Documents

The following setup guides have been contributed by members of the Snort Community for your use. Comments and questions on these documents should be submitted directly to the author by clicking on their names below.


Latest rule documents - Search
1:63518
This rule alerts on botnet CNC traffic from Win.Trojan.CarnavalHeist. The indicated endpoint is likely infected.
1:63517
This rule alerts on staged payload downloads from Win.Trojan.CarnavalHeist. The indicated endpoint is likely infected.
1:63516
This rule alerts on staged payload downloads from Win.Trojan.CarnavalHeist. The indicated endpoint is likely infected.
1:63515
This rule alerts on staged payload downloads from Win.Trojan.CarnavalHeist. The indicated endpoint is likely infected.
1:63514
This rule looks for content in a malicious InkLoader executable
1:63513
This rule looks for content in a malicious InkLoader executable