Documents

The following setup guides have been contributed by members of the Snort Community for your use. Comments and questions on these documents should be submitted directly to the author by clicking on their names below.


Latest rule documents - Search
1-53267
This rule alerts when an attempt to download an executable matching ClamAV signature Win.Dropper.NetWire-7594994-0 is detected
1-53264
This rule matches the static UUID and encrypted password structure used by Win.Trojan.DarkVision to authenticate at the beginning of each new TCP connection.
1-53263
This rule detects a file download for Win.Trojan.DarkVision by matching data within the executable.
1-53262
This rule detects a file download for Win.Trojan.DarkVision by matching data within the executable.
1-53261
This rule detects a file download for Win.Trojan.DarkVision by matching data within the executable.
1-53260
This rule detects a file download for Win.Trojan.DarkVision by matching data within the executable.