Documents

The following setup guides have been contributed by members of the Snort Community for your use. Comments and questions on these documents should be submitted directly to the author by clicking on their names below.


Latest rule documents - Search
1-56966
This rule triggers if an HTTP request is detected being sent to a cnc server from a Win.Trojan.IceId variant.
1-56965
This rule alerts when an attempt to download an executable matching ClamAV signature Win.Malware.Kovter-9822841-0 is detected
1-56964
This rule alerts when an attempt to download an executable matching ClamAV signature Win.Malware.Kovter-9822841-0 is detected
1-56952
This rule alerts when an attempt to download an executable matching ClamAV signature Win.Packed.Medfos-9822521-0 is detected
1-56951
This rule alerts when an attempt to download an executable matching ClamAV signature Win.Packed.Medfos-9822521-0 is detected
1-56949
This rule alerts when an attempt to download an executable matching ClamAV signature Win.Malware.Stantinko-9822477-0 is detected