Ruleset Update Summary - 2022/12/08 - v10191

Ruleset Updates
1

Summary:

348 new OPEN, 348 new PRO (348 + 0)

Thanks @AuCyble

The Emerging Threats mailing list is migrating to Discourse. Please visit us at https://community.emergingthreats.net

We will announce the mailing list retirement date in the near future.

Added rules:

Open:

  • 2032083 - ET INFO Onion/TOR Proxy Client Request (info.rules)
  • 2032084 - ET INFO Onion/TOR Successful Proxy Request Response (Inbound) (info.rules)
  • 2042190 - ET INFO DYNAMIC_DNS Query to a *.2fine .de Domain (info.rules)
  • 2042191 - ET INFO DYNAMIC_DNS HTTP Request to a *.2fine .de Domain (info.rules)
  • 2042192 - ET INFO DYNAMIC_DNS Query to a *.antexknitting .com Domain (info.rules)
  • 2042193 - ET INFO DYNAMIC_DNS HTTP Request to a *.antexknitting .com Domain (info.rules)
  • 2042194 - ET INFO DYNAMIC_DNS Query to a *.kbgz .com .my Domain (info.rules)
  • 2042195 - ET INFO DYNAMIC_DNS HTTP Request to a *.kbgz .com .my Domain (info.rules)
  • 2042196 - ET INFO DYNAMIC_DNS Query to a *.horng-bin .com Domain (info.rules)
  • 2042197 - ET INFO DYNAMIC_DNS HTTP Request to a *.horng-bin .com Domain (info.rules)
  • 2042198 - ET INFO DYNAMIC_DNS Query to a *.nm7 .cc Domain (info.rules)
  • 2042199 - ET INFO DYNAMIC_DNS HTTP Request to a *.nm7 .cc Domain (info.rules)
  • 2042200 - ET INFO DYNAMIC_DNS Query to a *.servebbs .com Domain (info.rules)
  • 2042201 - ET INFO DYNAMIC_DNS HTTP Request to a *.servebbs .com Domain (info.rules)
  • 2042202 - ET INFO DYNAMIC_DNS Query to a *.from-ri .com Domain (info.rules)
  • 2042203 - ET INFO DYNAMIC_DNS HTTP Request to a *.from-ri .com Domain (info.rules)
  • 2042204 - ET INFO DYNAMIC_DNS Query to a *.selfip .net Domain (info.rules)
  • 2042205 - ET INFO DYNAMIC_DNS HTTP Request to a *.selfip .net Domain (info.rules)
  • 2042206 - ET INFO DYNAMIC_DNS Query to a *.est-le-patron .com Domain (info.rules)
  • 2042207 - ET INFO DYNAMIC_DNS HTTP Request to a *.est-le-patron .com Domain (info.rules)
  • 2042208 - ET INFO DYNAMIC_DNS Query to a *.is-a-chef .com Domain (info.rules)
  • 2042209 - ET INFO DYNAMIC_DNS HTTP Request to a *.is-a-chef .com Domain (info.rules)
  • 2042210 - ET INFO DYNAMIC_DNS Query to a *.is-a-anarchist .com Domain (info.rules)
  • 2042211 - ET INFO DYNAMIC_DNS HTTP Request to a *.is-a-anarchist .com Domain (info.rules)
  • 2042212 - ET INFO DYNAMIC_DNS Query to a *.merseine .com Domain (info.rules)
  • 2042213 - ET INFO DYNAMIC_DNS HTTP Request to a *.merseine .com Domain (info.rules)
  • 2042214 - ET INFO DYNAMIC_DNS Query to a *.is-an-accountant .com Domain (info.rules)
  • 2042215 - ET INFO DYNAMIC_DNS HTTP Request to a *.is-an-accountant .com Domain (info.rules)
  • 2042216 - ET INFO DYNAMIC_DNS Query to a *.podzone .org Domain (info.rules)
  • 2042217 - ET INFO DYNAMIC_DNS HTTP Request to a *.podzone .org Domain (info.rules)
  • 2042218 - ET INFO DYNAMIC_DNS Query to a *.boldlygoingnowhere .org Domain (info.rules)
  • 2042219 - ET INFO DYNAMIC_DNS HTTP Request to a *.boldlygoingnowhere .org Domain (info.rules)
  • 2042220 - ET INFO DYNAMIC_DNS Query to a *.fuettertdasnetz .de Domain (info.rules)
  • 2042221 - ET INFO DYNAMIC_DNS HTTP Request to a *.fuettertdasnetz .de Domain (info.rules)
  • 2042222 - ET INFO DYNAMIC_DNS Query to a *.stuff-4-sale .org Domain (info.rules)
  • 2042223 - ET INFO DYNAMIC_DNS HTTP Request to a *.stuff-4-sale .org Domain (info.rules)
  • 2042224 - ET INFO DYNAMIC_DNS Query to a *.is-a-bruinsfan .org Domain (info.rules)
  • 2042225 - ET INFO DYNAMIC_DNS HTTP Request to a *.is-a-bruinsfan .org Domain (info.rules)
  • 2042226 - ET INFO DYNAMIC_DNS Query to a *.myphotos .cc Domain (info.rules)
  • 2042227 - ET INFO DYNAMIC_DNS HTTP Request to a *.myphotos .cc Domain (info.rules)
  • 2042228 - ET INFO DYNAMIC_DNS Query to a *.barrel-of-knowledge .info Domain (info.rules)
  • 2042229 - ET INFO DYNAMIC_DNS HTTP Request to a *.barrel-of-knowledge .info Domain (info.rules)
  • 2042230 - ET INFO DYNAMIC_DNS Query to a *.dyndns .info Domain (info.rules)
  • 2042231 - ET INFO DYNAMIC_DNS HTTP Request to a *.dyndns .info Domain (info.rules)
  • 2042232 - ET INFO DYNAMIC_DNS Query to a *.est-a-la-masion .com Domain (info.rules)
  • 2042233 - ET INFO DYNAMIC_DNS HTTP Request to a *.est-a-la-masion .com Domain (info.rules)
  • 2042234 - ET INFO DYNAMIC_DNS Query to a *.for-our .info Domain (info.rules)
  • 2042235 - ET INFO DYNAMIC_DNS HTTP Request to a *.for-our .info Domain (info.rules)
  • 2042236 - ET INFO DYNAMIC_DNS Query to a *.is-gone .com Domain (info.rules)
  • 2042237 - ET INFO DYNAMIC_DNS HTTP Request to a *.is-gone .com Domain (info.rules)
  • 2042238 - ET INFO DYNAMIC_DNS Query to a *.issmarterthanyou .com Domain (info.rules)
  • 2042239 - ET INFO DYNAMIC_DNS HTTP Request to a *.issmarterthanyou .com Domain (info.rules)
  • 2042240 - ET INFO DYNAMIC_DNS Query to a *.from-ct .com Domain (info.rules)
  • 2042241 - ET INFO DYNAMIC_DNS HTTP Request to a *.from-ct .com Domain (info.rules)
  • 2042242 - ET INFO DYNAMIC_DNS Query to a *.for-more .biz Domain (info.rules)
  • 2042243 - ET INFO DYNAMIC_DNS HTTP Request to a *.for-more .biz Domain (info.rules)
  • 2042244 - ET INFO DYNAMIC_DNS Query to a *.is-certified .com Domain (info.rules)
  • 2042245 - ET INFO DYNAMIC_DNS HTTP Request to a *.is-certified .com Domain (info.rules)
  • 2042246 - ET INFO DYNAMIC_DNS Query to a *.from-sd .com Domain (info.rules)
  • 2042247 - ET INFO DYNAMIC_DNS HTTP Request to a *.from-sd .com Domain (info.rules)
  • 2042248 - ET INFO DYNAMIC_DNS Query to a *.from-az .net Domain (info.rules)
  • 2042249 - ET INFO DYNAMIC_DNS HTTP Request to a *.from-az .net Domain (info.rules)
  • 2042250 - ET INFO DYNAMIC_DNS Query to a *.is-a-hard-worker .com Domain (info.rules)
  • 2042251 - ET INFO DYNAMIC_DNS HTTP Request to a *.is-a-hard-worker .com Domain (info.rules)
  • 2042252 - ET INFO DYNAMIC_DNS Query to a *.dynalias .com Domain (info.rules)
  • 2042253 - ET INFO DYNAMIC_DNS HTTP Request to a *.dynalias .com Domain (info.rules)
  • 2042254 - ET INFO DYNAMIC_DNS Query to a *.isa-geek .com Domain (info.rules)
  • 2042255 - ET INFO DYNAMIC_DNS HTTP Request to a *.isa-geek .com Domain (info.rules)
  • 2042256 - ET INFO DYNAMIC_DNS Query to a *.dyndns-free .com Domain (info.rules)
  • 2042257 - ET INFO DYNAMIC_DNS HTTP Request to a *.dyndns-free .com Domain (info.rules)
  • 2042258 - ET INFO DYNAMIC_DNS Query to a *.is-an-anarchist .com Domain (info.rules)
  • 2042259 - ET INFO DYNAMIC_DNS HTTP Request to a *.is-an-anarchist .com Domain (info.rules)
  • 2042260 - ET INFO DYNAMIC_DNS Query to a *.blogdns .com Domain (info.rules)
  • 2042261 - ET INFO DYNAMIC_DNS HTTP Request to a *.blogdns .com Domain (info.rules)
  • 2042262 - ET INFO DYNAMIC_DNS Query to a *.servebbs .org Domain (info.rules)
  • 2042263 - ET INFO DYNAMIC_DNS HTTP Request to a *.servebbs .org Domain (info.rules)
  • 2042264 - ET INFO DYNAMIC_DNS Query to a *.from-wv .com Domain (info.rules)
  • 2042265 - ET INFO DYNAMIC_DNS HTTP Request to a *.from-wv .com Domain (info.rules)
  • 2042266 - ET INFO DYNAMIC_DNS Query to a *.on-the-web .tv Domain (info.rules)
  • 2042267 - ET INFO DYNAMIC_DNS HTTP Request to a *.on-the-web .tv Domain (info.rules)
  • 2042268 - ET INFO DYNAMIC_DNS Query to a *.blogdns .org Domain (info.rules)
  • 2042269 - ET INFO DYNAMIC_DNS HTTP Request to a *.blogdns .org Domain (info.rules)
  • 2042270 - ET INFO DYNAMIC_DNS Query to a *.is-an-entertainer .com Domain (info.rules)
  • 2042271 - ET INFO DYNAMIC_DNS HTTP Request to a *.is-an-entertainer .com Domain (info.rules)
  • 2042272 - ET INFO DYNAMIC_DNS Query to a *.simple-url .com Domain (info.rules)
  • 2042273 - ET INFO DYNAMIC_DNS HTTP Request to a *.simple-url .com Domain (info.rules)
  • 2042274 - ET INFO DYNAMIC_DNS Query to a *.est-a-la-maison .com Domain (info.rules)
  • 2042275 - ET INFO DYNAMIC_DNS HTTP Request to a *.est-a-la-maison .com Domain (info.rules)
  • 2042276 - ET INFO DYNAMIC_DNS Query to a *.servebbs .net Domain (info.rules)
  • 2042277 - ET INFO DYNAMIC_DNS HTTP Request to a *.servebbs .net Domain (info.rules)
  • 2042278 - ET INFO DYNAMIC_DNS Query to a *.barrell-of-knowledge .info Domain (info.rules)
  • 2042279 - ET INFO DYNAMIC_DNS HTTP Request to a *.barrell-of-knowledge .info Domain (info.rules)
  • 2042280 - ET INFO DYNAMIC_DNS Query to a *.from-ma .com Domain (info.rules)
  • 2042281 - ET INFO DYNAMIC_DNS HTTP Request to a *.from-ma .com Domain (info.rules)
  • 2042282 - ET INFO DYNAMIC_DNS Query to a *.from-al .com Domain (info.rules)
  • 2042283 - ET INFO DYNAMIC_DNS HTTP Request to a *.from-al .com Domain (info.rules)
  • 2042284 - ET INFO DYNAMIC_DNS Query to a *.does-it .net Domain (info.rules)
  • 2042285 - ET INFO DYNAMIC_DNS HTTP Request to a *.does-it .net Domain (info.rules)
  • 2042286 - ET INFO DYNAMIC_DNS Query to a *.homeip .net Domain (info.rules)
  • 2042287 - ET INFO DYNAMIC_DNS HTTP Request to a *.homeip .net Domain (info.rules)
  • 2042288 - ET INFO DYNAMIC_DNS Query to a *.from-nd .com Domain (info.rules)
  • 2042289 - ET INFO DYNAMIC_DNS HTTP Request to a *.from-nd .com Domain (info.rules)
  • 2042290 - ET INFO DYNAMIC_DNS Query to a *.gets-it .net Domain (info.rules)
  • 2042291 - ET INFO DYNAMIC_DNS HTTP Request to a *.gets-it .net Domain (info.rules)
  • 2042292 - ET INFO DYNAMIC_DNS Query to a *.saves-the-whales .com Domain (info.rules)
  • 2042293 - ET INFO DYNAMIC_DNS HTTP Request to a *.saves-the-whales .com Domain (info.rules)
  • 2042294 - ET INFO DYNAMIC_DNS Query to a *.is-a-soxfan .org Domain (info.rules)
  • 2042295 - ET INFO DYNAMIC_DNS HTTP Request to a *.is-a-soxfan .org Domain (info.rules)
  • 2042296 - ET INFO DYNAMIC_DNS Query to a *.is-a-designer .com Domain (info.rules)
  • 2042297 - ET INFO DYNAMIC_DNS HTTP Request to a *.is-a-designer .com Domain (info.rules)
  • 2042298 - ET INFO DYNAMIC_DNS Query to a *.podzone .net Domain (info.rules)
  • 2042299 - ET INFO DYNAMIC_DNS HTTP Request to a *.podzone .net Domain (info.rules)
  • 2042300 - ET INFO DYNAMIC_DNS Query to a *.from-vt .com Domain (info.rules)
  • 2042301 - ET INFO DYNAMIC_DNS HTTP Request to a *.from-vt .com Domain (info.rules)
  • 2042302 - ET INFO DYNAMIC_DNS Query to a *.webhop .info Domain (info.rules)
  • 2042303 - ET INFO DYNAMIC_DNS HTTP Request to a *.webhop .info Domain (info.rules)
  • 2042304 - ET INFO DYNAMIC_DNS Query to a *.for-better .biz Domain (info.rules)
  • 2042305 - ET INFO DYNAMIC_DNS HTTP Request to a *.for-better .biz Domain (info.rules)
  • 2042306 - ET INFO DYNAMIC_DNS Query to a *.dvrdns .org Domain (info.rules)
  • 2042307 - ET INFO DYNAMIC_DNS HTTP Request to a *.dvrdns .org Domain (info.rules)
  • 2042308 - ET INFO DYNAMIC_DNS Query to a *.space-to-rent .com Domain (info.rules)
  • 2042309 - ET INFO DYNAMIC_DNS HTTP Request to a *.space-to-rent .com Domain (info.rules)
  • 2042310 - ET INFO DYNAMIC_DNS Query to a *.neat-url .com Domain (info.rules)
  • 2042311 - ET INFO DYNAMIC_DNS HTTP Request to a *.neat-url .com Domain (info.rules)
  • 2042312 - ET INFO DYNAMIC_DNS Query to a *.is-a-conservative .com Domain (info.rules)
  • 2042313 - ET INFO DYNAMIC_DNS HTTP Request to a *.is-a-conservative .com Domain (info.rules)
  • 2042314 - ET INFO DYNAMIC_DNS Query to a *.is-a-patsfan .org Domain (info.rules)
  • 2042315 - ET INFO DYNAMIC_DNS HTTP Request to a *.is-a-patsfan .org Domain (info.rules)
  • 2042316 - ET INFO DYNAMIC_DNS Query to a *.ftpaccess .cc Domain (info.rules)
  • 2042317 - ET INFO DYNAMIC_DNS HTTP Request to a *.ftpaccess .cc Domain (info.rules)
  • 2042318 - ET INFO DYNAMIC_DNS Query to a *.from-mt .com Domain (info.rules)
  • 2042319 - ET INFO DYNAMIC_DNS HTTP Request to a *.from-mt .com Domain (info.rules)
  • 2042320 - ET INFO DYNAMIC_DNS Query to a *.dyndns-ip .com Domain (info.rules)
  • 2042321 - ET INFO DYNAMIC_DNS HTTP Request to a *.dyndns-ip .com Domain (info.rules)
  • 2042322 - ET INFO DYNAMIC_DNS Query to a *.dyndns-at-work .com Domain (info.rules)
  • 2042323 - ET INFO DYNAMIC_DNS HTTP Request to a *.dyndns-at-work .com Domain (info.rules)
  • 2042324 - ET INFO DYNAMIC_DNS Query to a *.is-a-republican .com Domain (info.rules)
  • 2042325 - ET INFO DYNAMIC_DNS HTTP Request to a *.is-a-republican .com Domain (info.rules)
  • 2042326 - ET INFO DYNAMIC_DNS Query to a *.from-mn .com Domain (info.rules)
  • 2042327 - ET INFO DYNAMIC_DNS HTTP Request to a *.from-mn .com Domain (info.rules)
  • 2042328 - ET INFO DYNAMIC_DNS Query to a *.is-a-democrat .com Domain (info.rules)
  • 2042329 - ET INFO DYNAMIC_DNS HTTP Request to a *.is-a-democrat .com Domain (info.rules)
  • 2042330 - ET INFO DYNAMIC_DNS Query to a *.shacknet .us Domain (info.rules)
  • 2042331 - ET INFO DYNAMIC_DNS HTTP Request to a *.shacknet .us Domain (info.rules)
  • 2042332 - ET INFO DYNAMIC_DNS Query to a *.from-md .com Domain (info.rules)
  • 2042333 - ET INFO DYNAMIC_DNS HTTP Request to a *.from-md .com Domain (info.rules)
  • 2042334 - ET INFO DYNAMIC_DNS Query to a *.dnsalias .net Domain (info.rules)
  • 2042335 - ET INFO DYNAMIC_DNS HTTP Request to a *.dnsalias .net Domain (info.rules)
  • 2042336 - ET INFO DYNAMIC_DNS Query to a *.dontexist .com Domain (info.rules)
  • 2042337 - ET INFO DYNAMIC_DNS HTTP Request to a *.dontexist .com Domain (info.rules)
  • 2042338 - ET INFO DYNAMIC_DNS Query to a *.dyn-o-saur .com Domain (info.rules)
  • 2042339 - ET INFO DYNAMIC_DNS HTTP Request to a *.dyn-o-saur .com Domain (info.rules)
  • 2042340 - ET INFO DYNAMIC_DNS Query to a *.is-into-anime .com Domain (info.rules)
  • 2042341 - ET INFO DYNAMIC_DNS HTTP Request to a *.is-into-anime .com Domain (info.rules)
  • 2042342 - ET INFO DYNAMIC_DNS Query to a *.from-mi .com Domain (info.rules)
  • 2042343 - ET INFO DYNAMIC_DNS HTTP Request to a *.from-mi .com Domain (info.rules)
  • 2042344 - ET INFO DYNAMIC_DNS Query to a *.is-an-engineer .com Domain (info.rules)
  • 2042345 - ET INFO DYNAMIC_DNS HTTP Request to a *.is-an-engineer .com Domain (info.rules)
  • 2042346 - ET INFO DYNAMIC_DNS Query to a *.mypets .ws Domain (info.rules)
  • 2042347 - ET INFO DYNAMIC_DNS HTTP Request to a *.mypets .ws Domain (info.rules)
  • 2042348 - ET INFO DYNAMIC_DNS Query to a *.is-a-personaltrainer .com Domain (info.rules)
  • 2042349 - ET INFO DYNAMIC_DNS HTTP Request to a *.is-a-personaltrainer .com Domain (info.rules)
  • 2042350 - ET INFO DYNAMIC_DNS Query to a *.dnsdojo .net Domain (info.rules)
  • 2042351 - ET INFO DYNAMIC_DNS HTTP Request to a *.dnsdojo .net Domain (info.rules)
  • 2042352 - ET INFO DYNAMIC_DNS Query to a *.from-ia .com Domain (info.rules)
  • 2042353 - ET INFO DYNAMIC_DNS HTTP Request to a *.from-ia .com Domain (info.rules)
  • 2042354 - ET INFO DYNAMIC_DNS Query to a *.is-a-hunter .com Domain (info.rules)
  • 2042355 - ET INFO DYNAMIC_DNS HTTP Request to a *.is-a-hunter .com Domain (info.rules)
  • 2042356 - ET INFO DYNAMIC_DNS Query to a *.is-a-cpa .com Domain (info.rules)
  • 2042357 - ET INFO DYNAMIC_DNS HTTP Request to a *.is-a-cpa .com Domain (info.rules)
  • 2042358 - ET INFO DYNAMIC_DNS Query to a *.from-ar .com Domain (info.rules)
  • 2042359 - ET INFO DYNAMIC_DNS HTTP Request to a *.from-ar .com Domain (info.rules)
  • 2042360 - ET INFO DYNAMIC_DNS Query to a *.dontexist .org Domain (info.rules)
  • 2042361 - ET INFO DYNAMIC_DNS HTTP Request to a *.dontexist .org Domain (info.rules)
  • 2042362 - ET INFO DYNAMIC_DNS Query to a *.hobby-site .com Domain (info.rules)
  • 2042363 - ET INFO DYNAMIC_DNS HTTP Request to a *.hobby-site .com Domain (info.rules)
  • 2042364 - ET INFO DYNAMIC_DNS Query to a *.from-or .com Domain (info.rules)
  • 2042365 - ET INFO DYNAMIC_DNS HTTP Request to a *.from-or .com Domain (info.rules)
  • 2042366 - ET INFO DYNAMIC_DNS Query to a *.is-a-candidate .org Domain (info.rules)
  • 2042367 - ET INFO DYNAMIC_DNS HTTP Request to a *.is-a-candidate .org Domain (info.rules)
  • 2042368 - ET INFO DYNAMIC_DNS Query to a *.is-a-player .com Domain (info.rules)
  • 2042369 - ET INFO DYNAMIC_DNS HTTP Request to a *.is-a-player .com Domain (info.rules)
  • 2042370 - ET INFO DYNAMIC_DNS Query to a *.homeunix .net Domain (info.rules)
  • 2042371 - ET INFO DYNAMIC_DNS HTTP Request to a *.homeunix .net Domain (info.rules)
  • 2042372 - ET INFO DYNAMIC_DNS Query to a *.is-a-knight .org Domain (info.rules)
  • 2042373 - ET INFO DYNAMIC_DNS HTTP Request to a *.is-a-knight .org Domain (info.rules)
  • 2042374 - ET INFO DYNAMIC_DNS Query to a *.thruhere .net Domain (info.rules)
  • 2042375 - ET INFO DYNAMIC_DNS HTTP Request to a *.thruhere .net Domain (info.rules)
  • 2042376 - ET INFO DYNAMIC_DNS Query to a *.from-wy .com Domain (info.rules)
  • 2042377 - ET INFO DYNAMIC_DNS HTTP Request to a *.from-wy .com Domain (info.rules)
  • 2042378 - ET INFO DYNAMIC_DNS Query to a *.gotdns .com Domain (info.rules)
  • 2042379 - ET INFO DYNAMIC_DNS HTTP Request to a *.gotdns .com Domain (info.rules)
  • 2042380 - ET INFO DYNAMIC_DNS Query to a *.from-ky .com Domain (info.rules)
  • 2042381 - ET INFO DYNAMIC_DNS HTTP Request to a *.from-ky .com Domain (info.rules)
  • 2042382 - ET INFO DYNAMIC_DNS Query to a *.is-a-caterer .com Domain (info.rules)
  • 2042383 - ET INFO DYNAMIC_DNS HTTP Request to a *.is-a-caterer .com Domain (info.rules)
  • 2042384 - ET INFO DYNAMIC_DNS Query to a *.is-a-geek .org Domain (info.rules)
  • 2042385 - ET INFO DYNAMIC_DNS HTTP Request to a *.is-a-geek .org Domain (info.rules)
  • 2042386 - ET INFO DYNAMIC_DNS Query to a *.in-the-band .net Domain (info.rules)
  • 2042387 - ET INFO DYNAMIC_DNS HTTP Request to a *.in-the-band .net Domain (info.rules)
  • 2042388 - ET INFO DYNAMIC_DNS Query to a *.blogsite .org Domain (info.rules)
  • 2042389 - ET INFO DYNAMIC_DNS HTTP Request to a *.blogsite .org Domain (info.rules)
  • 2042390 - ET INFO DYNAMIC_DNS Query to a *.dyndns-home .com Domain (info.rules)
  • 2042391 - ET INFO DYNAMIC_DNS HTTP Request to a *.dyndns-home .com Domain (info.rules)
  • 2042392 - ET INFO DYNAMIC_DNS Query to a *.is-a-geek .net Domain (info.rules)
  • 2042393 - ET INFO DYNAMIC_DNS HTTP Request to a *.is-a-geek .net Domain (info.rules)
  • 2042394 - ET INFO DYNAMIC_DNS Query to a *.is-a-linux-user .org Domain (info.rules)
  • 2042395 - ET INFO DYNAMIC_DNS HTTP Request to a *.is-a-linux-user .org Domain (info.rules)
  • 2042396 - ET INFO DYNAMIC_DNS Query to a *.is-a-bookkeeper .com Domain (info.rules)
  • 2042397 - ET INFO DYNAMIC_DNS HTTP Request to a *.is-a-bookkeeper .com Domain (info.rules)
  • 2042398 - ET INFO DYNAMIC_DNS Query to a *.from-pa .com Domain (info.rules)
  • 2042399 - ET INFO DYNAMIC_DNS HTTP Request to a *.from-pa .com Domain (info.rules)
  • 2042400 - ET INFO DYNAMIC_DNS Query to a *.from-sc .com Domain (info.rules)
  • 2042401 - ET INFO DYNAMIC_DNS HTTP Request to a *.from-sc .com Domain (info.rules)
  • 2042402 - ET INFO DYNAMIC_DNS Query to a *.is-a-painter .com Domain (info.rules)
  • 2042403 - ET INFO DYNAMIC_DNS HTTP Request to a *.is-a-painter .com Domain (info.rules)
  • 2042404 - ET INFO DYNAMIC_DNS Query to a *.from-ca .com Domain (info.rules)
  • 2042405 - ET INFO DYNAMIC_DNS HTTP Request to a *.from-ca .com Domain (info.rules)
  • 2042406 - ET INFO DYNAMIC_DNS Query to a *.from-ms .com Domain (info.rules)
  • 2042407 - ET INFO DYNAMIC_DNS HTTP Request to a *.from-ms .com Domain (info.rules)
  • 2042408 - ET INFO DYNAMIC_DNS Query to a *.is-not-certified .com Domain (info.rules)
  • 2042409 - ET INFO DYNAMIC_DNS HTTP Request to a *.is-not-certified .com Domain (info.rules)
  • 2042410 - ET INFO DYNAMIC_DNS Query to a *.is-uberleet .com Domain (info.rules)
  • 2042411 - ET INFO DYNAMIC_DNS HTTP Request to a *.is-uberleet .com Domain (info.rules)
  • 2042412 - ET INFO DYNAMIC_DNS Query to a *.misconfused .org Domain (info.rules)
  • 2042413 - ET INFO DYNAMIC_DNS HTTP Request to a *.misconfused .org Domain (info.rules)
  • 2042414 - ET INFO DYNAMIC_DNS Query to a *.is-a-lawyer .com Domain (info.rules)
  • 2042415 - ET INFO DYNAMIC_DNS HTTP Request to a *.is-a-lawyer .com Domain (info.rules)
  • 2042416 - ET INFO DYNAMIC_DNS Query to a *.sells-for-u .com Domain (info.rules)
  • 2042417 - ET INFO DYNAMIC_DNS HTTP Request to a *.sells-for-u .com Domain (info.rules)
  • 2042418 - ET INFO DYNAMIC_DNS Query to a *.homedns .org Domain (info.rules)
  • 2042419 - ET INFO DYNAMIC_DNS HTTP Request to a *.homedns .org Domain (info.rules)
  • 2042420 - ET INFO DYNAMIC_DNS Query to a *.homeftp .org Domain (info.rules)
  • 2042421 - ET INFO DYNAMIC_DNS HTTP Request to a *.homeftp .org Domain (info.rules)
  • 2042422 - ET INFO DYNAMIC_DNS Query to a *.forgot .her .name Domain (info.rules)
  • 2042423 - ET INFO DYNAMIC_DNS HTTP Request to a *.forgot .her .name Domain (info.rules)
  • 2042424 - ET INFO DYNAMIC_DNS Query to a *.is-a-cubicle-slave .com Domain (info.rules)
  • 2042425 - ET INFO DYNAMIC_DNS HTTP Request to a *.is-a-cubicle-slave .com Domain (info.rules)
  • 2042426 - ET INFO DYNAMIC_DNS Query to a *.is-a-teacher .com Domain (info.rules)
  • 2042427 - ET INFO DYNAMIC_DNS HTTP Request to a *.is-a-teacher .com Domain (info.rules)
  • 2042428 - ET INFO DYNAMIC_DNS Query to a *.from-mo .com Domain (info.rules)
  • 2042429 - ET INFO DYNAMIC_DNS HTTP Request to a *.from-mo .com Domain (info.rules)
  • 2042430 - ET INFO DYNAMIC_DNS Query to a *.dnsalias .org Domain (info.rules)
  • 2042431 - ET INFO DYNAMIC_DNS HTTP Request to a *.dnsalias .org Domain (info.rules)
  • 2042432 - ET INFO DYNAMIC_DNS Query to a *.from-de .com Domain (info.rules)
  • 2042433 - ET INFO DYNAMIC_DNS HTTP Request to a *.from-de .com Domain (info.rules)
  • 2042434 - ET INFO DYNAMIC_DNS Query to a *.remotecam .nu Domain (info.rules)
  • 2042435 - ET INFO DYNAMIC_DNS HTTP Request to a *.remotecam .nu Domain (info.rules)
  • 2042436 - ET INFO DYNAMIC_DNS Query to a *.is-a-landscaper .com Domain (info.rules)
  • 2042437 - ET INFO DYNAMIC_DNS HTTP Request to a *.is-a-landscaper .com Domain (info.rules)
  • 2042438 - ET INFO DYNAMIC_DNS Query to a *.ham-radio-op .net Domain (info.rules)
  • 2042439 - ET INFO DYNAMIC_DNS HTTP Request to a *.ham-radio-op .net Domain (info.rules)
  • 2042440 - ET INFO DYNAMIC_DNS Query to a *.go .dyndns .org Domain (info.rules)
  • 2042441 - ET INFO DYNAMIC_DNS HTTP Request to a *.go .dyndns .org Domain (info.rules)
  • 2042442 - ET INFO DYNAMIC_DNS Query to a *.blogdns .net Domain (info.rules)
  • 2042443 - ET INFO DYNAMIC_DNS HTTP Request to a *.blogdns .net Domain (info.rules)
  • 2042444 - ET INFO DYNAMIC_DNS Query to a *.is-a-llama .com Domain (info.rules)
  • 2042445 - ET INFO DYNAMIC_DNS HTTP Request to a *.is-a-llama .com Domain (info.rules)
  • 2042446 - ET INFO DYNAMIC_DNS Query to a *.writesthisblog .com Domain (info.rules)
  • 2042447 - ET INFO DYNAMIC_DNS HTTP Request to a *.writesthisblog .com Domain (info.rules)
  • 2042448 - ET INFO DYNAMIC_DNS Query to a *.isteingeek .de Domain (info.rules)
  • 2042449 - ET INFO DYNAMIC_DNS HTTP Request to a *.isteingeek .de Domain (info.rules)
  • 2042450 - ET INFO DYNAMIC_DNS HTTP Request to a *.ath .cx Domain (info.rules)
  • 2042451 - ET INFO DYNAMIC_DNS Query to a *.endoftheinternet .org Domain (info.rules)
  • 2042452 - ET INFO DYNAMIC_DNS HTTP Request to a *.endoftheinternet .org Domain (info.rules)
  • 2042453 - ET INFO DYNAMIC_DNS Query to a *.is-into-cartoons .com Domain (info.rules)
  • 2042454 - ET INFO DYNAMIC_DNS HTTP Request to a *.is-into-cartoons .com Domain (info.rules)
  • 2042455 - ET INFO DYNAMIC_DNS Query to a *.is-a-musician .com Domain (info.rules)
  • 2042456 - ET INFO DYNAMIC_DNS HTTP Request to a *.is-a-musician .com Domain (info.rules)
  • 2042457 - ET INFO DYNAMIC_DNS Query to a *.isa-geek .net Domain (info.rules)
  • 2042458 - ET INFO DYNAMIC_DNS HTTP Request to a *.isa-geek .net Domain (info.rules)
  • 2042459 - ET INFO DYNAMIC_DNS Query to a *.from-ok .com Domain (info.rules)
  • 2042460 - ET INFO DYNAMIC_DNS HTTP Request to a *.from-ok .com Domain (info.rules)
  • 2042461 - ET INFO DYNAMIC_DNS Query to a *.knowsitall .info Domain (info.rules)
  • 2042462 - ET INFO DYNAMIC_DNS HTTP Request to a *.knowsitall .info Domain (info.rules)
  • 2042463 - ET INFO DYNAMIC_DNS Query to a *.merseine .org Domain (info.rules)
  • 2042464 - ET INFO DYNAMIC_DNS HTTP Request to a *.merseine .org Domain (info.rules)
  • 2042465 - ET INFO DYNAMIC_DNS Query to a *.from-tn .com Domain (info.rules)
  • 2042466 - ET INFO DYNAMIC_DNS HTTP Request to a *.from-tn .com Domain (info.rules)
  • 2042467 - ET INFO DYNAMIC_DNS Query to a *.for-some .biz Domain (info.rules)
  • 2042468 - ET INFO DYNAMIC_DNS HTTP Request to a *.for-some .biz Domain (info.rules)
  • 2042469 - ET INFO DYNAMIC_DNS Query to a *.dyndns-work .com Domain (info.rules)
  • 2042470 - ET INFO DYNAMIC_DNS HTTP Request to a *.dyndns-work .com Domain (info.rules)
  • 2042471 - ET INFO DYNAMIC_DNS Query to a *.game-host .org Domain (info.rules)
  • 2042472 - ET INFO DYNAMIC_DNS HTTP Request to a *.game-host .org Domain (info.rules)
  • 2042473 - ET INFO DYNAMIC_DNS Query to a *.hobby-site .org Domain (info.rules)
  • 2042474 - ET INFO DYNAMIC_DNS HTTP Request to a *.hobby-site .org Domain (info.rules)
  • 2042475 - ET INFO DYNAMIC_DNS Query to a *.dyndns .ws Domain (info.rules)
  • 2042476 - ET INFO DYNAMIC_DNS HTTP Request to a *.dyndns .ws Domain (info.rules)
  • 2042477 - ET INFO DYNAMIC_DNS Query to a *.is-a-techie .com Domain (info.rules)
  • 2042478 - ET INFO DYNAMIC_DNS HTTP Request to a *.is-a-techie .com Domain (info.rules)
  • 2042479 - ET INFO DYNAMIC_DNS Query to a *.is-very-evil .org Domain (info.rules)
  • 2042480 - ET INFO DYNAMIC_DNS HTTP Request to a *.is-very-evil .org Domain (info.rules)
  • 2042481 - ET INFO DYNAMIC_DNS Query to a *.is-a-chef .net Domain (info.rules)
  • 2042482 - ET INFO DYNAMIC_DNS HTTP Request to a *.is-a-chef .net Domain (info.rules)
  • 2042483 - ET INFO DYNAMIC_DNS Query to a *.from-ut .com Domain (info.rules)
  • 2042484 - ET INFO DYNAMIC_DNS HTTP Request to a *.from-ut .com Domain (info.rules)
  • 2042485 - ET INFO DYNAMIC_DNS Query to a *.is-found .org Domain (info.rules)
  • 2042486 - ET INFO DYNAMIC_DNS HTTP Request to a *.is-found .org Domain (info.rules)
  • 2042487 - ET INFO DYNAMIC_DNS Query to a *.endofinternet .org Domain (info.rules)
  • 2042488 - ET INFO DYNAMIC_DNS HTTP Request to a *.endofinternet .org Domain (info.rules)
  • 2042489 - ET INFO DYNAMIC_DNS Query to a *.is-a-geek .com Domain (info.rules)
  • 2042490 - ET INFO DYNAMIC_DNS HTTP Request to a *.is-a-geek .com Domain (info.rules)
  • 2042491 - ET INFO DYNAMIC_DNS Query to a *.is-a-nascarfan .com Domain (info.rules)
  • 2042492 - ET INFO DYNAMIC_DNS HTTP Request to a *.is-a-nascarfan .com Domain (info.rules)
  • 2042493 - ET INFO DYNAMIC_DNS Query to a *.is-very-nice .org Domain (info.rules)
  • 2042494 - ET INFO DYNAMIC_DNS HTTP Request to a *.is-very-nice .org Domain (info.rules)
  • 2042495 - ET INFO DYNAMIC_DNS Query to a *.leitungsen .de Domain (info.rules)
  • 2042496 - ET INFO DYNAMIC_DNS HTTP Request to a *.leitungsen .de Domain (info.rules)
  • 2042497 - ET INFO DYNAMIC_DNS Query to a *.cechire .com Domain (info.rules)
  • 2042498 - ET INFO DYNAMIC_DNS HTTP Request to a *.cechire .com Domain (info.rules)
  • 2042499 - ET INFO DYNAMIC_DNS Query to a *.webhop .net Domain (info.rules)
  • 2042500 - ET INFO DYNAMIC_DNS HTTP Request to a *.webhop .net Domain (info.rules)
  • 2042501 - ET INFO DYNAMIC_DNS Query to a *.from-ga .com Domain (info.rules)
  • 2042502 - ET INFO DYNAMIC_DNS HTTP Request to a *.from-ga .com Domain (info.rules)
  • 2042503 - ET INFO DYNAMIC_DNS Query to a *.broke-it .net Domain (info.rules)
  • 2042504 - ET INFO DYNAMIC_DNS HTTP Request to a *.broke-it .net Domain (info.rules)
  • 2042505 - ET INFO DYNAMIC_DNS Query to a *.from-dc .com Domain (info.rules)
  • 2042506 - ET INFO DYNAMIC_DNS HTTP Request to a *.from-dc .com Domain (info.rules)
  • 2042507 - ET INFO DYNAMIC_DNS Query to a *.is-lost .org Domain (info.rules)
  • 2042508 - ET INFO DYNAMIC_DNS HTTP Request to a *.is-lost .org Domain (info.rules)
  • 2042509 - ET INFO DYNAMIC_DNS Query to a *.selfip .com Domain (info.rules)
  • 2042510 - ET INFO DYNAMIC_DNS HTTP Request to a *.selfip .com Domain (info.rules)
  • 2042511 - ET INFO DYNAMIC_DNS Query to a *.from-ak .com Domain (info.rules)
  • 2042512 - ET INFO DYNAMIC_DNS HTTP Request to a *.from-ak .com Domain (info.rules)
  • 2042513 - ET INFO DYNAMIC_DNS Query to a *.mine .nu Domain (info.rules)
  • 2042514 - ET INFO DYNAMIC_DNS HTTP Request to a *.mine .nu Domain (info.rules)
  • 2042515 - ET INFO DYNAMIC_DNS Query to a *.better-than .tv Domain (info.rules)
  • 2042516 - ET INFO DYNAMIC_DNS HTTP Request to a *.better-than .tv Domain (info.rules)
  • 2042517 - ET MALWARE Win32/Eternity Activity (POST) (malware.rules)
  • 2042518 - ET MALWARE Win32/Eternity Ransomware Retrieving Image (GET) (malware.rules)
  • 2042519 - ET HUNTING Suspicious Office Template Style Request (GET) (hunting.rules)
  • 2042520 - ET MALWARE Win32/BlackMagic Ransomware Payload Request (GET) (malware.rules)
  • 2042521 - ET MALWARE Observed BatLoader Domain (cloudsteamview .com) in TLS SNI (malware.rules)
  • 2042522 - ET MALWARE Observed BatLoader Domain (installationupgrade6 .com) in TLS SNI (malware.rules)
  • 2042523 - ET MALWARE Observed BatLoader Domain (installationsoftware1 .com) in TLS SNI (malware.rules)
  • 2042524 - ET MALWARE Observed BatLoader Domain (tableau-cloud .com) in TLS SNI (malware.rules)
  • 2042525 - ET MALWARE Observed BatLoader Domain (internalcheckssso .com) in TLS SNI (malware.rules)
  • 2042526 - ET MALWARE Observed BatLoader Domain (logmeincloudss .com) in TLS SNI (malware.rules)
  • 2042527 - ET MALWARE Observed BatLoader Domain (105105105015 .com) in TLS SNI (malware.rules)
  • 2042528 - ET MALWARE BatLoader CnC Domain (cloudsteamview .com) in DNS Lookup (malware.rules)
  • 2042529 - ET MALWARE BatLoader CnC Domain (installationupgrade6 .com) in DNS Lookup (malware.rules)
  • 2042530 - ET MALWARE BatLoader CnC Domain (installationsoftware1 .com) in DNS Lookup (malware.rules)
  • 2042531 - ET MALWARE BatLoader CnC Domain (tableau-cloud .com) in DNS Lookup (malware.rules)
  • 2042532 - ET MALWARE BatLoader CnC Domain (internalcheckssso .com) in DNS Lookup (malware.rules)
  • 2042533 - ET MALWARE BatLoader CnC Domain (logmeincloudss .com) in DNS Lookup (malware.rules)
  • 2042534 - ET MALWARE BatLoader CnC Domain (105105105015 .com) in DNS Lookup (malware.rules)
  • 2042535 - ET MALWARE Win32/Packed.Themida.AAL Checkin (malware.rules)

Removed rules:

  • 2032083 - ET MALWARE ZHtrap CnC Checkin (malware.rules)
  • 2032084 - ET MALWARE ZHtrap CnC Response - Connection Successfully Established (malware.rules)