.shadowserver.org || url,doc.emergingthreats.net/bin/view/Main/BotCC 2405052 || ET CNC Shadowserver Reported CnC Server Port 9000 Group 1 || url,www.shadowserver.org || url,doc.emergingthreats.net/bin/view/Main/BotCC 2405053 || ET CNC Shadowserver Reported CnC Server Port 10324 Group 1 || url,www.shadowserver.org || url,doc.emergingthreats.net/bin/view/Main/BotCC 2405054 || ET CNC Shadowserver Reported CnC Server Port 11830 Group 1 || url,www.shadowserver.org || url,doc.emergingthreats.net/bin/view/Main/BotCC 2405055 || ET CNC Shadowserver Reported CnC Server Port 13001 Group 1 || url,www.shadowserver.org || url,doc.emergingthreats.net/bin/view/Main/BotCC 2405056 || ET CNC Shadowserver Reported CnC Server Port 15000 Group 1 || url,www.shadowserver.org || url,doc.emergingthreats.net/bin/view/Main/BotCC 2405057 || ET CNC Shadowserver Reported CnC Server Port 19899 Group 1 || url,www.shadowserver.org || url,doc.emergingthreats.net/bin/view/Main/BotCC 2405058 || ET CNC Shadowserver Reported CnC Server Port 21333 Group 1 || url,www.shadowserver.org || url,doc.emergingthreats.net/bin/view/Main/BotCC 2405059 || ET CNC Shadowserver Reported CnC Server Port 33333 Group 1 || url,www.shadowserver.org || url,doc.emergingthreats.net/bin/view/Main/BotCC 2405060 || ET CNC Shadowserver Reported CnC Server Port 40669 Group 1 || url,www.shadowserver.org || url,doc.emergingthreats.net/bin/view/Main/BotCC