Documents

The following setup guides have been contributed by members of the Snort Community for your use. Comments and questions on these documents should be submitted directly to the author by clicking on their names below.


Latest rule documents - Search
1-654
Buffer overflow in Lotus Domino Mail Server 5.0.5 and earlier allows a remote attacker to crash the server or execute arbitrary code via a long "RCPT TO" command.
124-4
This event is generated when SMTP_SPECIFIC_CMD_OVERFLOW is detected by Snort's preprocessor.
1-57782
This rule detects the communication of APT41 backdoor IPsecHelper with its CnC
1-57781
This rule detects the communication of APT41 backdoor IPsecHelper with its CnC
1-57780
This rule detects the communication of APT41 backdoor IPsecHelper with its CnC
1-57773
This rule detects outbound requests to a Bazaloader CNC that may be used to exfiltrate data from an already compromised machine. Networks that that see hosts issue this request may be infected with Bazaloader malware.