Documents

The following setup guides have been contributed by members of the Snort Community for your use. Comments and questions on these documents should be submitted directly to the author by clicking on their names below.


Latest rule documents - Search
1-50504
This event is generated when there is a Ruby on Rails Active Storage deserialization remote code execution attempt.
1-50501
This event is generated when an Win.Malware.Coinminer variant forms an outbound connection with its CnC to provide the details of the victim computer.
1-50500
This event is generated when an Osx.Trojan.Agent is detected on the network making an outbound connection.
1-50499
This event is generated when an Osx.Trojan.Agent is detected on the network making an outbound connection.
1-50498
This event is generated when an Win.Trojan.Agent is detected on the network making an outbound connection.
1-50424
This event is generated when Buran ransomware makes an outbound connection to its C2 server.