Snort Rules

attempted-user

attempted-admin

rpc-portmap-decode

web-application-activity

misc-activity

misc-attack

trojan-activity

protocol-command-decode

attempted-recon

attempted-dos

policy-violation

web-application-attack

bad-unknown

shellcode-detect

suspicious-filename-detect

successful-admin

successful-recon-limited

unsuccessful-user

denial-of-service

network-scan

string-detect

system-call-detect

unknown

successful-user

"INDICATOR-COMPROMISE successful cross site scripting forced download attempt"

non-standard-protocol

"SERVER-WEBAPP invalid HTTP version string"

« Previous Next »