Documents

The following setup guides have been contributed by members of the Snort Community for your use. Comments and questions on these documents should be submitted directly to the author by clicking on their names below.


Latest rule documents - Search
1-57253
This rule is looking for post-authentication file write attempts using the Microsoft Exchange server Set-OabVirtualDirectory commands.
1-57252
This rule is looking for post-authentication file write attempts using the Microsoft Exchange server Set-OabVirtualDirectory commands.
1-57251
This rule detects a request that leak a cert file which results in a CSRF token to be generated. The CSRF token then can be used to escalate privileges to an administrative account
1-57248
This rule is looking for a tell-tale string that identifies a malicious Windows binary as ColdChristmas ransomware.
1-57247
This rule is looking for a tell-tale string that identifies a malicious Windows binary as ColdChristmas ransomware.
1-57246
This rule detects an arbitrary file write attempt against vulnerable versions of Microsoft Exchange Server by looking for specific information supplied to a vulnerable cookie parameter.