[prev in list] [next in list] [prev in thread] [next in thread]
List: emerging-sigs
Subject: Re: [Emerging-Sigs] ET CURRENT_EVENTS Redkit Jar Naming
From: abhinav singh <abhinavbom () gmail ! com>
Date: 2015-06-17 1:28:58
Message-ID: CAC14vehrVcK2_fQKm1MNNtM5azzN7FT0sjucMpkiDh=ixrLaEg () mail ! gmail ! com
[Download RAW message or body]
[Attachment #2 (multipart/alternative)]
I guess its long dead.
Regards
Abhinav singh
On Tue, Jun 16, 2015 at 5:39 AM, <
emerging-sigs-request@lists.emergingthreats.net> wrote:
> Send Emerging-sigs mailing list submissions to
> emerging-sigs@lists.emergingthreats.net
>
> To subscribe or unsubscribe via the World Wide Web, visit
> https://lists.emergingthreats.net/mailman/listinfo/emerging-sigs
> or, via email, send a message with subject or body 'help' to
> emerging-sigs-request@lists.emergingthreats.net
>
> You can reach the person managing the list at
> emerging-sigs-owner@lists.emergingthreats.net
>
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of Emerging-sigs digest..."
>
>
> Today's Topics:
>
> 1. Re: ET CURRENT_EVENTS Redkit Jar Naming Pattern March 03 2013
> (1:2016588) (Joel Esler (jesler))
> 2. Re: ET CURRENT_EVENTS Redkit Jar Naming Pattern March 03 2013
> (1:2016588) (Will Metcalf)
>
>
> ----------------------------------------------------------------------
>
> Message: 1
> Date: Mon, 15 Jun 2015 21:36:34 +0000
> From: "Joel Esler (jesler)" <jesler@cisco.com>
> To: "Rodgers, Anthony (DTMB)" <RodgersA1@michigan.gov>
> Cc: "emerging-sigs@lists.emergingthreats.net"
> <emerging-sigs@lists.emergingthreats.net>
> Subject: Re: [Emerging-Sigs] ET CURRENT_EVENTS Redkit Jar Naming
> Pattern March 03 2013 (1:2016588)
> Message-ID: <65953063-C028-4CB6-A236-77CE54EF923E@cisco.com>
> Content-Type: text/plain; charset="utf-8"
>
> I haven?t seen Redkit in awhile. Anyone?
>
> On Jun 13, 2015, at 9:42 AM, Rodgers, Anthony (DTMB) <
> RodgersA1@michigan.gov<mailto:RodgersA1@michigan.gov>> wrote:
>
> May I suggest a negation for chessproblems.com<http://chessproblems.com/>?
> The associated .jar file comes up as ?safe to use? in VirusTotal.
>
> GET /cp.jar HTTP/1.1
> content-type: application/x-java-archive
> accept-encoding: pack200-gzip,gzip
> Host: www.chessproblems.com<http://www.chessproblems.com/>
> Cache-Control: no-cache
> Pragma: no-cache
> User-Agent: Mozilla/4.0 (Windows Vista 6.1) Java/1.6.0_02
> Accept: text/html, image/gif, image/jpeg, *; q=.2, */*; q=.2
> Connection: keep-alive
> If-Modified-Since: Wed, 30 Nov 2011 01:24:23 GMT
>
> --
> Anthony Rodgers
> Security Analyst
> Michigan Security Operations Center (MiSOC)
> DTMB, Michigan Cyber Security
> (517) 241-8957 ? Desk Phone
> (517) 335-1722 ? MiSOC Central Number
> (517) 373-8955 ? MiSOC Fax
>
> _______________________________________________
> Emerging-sigs mailing list
> Emerging-sigs@lists.emergingthreats.net<mailto:
> Emerging-sigs@lists.emergingthreats.net>
> https://lists.emergingthreats.net/mailman/listinfo/emerging-sigs
>
> Support Emerging Threats! Subscribe to Emerging Threats Pro
> http://www.emergingthreats.net<http://www.emergingthreats.net/>
>
> -------------- next part --------------
> An HTML attachment was scrubbed...
> URL: <
> http://lists.emergingthreats.net/pipermail/emerging-sigs/attachments/20150615/f74e7172/attachment-0001.html
>
> >
>
> ------------------------------
>
> Message: 2
> Date: Mon, 15 Jun 2015 16:39:37 -0500
> From: Will Metcalf <wmetcalf@emergingthreatspro.com>
> To: "Joel Esler (jesler)" <jesler@cisco.com>
> Cc: "emerging-sigs@lists.emergingthreats.net"
> <emerging-sigs@lists.emergingthreats.net>
> Subject: Re: [Emerging-Sigs] ET CURRENT_EVENTS Redkit Jar Naming
> Pattern March 03 2013 (1:2016588)
> Message-ID:
> <CAKrkXrOe1YiwZeBN+OQogc9wogSXd8V=
> SQShcWJgDMP8EofRQQ@mail.gmail.com>
> Content-Type: text/plain; charset="utf-8"
>
> Nope...
>
> On Mon, Jun 15, 2015 at 4:36 PM, Joel Esler (jesler) <jesler@cisco.com>
> wrote:
>
> > I haven?t seen Redkit in awhile. Anyone?
> >
> > On Jun 13, 2015, at 9:42 AM, Rodgers, Anthony (DTMB) <
> > RodgersA1@michigan.gov> wrote:
> >
> > May I suggest a negation for chessproblems.com? The associated .jar
> > file comes up as ?safe to use? in VirusTotal.
> >
> > GET /cp.jar HTTP/1.1
> > content-type: application/x-java-archive
> > accept-encoding: pack200-gzip,gzip
> > Host: www.chessproblems.com
> > Cache-Control: no-cache
> > Pragma: no-cache
> > User-Agent: Mozilla/4.0 (Windows Vista 6.1) Java/1.6.0_02
> > Accept: text/html, image/gif, image/jpeg, *; q=.2, */*; q=.2
> > Connection: keep-alive
> > If-Modified-Since: Wed, 30 Nov 2011 01:24:23 GMT
> >
> > --
> > Anthony Rodgers
> > Security Analyst
> > Michigan Security Operations Center (MiSOC)
> > DTMB, Michigan Cyber Security
> > (517) 241-8957 ? Desk Phone
> > (517) 335-1722 ? MiSOC Central Number
> > (517) 373-8955 ? MiSOC Fax
> >
> > _______________________________________________
> > Emerging-sigs mailing list
> > Emerging-sigs@lists.emergingthreats.net
> > https://lists.emergingthreats.net/mailman/listinfo/emerging-sigs
> >
> > Support Emerging Threats! Subscribe to Emerging Threats Pro
> > http://www.emergingthreats.net
> >
> >
> >
> > _______________________________________________
> > Emerging-sigs mailing list
> > Emerging-sigs@lists.emergingthreats.net
> > https://lists.emergingthreats.net/mailman/listinfo/emerging-sigs
> >
> > Support Emerging Threats! Subscribe to Emerging Threats Pro
> > http://www.emergingthreats.net
> >
> >
> >
> -------------- next part --------------
> An HTML attachment was scrubbed...
> URL: <
> http://lists.emergingthreats.net/pipermail/emerging-sigs/attachments/20150615/38f506b9/attachment.html
>
> >
>
> ------------------------------
>
> _______________________________________________
> Emerging-sigs mailing list
> Emerging-sigs@lists.emergingthreats.net
> https://lists.emergingthreats.net/mailman/listinfo/emerging-sigs
>
>
> End of Emerging-sigs Digest, Vol 91, Issue 26
> *********************************************
>
--
Thanks & Regards
Abhinav singh
[Attachment #5 (text/html)]
<div dir="ltr">I guess its long dead. <div><br></div><div>Regards</div><div>Abhinav \
singh<br><div class="gmail_extra"><br><div class="gmail_quote">On Tue, Jun 16, 2015 \
at 5:39 AM, <span dir="ltr"><<a \
href="mailto:emerging-sigs-request@lists.emergingthreats.net" \
target="_blank">emerging-sigs-request@lists.emergingthreats.net</a>></span> \
wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px \
#ccc solid;padding-left:1ex">Send Emerging-sigs mailing list \
submissions to<br>
<a href="mailto:emerging-sigs@lists.emergingthreats.net">emerging-sigs@lists.emergingthreats.net</a><br>
<br>
To subscribe or unsubscribe via the World Wide Web, visit<br>
<a href="https://lists.emergingthreats.net/mailman/listinfo/emerging-sigs" \
rel="noreferrer" target="_blank">https://lists.emergingthreats.net/mailman/listinfo/emerging-sigs</a><br>
or, via email, send a message with subject or body 'help' to<br>
<a href="mailto:emerging-sigs-request@lists.emergingthreats.net">emerging-sigs-request@lists.emergingthreats.net</a><br>
<br>
You can reach the person managing the list at<br>
<a href="mailto:emerging-sigs-owner@lists.emergingthreats.net">emerging-sigs-owner@lists.emergingthreats.net</a><br>
<br>
When replying, please edit your Subject line so it is more specific<br>
than "Re: Contents of Emerging-sigs digest..."<br>
<br>
<br>
Today's Topics:<br>
<br>
1. Re: ET CURRENT_EVENTS Redkit Jar Naming Pattern March 03 2013<br>
(1:2016588) (Joel Esler (jesler))<br>
2. Re: ET CURRENT_EVENTS Redkit Jar Naming Pattern March 03 2013<br>
(1:2016588) (Will Metcalf)<br>
<br>
<br>
----------------------------------------------------------------------<br>
<br>
Message: 1<br>
Date: Mon, 15 Jun 2015 21:36:34 +0000<br>
From: "Joel Esler (jesler)" <<a \
href="mailto:jesler@cisco.com">jesler@cisco.com</a>><br>
To: "Rodgers, Anthony (DTMB)" <<a \
href="mailto:RodgersA1@michigan.gov">RodgersA1@michigan.gov</a>><br>
Cc: "<a href="mailto:emerging-sigs@lists.emergingthreats.net">emerging-sigs@lists.emergingthreats.net</a>"<br>
<<a href="mailto:emerging-sigs@lists.emergingthreats.net">emerging-sigs@lists.emergingthreats.net</a>><br>
Subject: Re: [Emerging-Sigs] ET CURRENT_EVENTS Redkit Jar Naming<br>
Pattern March 03 2013 (1:2016588)<br>
Message-ID: <<a href="mailto:65953063-C028-4CB6-A236-77CE54EF923E@cisco.com">65953063-C028-4CB6-A236-77CE54EF923E@cisco.com</a>><br>
Content-Type: text/plain; charset="utf-8"<br>
<br>
I haven?t seen Redkit in awhile. Anyone?<br>
<br>
On Jun 13, 2015, at 9:42 AM, Rodgers, Anthony (DTMB) <<a \
href="mailto:RodgersA1@michigan.gov">RodgersA1@michigan.gov</a><mailto:<a \
href="mailto:RodgersA1@michigan.gov">RodgersA1@michigan.gov</a>>> wrote:<br> \
<br> May I suggest a negation for <a href="http://chessproblems.com" rel="noreferrer" \
target="_blank">chessproblems.com</a><<a href="http://chessproblems.com/" \
rel="noreferrer" target="_blank">http://chessproblems.com/</a>>? The associated \
.jar file comes up as ?safe to use? in VirusTotal.<br> <br>
GET /cp.jar HTTP/1.1<br>
content-type: application/x-java-archive<br>
accept-encoding: pack200-gzip,gzip<br>
Host: <a href="http://www.chessproblems.com" rel="noreferrer" \
target="_blank">www.chessproblems.com</a><<a href="http://www.chessproblems.com/" \
rel="noreferrer" \
target="_blank">http://www.chessproblems.com/</a>><br>
Cache-Control: no-cache<br>
Pragma: no-cache<br>
User-Agent: Mozilla/4.0 (Windows Vista 6.1) Java/1.6.0_02<br>
Accept: text/html, image/gif, image/jpeg, *; q=.2, */*; q=.2<br>
Connection: keep-alive<br>
If-Modified-Since: Wed, 30 Nov 2011 01:24:23 GMT<br>
<br>
--<br>
Anthony Rodgers<br>
Security Analyst<br>
Michigan Security Operations Center (MiSOC)<br>
DTMB, Michigan Cyber Security<br>
(517) 241-8957 ? Desk Phone<br>
(517) 335-1722 ? MiSOC Central Number<br>
(517) 373-8955 ? MiSOC Fax<br>
<br>
_______________________________________________<br>
Emerging-sigs mailing list<br>
<a href="mailto:Emerging-sigs@lists.emergingthreats.net">Emerging-sigs@lists.emergingthreats.net</a><mailto:<a \
href="mailto:Emerging-sigs@lists.emergingthreats.net">Emerging-sigs@lists.emergingthreats.net</a>><br>
<a href="https://lists.emergingthreats.net/mailman/listinfo/emerging-sigs" \
rel="noreferrer" target="_blank">https://lists.emergingthreats.net/mailman/listinfo/emerging-sigs</a><br>
<br>
Support Emerging Threats! Subscribe to Emerging Threats Pro <a \
href="http://www.emergingthreats.net" rel="noreferrer" \
target="_blank">http://www.emergingthreats.net</a><<a \
href="http://www.emergingthreats.net/" rel="noreferrer" \
target="_blank">http://www.emergingthreats.net/</a>><br> <br>
-------------- next part --------------<br>
An HTML attachment was scrubbed...<br>
URL: <<a href="http://lists.emergingthreats.net/pipermail/emerging-sigs/attachments/20150615/f74e7172/attachment-0001.html" \
rel="noreferrer" target="_blank">http://lists.emergingthreats.net/pipermail/emerging-sigs/attachments/20150615/f74e7172/attachment-0001.html</a>><br>
<br>
------------------------------<br>
<br>
Message: 2<br>
Date: Mon, 15 Jun 2015 16:39:37 -0500<br>
From: Will Metcalf <<a \
href="mailto:wmetcalf@emergingthreatspro.com">wmetcalf@emergingthreatspro.com</a>><br>
To: "Joel Esler (jesler)" <<a \
href="mailto:jesler@cisco.com">jesler@cisco.com</a>><br>
Cc: "<a href="mailto:emerging-sigs@lists.emergingthreats.net">emerging-sigs@lists.emergingthreats.net</a>"<br>
<<a href="mailto:emerging-sigs@lists.emergingthreats.net">emerging-sigs@lists.emergingthreats.net</a>><br>
Subject: Re: [Emerging-Sigs] ET CURRENT_EVENTS Redkit Jar Naming<br>
Pattern March 03 2013 (1:2016588)<br>
Message-ID:<br>
<CAKrkXrOe1YiwZeBN+OQogc9wogSXd8V=<a \
href="mailto:SQShcWJgDMP8EofRQQ@mail.gmail.com">SQShcWJgDMP8EofRQQ@mail.gmail.com</a>><br>
Content-Type: text/plain; charset="utf-8"<br>
<br>
Nope...<br>
<br>
On Mon, Jun 15, 2015 at 4:36 PM, Joel Esler (jesler) <<a \
href="mailto:jesler@cisco.com">jesler@cisco.com</a>><br> wrote:<br>
<br>
> I haven?t seen Redkit in awhile. Anyone?<br>
><br>
> On Jun 13, 2015, at 9:42 AM, Rodgers, Anthony (DTMB) <<br>
> <a href="mailto:RodgersA1@michigan.gov">RodgersA1@michigan.gov</a>> \
wrote:<br> ><br>
> May I suggest a negation for <a href="http://chessproblems.com" \
rel="noreferrer" target="_blank">chessproblems.com</a>? The associated .jar<br> > \
file comes up as ?safe to use? in VirusTotal.<br> ><br>
> GET /cp.jar HTTP/1.1<br>
> content-type: application/x-java-archive<br>
> accept-encoding: pack200-gzip,gzip<br>
> Host: <a href="http://www.chessproblems.com" rel="noreferrer" \
target="_blank">www.chessproblems.com</a><br> > Cache-Control: no-cache<br>
> Pragma: no-cache<br>
> User-Agent: Mozilla/4.0 (Windows Vista 6.1) Java/1.6.0_02<br>
> Accept: text/html, image/gif, image/jpeg, *; q=.2, */*; q=.2<br>
> Connection: keep-alive<br>
> If-Modified-Since: Wed, 30 Nov 2011 01:24:23 GMT<br>
><br>
> --<br>
> Anthony Rodgers<br>
> Security Analyst<br>
> Michigan Security Operations Center (MiSOC)<br>
> DTMB, Michigan Cyber Security<br>
> (517) 241-8957 ? Desk Phone<br>
> (517) 335-1722 ? MiSOC Central Number<br>
> (517) 373-8955 ? MiSOC Fax<br>
><br>
> _______________________________________________<br>
> Emerging-sigs mailing list<br>
> <a href="mailto:Emerging-sigs@lists.emergingthreats.net">Emerging-sigs@lists.emergingthreats.net</a><br>
> <a href="https://lists.emergingthreats.net/mailman/listinfo/emerging-sigs" \
rel="noreferrer" target="_blank">https://lists.emergingthreats.net/mailman/listinfo/emerging-sigs</a><br>
><br>
> Support Emerging Threats! Subscribe to Emerging Threats Pro<br>
> <a href="http://www.emergingthreats.net" rel="noreferrer" \
target="_blank">http://www.emergingthreats.net</a><br> ><br>
><br>
><br>
> _______________________________________________<br>
> Emerging-sigs mailing list<br>
> <a href="mailto:Emerging-sigs@lists.emergingthreats.net">Emerging-sigs@lists.emergingthreats.net</a><br>
> <a href="https://lists.emergingthreats.net/mailman/listinfo/emerging-sigs" \
rel="noreferrer" target="_blank">https://lists.emergingthreats.net/mailman/listinfo/emerging-sigs</a><br>
><br>
> Support Emerging Threats! Subscribe to Emerging Threats Pro<br>
> <a href="http://www.emergingthreats.net" rel="noreferrer" \
target="_blank">http://www.emergingthreats.net</a><br> ><br>
><br>
><br>
-------------- next part --------------<br>
An HTML attachment was scrubbed...<br>
URL: <<a href="http://lists.emergingthreats.net/pipermail/emerging-sigs/attachments/20150615/38f506b9/attachment.html" \
rel="noreferrer" target="_blank">http://lists.emergingthreats.net/pipermail/emerging-sigs/attachments/20150615/38f506b9/attachment.html</a>><br>
<br>
------------------------------<br>
<br>
_______________________________________________<br>
Emerging-sigs mailing list<br>
<a href="mailto:Emerging-sigs@lists.emergingthreats.net">Emerging-sigs@lists.emergingthreats.net</a><br>
<a href="https://lists.emergingthreats.net/mailman/listinfo/emerging-sigs" \
rel="noreferrer" target="_blank">https://lists.emergingthreats.net/mailman/listinfo/emerging-sigs</a><br>
<br>
<br>
End of Emerging-sigs Digest, Vol 91, Issue 26<br>
*********************************************<br>
</blockquote></div><br><br clear="all"><div><br></div>-- <br><div \
class="gmail_signature"><div dir="ltr"><div>Thanks & Regards<br></div>Abhinav \
singh<br></div></div> </div></div></div>
_______________________________________________
Emerging-sigs mailing list
Emerging-sigs@lists.emergingthreats.net
https://lists.emergingthreats.net/mailman/listinfo/emerging-sigs
Support Emerging Threats! Subscribe to Emerging Threats Pro http://www.emergingthreats.net
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic