Generated by : ../snort_rule_urlchecker version Thu Dec 1 22:06:24 PST 2005

Which may be found at http://www.grotto-group.com/~gulfie/projects... maybe

./snortrules-COMM-2.4/rules/community-misc.rules Fri Dec 2 01:23:25 2005
Filename : line Rules
./snortrules-COMM-2.4/rules/community-misc.rules : 1 # Copyright 2005 Sourcefire, Inc. All Rights Reserved.
./snortrules-COMM-2.4/rules/community-misc.rules : 2 # These rules are licensed under the GNU General Public License.
./snortrules-COMM-2.4/rules/community-misc.rules : 3 # Please see the file LICENSE in this directory for more details.
./snortrules-COMM-2.4/rules/community-misc.rules : 4 # $Id: community-misc.rules,v 1.5 2005/11/14 16:49:10 akirk Exp $
./snortrules-COMM-2.4/rules/community-misc.rules : 5
./snortrules-COMM-2.4/rules/community-misc.rules : 6 alert udp $EXTERNAL_NET any -> $HOME_NET 5093 (msg:"COMMUNITY MISC Sentinel License Manager overflow attempt"; dsize:>1000; reference:cve,CAN-2005-0353; reference:bugtraq,12742; classtype:attempted-user; sid:100000125; rev:1;)
./snortrules-COMM-2.4/rules/community-misc.rules : 7 alert tcp $EXTERNAL_NET any - > $HOME_NET 2380 (msg:"COMMUNITY MISC GoodTech Telnet Server Buffer Overflow Attempt"; flow:to_server,established; pcre:"/[^\r\n]{1000,}/i"; reference:cve,2005-0768; reference:url,unsecure.altervista.org/security/goodtechtelnet.htm; classtype:attempted-dos; sid:100000126; rev:1;)
./snortrules-COMM-2.4/rules/community-misc.rules : 8 #Rule submitted by rmkml
./snortrules-COMM-2.4/rules/community-misc.rules : 9 alert tcp any any -> any !139 (msg:"COMMUNITY MISC BAD-SSL tcp detect"; flow:stateless; content:"|00 0E|"; depth:4; offset:0; classtype:misc-activity; sid:100000137; rev:1;)
./snortrules-COMM-2.4/rules/community-misc.rules : 10 #Rules submitted by Thierry Chich
./snortrules-COMM-2.4/rules/community-misc.rules : 11 alert tcp any any - > any any (msg:"COMMUNITY MISC streaming RTSP (realpayer)"; content:"PLAY rtsp|3A 2F 2F|"; depth: 12; classtype:policy-violation; reference:url,www.rtsp.org; sid:100000189; rev:1;)
./snortrules-COMM-2.4/rules/community-misc.rules : 12 alert tcp any any - > any any (msg:"COMMUNITY MISC streaming Windows Mediaplayer"; content:"|01 00 00 00 ce fa 0b b0|"; depth: 8; content:"MMS"; distance: 4; depth: 4; classtype:policy-violation; reference:url,www.microsoft.com; sid:100000190; rev:1;)