TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
605
entered into forms on search engines. Microsoft Windows 2000, Windows 2003 Server, Windows 95, Windows 98,
Windows Me, Windows NT 4.0 and Windows XP are affected by this attack.
Signature ID: 28049
MALWARE Internet Optimizer site Vulnerability(1)
Threat Level: Information
Signature Description: This rule tries to detect the website which runs the Internet Optimizer malware. The systems are
directed to a site that is capable of installing malwares in the systems. Internet Optimizer is an adware program that
creates advertisements on system. Internet Optimizer can also hijacks user browser error page. It opens pop-up
windows to display ads from its network sites periodically. This signature detects attacks, the attack pattern is
'/io/downloads/' then '/wsi8/optimize'.
Signature ID: 28050
MALWARE Internet Optimizer site Vulnerability(2)
Threat Level: Information
Signature Description: This rule tries to detect the website which runs the Internet Optimizer malware. The systems are
directed to a site that is capable of installing malwares in the systems. Internet Optimizer is an adware program that
creates advertisements on system. Internet Optimizer can also hijacks user browser error page. It opens pop-up
windows to display ads from its network sites periodically. This signature detects attacks /conf/xml/.
Signature ID: 28057
Access to likely MALWARE site for installer Vulnerability(2)
Threat Level: Information
Signature Description: Malware is software designed to damage a computer system without the owner's knowledge or
consent. It includes computer viruses, worms, Trojan horses, and also spyware programming. This rule will trigger
when the attacker can send a request to the 'embratel|viewforhumor|humormenssagem|terra.scr' files. The successful
exploitation of this issue will allow an attacker to crash the system and gain unauthorized information.
Signature ID: 28058
Access to likely MALWARE site for installer Vulnerability(4)
Threat Level: Information
Signature Description: Malware is software designed to damage a computer system without the owner's knowledge or
consent. It includes computer viruses, worms, Trojan horses, and also spyware programming. This rule will trigger
when the attacker can send a request to the
'cartas&cartoes|embratel|cartao|VirtualCards|atualizacaonorton|serasar|CobrancaEmbratel' executable files. The
successful exploitation of this issue will allow an attacker to crash the system and gain unauthorized information.
Signature ID: 28059
Access to likely MALWARE site for installer Vulnerability(5)
Threat Level: Information
Signature Description: Malware is software designed to damage a computer system without the owner's knowledge or
consent. It includes computer viruses, worms, Trojan horses, and also spyware programming. This rule will trigger
when the attacker can send a request to the 'ExtratoTim|FlashFotos|Vacina-
Norton|CartaoIloves|Cobranca|fotos_ineditas' executable files. The successful exploitation of this issue will allow an
attacker to crash the system and gain unauthorized information.