Documents

The following setup guides have been contributed by members of the Snort Community for your use. Comments and questions on these documents should be submitted directly to the author by clicking on their names below.


Latest rule documents - Search
1-57550
This rule looks for HTTP traffic that contains two Accept-Encoding header fields.
1-57549
This rule looks for HTTP traffic that contains two Accept-Encoding header fields.
1-57548
This rule detects an attempted remote code execution attack against vulnerable versions of Microsoft Sharepoint by looking for malicious data sent to the server.
1-57545
This rule detects the attempted download of a malicious file that exploits vulnerability in the Microsoft Windows Win32k kernel driver leading to privilege escalation by looking for specific data used in the malicious file.
1-57544
This rule detects the attempted download of a malicious file that exploits vulnerability in the Microsoft Windows Win32k kernel driver leading to privilege escalation by looking for specific data used in the malicious file.
1-57543
This rule alerts when an attacker attempts to exploit a memory corruption vulnerability in Microsoft Edge's Scripting Engine.