GEN:SID 1:1390
Message SHELLCODE x86 inc ebx NOOP
Summary This event is generated when an attempt is made to execute shellcode on
a host in the protected network from a source external to that network.
Impact This set of instructions can be used as a NOOP to pad buffers on an x86
architecture machines.
Detailed Information This is the x86 opcode for 'inc ebx'.  This can be used as a NOOP in an
x86 architecture, however as with all shellcode rules, this can cause
false positives.  Check to see if you are ignoring shellcode rules on
web ports, as this will reduce false positives.
Affected Systems  
Attack Scenarios An attacker can pad buffers with this opcode, in an attempt to overflow
the buffer.
Ease of Attack This is a generic rule designed to pick up this opcode in use.
Corrective Action none known
Additional References CansecWest:
http://cansecwest.com/noplist-v1-1.txt