# PROTOCOL-DNS TMG Firewall Client long host entry exploit attemptsuppress gen

1. # PROTOCOL-DNS TMG Firewall Client long host entry exploit attempt
2. suppress gen_id 3, sig_id 19187
3.  
4. # ET CHAT IRC USER command
5. suppress gen_id 1, sig_id 2002023
6.  
7. # ET CHAT IRC NICK command
8. suppress gen_id 1, sig_id 2002024
9.  
10. # ET CHAT IRC JOIN command
11. suppress gen_id 1, sig_id 2002025
12.  
13. # ET CHAT IRC PRIVMSG command
14. suppress gen_id 1, sig_id 2002026
15.  
16. # ET CHAT IRC PING command
17. suppress gen_id 1, sig_id 2002027
18.  
19. # ET CHAT IRC PONG response
20. suppress gen_id 1, sig_id 2002028
21.  
22. # http_inspect client
23. suppress gen_id 119, sig_id 1
24. suppress gen_id 119, sig_id 2
25. suppress gen_id 119, sig_id 3
26. suppress gen_id 119, sig_id 4
27. suppress gen_id 119, sig_id 5
28. suppress gen_id 119, sig_id 6
29. suppress gen_id 119, sig_id 7
30. suppress gen_id 119, sig_id 8
31. suppress gen_id 119, sig_id 9
32. suppress gen_id 119, sig_id 10
33. suppress gen_id 119, sig_id 11
34. suppress gen_id 119, sig_id 12
35. suppress gen_id 119, sig_id 13
36. suppress gen_id 119, sig_id 14
37. suppress gen_id 119, sig_id 15
38. suppress gen_id 119, sig_id 16
39. suppress gen_id 119, sig_id 17
40. suppress gen_id 119, sig_id 18
41. suppress gen_id 119, sig_id 19
42. suppress gen_id 119, sig_id 20
43. suppress gen_id 119, sig_id 21
44. suppress gen_id 119, sig_id 22
45. suppress gen_id 119, sig_id 23
46. suppress gen_id 119, sig_id 24
47. suppress gen_id 119, sig_id 25
48. suppress gen_id 119, sig_id 26
49. suppress gen_id 119, sig_id 27
50. suppress gen_id 119, sig_id 28
51. suppress gen_id 119, sig_id 29
52. suppress gen_id 119, sig_id 30
53. suppress gen_id 119, sig_id 31
54. suppress gen_id 119, sig_id 32
55. suppress gen_id 119, sig_id 33
56. suppress gen_id 119, sig_id 34
57.  
58. # http_inspect server
59. suppress gen_id 120, sig_id 1
60. suppress gen_id 120, sig_id 2
61. suppress gen_id 120, sig_id 3
62. suppress gen_id 120, sig_id 4
63. suppress gen_id 120, sig_id 5
64. suppress gen_id 120, sig_id 6
65. suppress gen_id 120, sig_id 7
66. suppress gen_id 120, sig_id 8
67. suppress gen_id 120, sig_id 9
68. suppress gen_id 120, sig_id 10
69. suppress gen_id 120, sig_id 11
70.  
71. #ET POLICY GNU/Linux APT User-Agent Outbound likely related to package management
72. suppress gen_id 1, sig_id 2013504
73.  
74. #ET POLICY libwww-perl User-Agent
75. suppress gen_id 1, sig_id 2013030
76.  
77. # ET POLICY Python-urllib/ Suspicious User Agent
78. suppress gen_id 1, sig_id 2013031
79.  
80. # (spp_ssl) Invalid Client HELLO after Server HELLO Detected
81. suppress gen_id 137, sig_id 1
82.  
83. # INDICATOR-COMPROMISE Suspicious .pw dns query
84. suppress gen_id 1, sig_id 28039
85.  
86. # ET POLICY curl User-Agent Outbound
87. suppress gen_id 1, sig_id 2013028
88.  
89. # (spp_ssh) Challenge-Response Overflow exploit
90. suppress gen_id 128, sig_id 1
91.  
92. # ET POLICY Protocol 41 IPv6 encapsulation potential 6in4 IPv6 tunnel active
93. suppress gen_id 1, sig_id 2012141
94.  
95. # ET POLICY PE EXE or DLL Windows file download HTTP
96. suppress gen_id 1, sig_id 2018959
97.  
98. # ET SCAN Potential SSH Scan OUTBOUND
99. suppress gen_id 1, sig_id 2003068
100.  
101. # ET POLICY Suspicious inbound to MSSQL port 1433
102. suppress gen_id 1, sig_id 2010935
103.  
104. # ET SCAN Sipvicious Scan
105. suppress gen_id 1, sig_id 2008578
106.  
107. # ET SCAN Sipvicious User-Agent Detected (friendly-scanner)
108. suppress gen_id 1, sig_id 2011716
109.  
110. # ET POLICY Suspicious inbound to mySQL port 3306
111. suppress gen_id 1, sig_id 2010937
112.  
113. # ET POLICY Android Dalvik Executable File Download
114. suppress gen_id 1, sig_id 2016856
115.  
116. # ET INFO EXE IsDebuggerPresent (Used in Malware Anti-Debugging)
117. suppress gen_id 1, sig_id 2015744
118.  
119. # ET INFO Packed Executable Download
120. suppress gen_id 1, sig_id 2014819