Documents

The following setup guides have been contributed by members of the Snort Community for your use. Comments and questions on these documents should be submitted directly to the author by clicking on their names below.


Latest rule documents - Search
1-60618
This rule looks for a malicious mmap on ARM that targets an overflow.
1-60617
This rule looks for a malicious mmap on ARM that targets an overflow.
1-60616
This looks for a malicious x86 syscall that can be used to elevate privilege on Linux kernel 3 instances. This perf event syscall suffers from an incorrectly typed value that can lead to memory corruption.
1-60615
This looks for a malicious x86 syscall that can be used to elevate privilege on Linux kernel 3 instances. This perf event syscall suffers from an incorrectly typed value that can lead to memory corruption.
1-60614
This rule is triggered when a malicious actor uses methods and directories associated with exploitation of CVE-2019-0841, CVE-2019-1064, CVE-2019-1129 and / or CVE-2019-1130.
1-60613
This rule is triggered when a malicious actor uses methods and directories associated with exploitation of CVE20190841, CVE20191064, CVE20191129 and / or CVE20191130.