These signatures are based on shellcode that is common ammong multiple
publicly available exploits.
Because these signatures check ALL traffic for shellcode, these signatures
are disabled by default. There is a LARGE performance hit by enabling
these signatures.