Documents

The following setup guides have been contributed by members of the Snort Community for your use. Comments and questions on these documents should be submitted directly to the author by clicking on their names below.


Latest rule documents - Search
1:62794
This rule looks a WDDX packet that loads specific Java classes to achieve an arbitrary file write.
1:62793
This rule looks a WDDX packet that loads specific Java classes to achieve an arbitrary file write.
1:62027
This rule looks for malicious base64-encoded deserialization remote code execution attempts sent to SharePoint Server.
1:62026
This rule looks for malicious base64-encoded deserialization remote code execution attempts sent to SharePoint Server.
1:62009
This rule looks for command injection metacharacters sent to the LB-Link BL Routers in the request parameters.
1:51101
This event is generated when a file containing a LibreOffice macro remote code execution attempt is detected. Impact: Attempted User Privilege Gain Details: Ease of Attack: