TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
602
downloads software updates). The logon.exe process can silently download and execute arbitrary unsigned code from
its controlling FTP server 209.58.80.244.
Signature ID: 28035
Access to MALWARE site PeopleOnPage Vulnerability
Threat Level: Warning
Signature Description: The systems are directed to a site that is capable of installing malwares in the systems.
Malwares are the softwares that pass user's activities to external sites. PeopleonPage is an Internet Explorer sidebar
which claims to show a list of other users of the current site. PeopleOnPage is an adware program (advertising oriented
spyware) that opens advertisements during a user's Internet Explorer browsing session by downloading them from a
server, the PeopleOnPage collects personal information about the user. When a user visits a Web site or sends or
receives email from other POP members, the software collects the information. The software also collects browsing
session information to send back to the company servers,
Signature ID: 28036
Access to MALWARE Bargain Buddy site Vulnerability
Threat Level: Warning
Signature Description: The systems are directed to a site that is capable of installing malwares in the systems.
Malwares are the softwares that pass user's activities to external sites. Bargain Buddy consists of an IE Browser Helper
Object, and a process set to run at startup. BargainBuddy, also known as Acup, adp.exe, Bullseye Network, Ikena,
Bargains, and Bargain Buddy, is advertising-oriented spyware (adware) that downloads and displays new
advertisements in a popup window while browsing the Web. The program has many variants and installs updates
without the victim's knowledge. Microsoft Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT 4.0
and Windows XP are affected by this attack.
Signature ID: 28037
Access to MALWARE BrowserAid site Vulnerability
Threat Level: Warning
Signature Description: The systems are directed to a site that is capable of installing malwares in the systems.
Malwares are the softwares that pass user's activities to external sites. BrowserAid is a family of interrelated Internet
Explorer toolbars and hijackers from browseraid.com, most of which seem to be stealth-installed. BrowserAid redirect
the browsing session to a hidden site to capture address information and other sensitive information. Internet Explorer's
performance may slow as a result of the BrowserAid program. This signature will generate log when the attacker
redirecting by ads.pl, Microsoft Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT 4.0 and
Windows XP are affected by this attack.
Signature ID: 28038
Access to MALWARE BrowserAid site Vulnerability
Threat Level: Warning
Signature Description: The systems are directed to a site that is capable of installing malwares in the systems.
Malwares are the softwares that pass user's activities to external sites. BrowserAid is a family of interrelated Internet
Explorer toolbars and hijackers from browseraid.com, most of which seem to be stealth-installed. BrowserAid may
redirect the browsing session to a hidden site to capture address information and other sensitive information. Internet
Explorer's performance may slow as a result of the BrowserAid program. This signature will generate log when the
attacker redirecting by using uptodate.pl, Microsoft Windows 2000, Windows 95, Windows 98, Windows Me,
Windows NT 4.0 and Windows XP are affected by this attack.