Advertisement
vectr0n

Untitled

Jul 29th, 2016
625
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 3.40 KB | None | 0 0
  1. # PROTOCOL-DNS TMG Firewall Client long host entry exploit attempt
  2. suppress gen_id 3, sig_id 19187
  3.  
  4. # ET CHAT IRC USER command
  5. suppress gen_id 1, sig_id 2002023
  6.  
  7. # ET CHAT IRC NICK command
  8. suppress gen_id 1, sig_id 2002024
  9.  
  10. # ET CHAT IRC JOIN command
  11. suppress gen_id 1, sig_id 2002025
  12.  
  13. # ET CHAT IRC PRIVMSG command
  14. suppress gen_id 1, sig_id 2002026
  15.  
  16. # ET CHAT IRC PING command
  17. suppress gen_id 1, sig_id 2002027
  18.  
  19. # ET CHAT IRC PONG response
  20. suppress gen_id 1, sig_id 2002028
  21.  
  22. # http_inspect client
  23. suppress gen_id 119, sig_id 1
  24. suppress gen_id 119, sig_id 2
  25. suppress gen_id 119, sig_id 3
  26. suppress gen_id 119, sig_id 4
  27. suppress gen_id 119, sig_id 5
  28. suppress gen_id 119, sig_id 6
  29. suppress gen_id 119, sig_id 7
  30. suppress gen_id 119, sig_id 8
  31. suppress gen_id 119, sig_id 9
  32. suppress gen_id 119, sig_id 10
  33. suppress gen_id 119, sig_id 11
  34. suppress gen_id 119, sig_id 12
  35. suppress gen_id 119, sig_id 13
  36. suppress gen_id 119, sig_id 14
  37. suppress gen_id 119, sig_id 15
  38. suppress gen_id 119, sig_id 16
  39. suppress gen_id 119, sig_id 17
  40. suppress gen_id 119, sig_id 18
  41. suppress gen_id 119, sig_id 19
  42. suppress gen_id 119, sig_id 20
  43. suppress gen_id 119, sig_id 21
  44. suppress gen_id 119, sig_id 22
  45. suppress gen_id 119, sig_id 23
  46. suppress gen_id 119, sig_id 24
  47. suppress gen_id 119, sig_id 25
  48. suppress gen_id 119, sig_id 26
  49. suppress gen_id 119, sig_id 27
  50. suppress gen_id 119, sig_id 28
  51. suppress gen_id 119, sig_id 29
  52. suppress gen_id 119, sig_id 30
  53. suppress gen_id 119, sig_id 31
  54. suppress gen_id 119, sig_id 32
  55. suppress gen_id 119, sig_id 33
  56. suppress gen_id 119, sig_id 34
  57.  
  58. # http_inspect server
  59. suppress gen_id 120, sig_id 1
  60. suppress gen_id 120, sig_id 2
  61. suppress gen_id 120, sig_id 3
  62. suppress gen_id 120, sig_id 4
  63. suppress gen_id 120, sig_id 5
  64. suppress gen_id 120, sig_id 6
  65. suppress gen_id 120, sig_id 7
  66. suppress gen_id 120, sig_id 8
  67. suppress gen_id 120, sig_id 9
  68. suppress gen_id 120, sig_id 10
  69. suppress gen_id 120, sig_id 11
  70.  
  71. #ET POLICY GNU/Linux APT User-Agent Outbound likely related to package management
  72. suppress gen_id 1, sig_id 2013504
  73.  
  74. #ET POLICY libwww-perl User-Agent
  75. suppress gen_id 1, sig_id 2013030
  76.  
  77. # ET POLICY Python-urllib/ Suspicious User Agent
  78. suppress gen_id 1, sig_id 2013031
  79.  
  80. # (spp_ssl) Invalid Client HELLO after Server HELLO Detected
  81. suppress gen_id 137, sig_id 1
  82.  
  83. # INDICATOR-COMPROMISE Suspicious .pw dns query
  84. suppress gen_id 1, sig_id 28039
  85.  
  86. # ET POLICY curl User-Agent Outbound
  87. suppress gen_id 1, sig_id 2013028
  88.  
  89. # (spp_ssh) Challenge-Response Overflow exploit
  90. suppress gen_id 128, sig_id 1
  91.  
  92. # ET POLICY Protocol 41 IPv6 encapsulation potential 6in4 IPv6 tunnel active
  93. suppress gen_id 1, sig_id 2012141
  94.  
  95. # ET POLICY PE EXE or DLL Windows file download HTTP
  96. suppress gen_id 1, sig_id 2018959
  97.  
  98. # ET SCAN Potential SSH Scan OUTBOUND
  99. suppress gen_id 1, sig_id 2003068
  100.  
  101. # ET POLICY Suspicious inbound to MSSQL port 1433
  102. suppress gen_id 1, sig_id 2010935
  103.  
  104. # ET SCAN Sipvicious Scan
  105. suppress gen_id 1, sig_id 2008578
  106.  
  107. # ET SCAN Sipvicious User-Agent Detected (friendly-scanner)
  108. suppress gen_id 1, sig_id 2011716
  109.  
  110. # ET POLICY Suspicious inbound to mySQL port 3306
  111. suppress gen_id 1, sig_id 2010937
  112.  
  113. # ET POLICY Android Dalvik Executable File Download
  114. suppress gen_id 1, sig_id 2016856
  115.  
  116. # ET INFO EXE IsDebuggerPresent (Used in Malware Anti-Debugging)
  117. suppress gen_id 1, sig_id 2015744
  118.  
  119. # ET INFO Packed Executable Download
  120. suppress gen_id 1, sig_id 2014819
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement