Group Name
FS_AFS
FTP_DIRNAME
FTP_FORMATSTRING
FTP_GENERAL
FTP_LOGIN
FTP_OVERFLOW
GAME_BOMBERCLONE
GAME_GENERAL
GAME_UNREAL
HTTP_APACHE
HTTP_BADBLUE
HTTP_CGI
HTTP_CISCO
HTTP_GENERAL
HTTP_MICROSOFTIIS
HTTP_OVERFLOWS
HTTP_TOMCAT
ICMP_GENERAL
IGMP_GENERAL
IMAP_GENERAL
IM_AOL
IM_GENERAL
IM_MSN
IM_YAHOO
IP_GENERAL
IP_OVERFLOW
IRC_GENERAL
LDAP_GENERAL
LDAP_OPENLDAP
LICENSE_CA-LICENSE
LICENSE_GENERAL
MALWARE_GENERAL
METASPLOIT_FRAME
METASPLOIT_GENERAL
MISC_GENERAL
MSDTC_GENERAL
MSHELP_GENERAL
NETWARE_GENERAL
NFS_FORMAT
NFS_GENERAL
NNTP_GENERAL
OS_SPECIFIC-AIX
OS_SPECIFIC-GENERAL
OS_SPECIFIC-HPUX
OS_SPECIFIC-LINUX
OS_SPECIFIC-SCO
OS_SPECIFIC-SOLARIS
OS_SPECIFIC-WINDOWS
Intrusion Type
Andrew File System
Directory name attack
Format string attack
FTP protocol and implementation
Login attacks
FTP buffer overflow
Bomberclone game
Generic game servers/clients
UnReal Game server
Apache httpd
Badblue web server
HTTP CGI
Cisco Embedded Web Server
General HTTP activities
HTTP Attacks specific to MS IIS web server
Buffer overflow for HTTP servers
Tomcat JSP
ICMP protocol and implementation
IGMP
IMAP protocol/implementation
AOL IM
Instant Messenger implementations
MSN Messenger
Yahoo Messenger
IP protocol and implementation
Overflow of IP protocol/implementation
Internet Relay Chat
General LDAP clients/servers
Open LDAP
License management for CA software
General License Manager
Malware attack
Metasploit frame attack
Metasploit general attack
General attack
MS DTC
Microsoft Windows Help
NetWare Core Protocol
Format
NFS protocol/implementation
NNTP implementation/protocol
AIX specific
OS general
HP-UX related
Linux specific
SCO specific
Solaris specific
Windows specific
885
Appendix B: IDP Signature Groups