Talos has added and modified multiple rules in the blacklist, browser-firefox, browser-plugins, exploit-kit, file-flash, file-image, file-multimedia, file-office, file-other, indicator-obfuscation, malware-cnc, pua-adware and server-webapp rule sets to provide coverage for emerging threats from these technologies.
For information about Snort Subscriber Rulesets available for purchase, please visit the Snort product page.
This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 2962.
The format of the file is:
gid:sid <-> Default rule state <-> Message (rule group)
* 1:34130 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Banload variant outbound connection (malware-cnc.rules) * 1:34129 <-> ENABLED <-> BLACKLIST DNS request for known malware domain jamel100pirar.com.br - Win.Trojan.Banload (blacklist.rules) * 1:34128 <-> ENABLED <-> MALWARE-CNC Win.Trojan.WIntruder outbound connection attempt (malware-cnc.rules) * 1:34127 <-> DISABLED <-> PUA-ADWARE Vitruvian outbound connection (pua-adware.rules) * 1:34135 <-> DISABLED <-> FILE-IMAGE Microsoft Kodak Imaging small offset malformed tiff - little-endian (file-image.rules) * 1:34123 <-> ENABLED <-> SERVER-WEBAPP PHP php_date.c DateTimeZone data user after free attempt (server-webapp.rules) * 1:34124 <-> ENABLED <-> SERVER-WEBAPP PHP php_date.c DateTimeZone data user after free attempt (server-webapp.rules) * 1:34125 <-> DISABLED <-> PUA-ADWARE User-Agent Vitruvian (pua-adware.rules) * 1:34121 <-> DISABLED <-> PUA-ADWARE InstallMetrix reporting binary installation stage status (pua-adware.rules) * 1:34119 <-> DISABLED <-> PUA-ADWARE InstallMetrix precheck stage outbound connection (pua-adware.rules) * 1:34118 <-> DISABLED <-> INDICATOR-OBFUSCATION known malicious javascript packer detected (indicator-obfuscation.rules) * 1:34122 <-> DISABLED <-> PUA-ADWARE InstallMetrix reporting fetch offers stage status (pua-adware.rules) * 1:34126 <-> DISABLED <-> PUA-ADWARE Vitruvian outbound connection (pua-adware.rules) * 1:34104 <-> DISABLED <-> SERVER-WEBAPP Novell ZENworks Configuration Management directory traversal attempt (server-webapp.rules) * 1:34105 <-> DISABLED <-> SERVER-WEBAPP Novell ZENworks Configuration Management directory traversal attempt (server-webapp.rules) * 1:34106 <-> DISABLED <-> SERVER-WEBAPP Novell ZENworks Configuration Management directory traversal attempt (server-webapp.rules) * 1:34107 <-> ENABLED <-> BLACKLIST DNS request for known malware domain ahoforaje.ru - Win.Trojan.Scarsi (blacklist.rules) * 1:34108 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Scarsi variant outbound connection (malware-cnc.rules) * 1:34109 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox proxy prototype privileged javascript execution attempt (browser-firefox.rules) * 1:34110 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox proxy prototype privileged javascript execution attempt (browser-firefox.rules) * 1:34111 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Chrozil variant outbound connection (malware-cnc.rules) * 1:34112 <-> DISABLED <-> SERVER-OTHER NTP mode 6 REQ_NONCE denial of service attempt (server-other.rules) * 1:34113 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Agent beacon reply attempt (malware-cnc.rules) * 1:34114 <-> DISABLED <-> SERVER-OTHER NTP mode 6 UNSETTRAP denial of service attempt (server-other.rules) * 1:34115 <-> ENABLED <-> MALWARE-CNC MacOS.Trojan.Wirelurker variant outbound connection attempt (malware-cnc.rules) * 1:34116 <-> ENABLED <-> MALWARE-CNC MacOS.Trojan.Wirelurker variant outbound connection attempt (malware-cnc.rules) * 1:34117 <-> ENABLED <-> MALWARE-CNC Win.Backdoor.Zupdax variant outbound connection attempt (malware-cnc.rules) * 1:34131 <-> DISABLED <-> FILE-OFFICE RTF file with embedded OLE object (file-office.rules) * 1:34132 <-> ENABLED <-> MALWARE-CNC Win.Backdoor.Erotimpact variant outbound connection attempt (malware-cnc.rules) * 1:34133 <-> ENABLED <-> FILE-IMAGE Adobe Flash Player element array stack overflow attempt (file-image.rules) * 1:34134 <-> ENABLED <-> FILE-IMAGE Adobe Flash Player element array stack overflow attempt (file-image.rules) * 1:34120 <-> DISABLED <-> PUA-ADWARE InstallMetrix fetch offers stage outbound connection (pua-adware.rules) * 1:34136 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Banload variant MSSQL response (malware-cnc.rules)
* 1:31332 <-> ENABLED <-> EXPLOIT-KIT Angler exploit kit outbound URL structure (exploit-kit.rules) * 1:23561 <-> DISABLED <-> FILE-IMAGE Microsoft Kodak Imaging large offset malformed tiff - big-endian (file-image.rules) * 1:17232 <-> DISABLED <-> FILE-IMAGE Microsoft Kodak Imaging large offset malformed tiff - big-endian (file-image.rules) * 1:29105 <-> DISABLED <-> SERVER-WEBAPP ManageEngine DesktopCentral agentLogUploader servlet directory traversal attempt (server-webapp.rules) * 1:21340 <-> ENABLED <-> FILE-MULTIMEDIA Adobe Flash Player MP4 zero length atom titl field attempt (file-multimedia.rules) * 1:28509 <-> DISABLED <-> FILE-OTHER Microsoft Wordpad embedded BMP overflow attempt (file-other.rules) * 1:31408 <-> ENABLED <-> BROWSER-PLUGINS Adobe Reader 11 messageHandler ActiveX access attempt (browser-plugins.rules) * 1:31407 <-> ENABLED <-> BROWSER-PLUGINS Adobe Reader 11 messageHandler ActiveX access attempt (browser-plugins.rules) * 1:31409 <-> ENABLED <-> BROWSER-PLUGINS Adobe Reader 11 messageHandler ActiveX access attempt (browser-plugins.rules) * 1:31410 <-> ENABLED <-> BROWSER-PLUGINS Adobe Reader 11 messageHandler ActiveX access attempt (browser-plugins.rules) * 1:32817 <-> DISABLED <-> FILE-FLASH Adobe Flash Player corrupt MP4 video denial of service attempt (file-flash.rules) * 1:31701 <-> ENABLED <-> EXPLOIT-KIT Hanjuan exploit kit Silverlight exploit request (exploit-kit.rules) * 1:32818 <-> DISABLED <-> FILE-FLASH Adobe Flash Player corrupt MP4 video denial of service attempt (file-flash.rules) * 1:33100 <-> DISABLED <-> BROWSER-PLUGINS PTC IsoView ActiveX clsid access attempt (browser-plugins.rules) * 1:33101 <-> DISABLED <-> BROWSER-PLUGINS PTC IsoView ActiveX clsid access attempt (browser-plugins.rules) * 1:33103 <-> DISABLED <-> BROWSER-PLUGINS PTC IsoView ActiveX clsid access attempt (browser-plugins.rules) * 1:33102 <-> DISABLED <-> BROWSER-PLUGINS PTC IsoView ActiveX clsid access attempt (browser-plugins.rules) * 1:33166 <-> ENABLED <-> SERVER-OTHER IBM Tivoli Endpoint Manager Mobile Device Management remote code execution attempt (server-other.rules) * 1:33167 <-> ENABLED <-> SERVER-OTHER IBM Tivoli Endpoint Manager Mobile Device Management remote code execution attempt (server-other.rules) * 1:33168 <-> ENABLED <-> SERVER-OTHER IBM Tivoli Endpoint Manager Mobile Device Management remote code execution attempt (server-other.rules) * 1:33169 <-> ENABLED <-> SERVER-OTHER IBM Tivoli Endpoint Manager Mobile Device Management remote code execution attempt (server-other.rules) * 1:18685 <-> DISABLED <-> FILE-OFFICE RTF file with embedded OLE object (file-office.rules)
This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 2970.
The format of the file is:
gid:sid <-> Default rule state <-> Message (rule group)
* 1:34124 <-> ENABLED <-> SERVER-WEBAPP PHP php_date.c DateTimeZone data user after free attempt (server-webapp.rules) * 1:34125 <-> DISABLED <-> PUA-ADWARE User-Agent Vitruvian (pua-adware.rules) * 1:34119 <-> DISABLED <-> PUA-ADWARE InstallMetrix precheck stage outbound connection (pua-adware.rules) * 1:34121 <-> DISABLED <-> PUA-ADWARE InstallMetrix reporting binary installation stage status (pua-adware.rules) * 1:34118 <-> DISABLED <-> INDICATOR-OBFUSCATION known malicious javascript packer detected (indicator-obfuscation.rules) * 1:34122 <-> DISABLED <-> PUA-ADWARE InstallMetrix reporting fetch offers stage status (pua-adware.rules) * 1:34123 <-> ENABLED <-> SERVER-WEBAPP PHP php_date.c DateTimeZone data user after free attempt (server-webapp.rules) * 1:34126 <-> DISABLED <-> PUA-ADWARE Vitruvian outbound connection (pua-adware.rules) * 1:34127 <-> DISABLED <-> PUA-ADWARE Vitruvian outbound connection (pua-adware.rules) * 1:34104 <-> DISABLED <-> SERVER-WEBAPP Novell ZENworks Configuration Management directory traversal attempt (server-webapp.rules) * 1:34105 <-> DISABLED <-> SERVER-WEBAPP Novell ZENworks Configuration Management directory traversal attempt (server-webapp.rules) * 1:34106 <-> DISABLED <-> SERVER-WEBAPP Novell ZENworks Configuration Management directory traversal attempt (server-webapp.rules) * 1:34107 <-> ENABLED <-> BLACKLIST DNS request for known malware domain ahoforaje.ru - Win.Trojan.Scarsi (blacklist.rules) * 1:34128 <-> ENABLED <-> MALWARE-CNC Win.Trojan.WIntruder outbound connection attempt (malware-cnc.rules) * 1:34108 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Scarsi variant outbound connection (malware-cnc.rules) * 1:34109 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox proxy prototype privileged javascript execution attempt (browser-firefox.rules) * 1:34110 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox proxy prototype privileged javascript execution attempt (browser-firefox.rules) * 1:34129 <-> ENABLED <-> BLACKLIST DNS request for known malware domain jamel100pirar.com.br - Win.Trojan.Banload (blacklist.rules) * 1:34111 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Chrozil variant outbound connection (malware-cnc.rules) * 1:34112 <-> DISABLED <-> SERVER-OTHER NTP mode 6 REQ_NONCE denial of service attempt (server-other.rules) * 1:34113 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Agent beacon reply attempt (malware-cnc.rules) * 1:34114 <-> DISABLED <-> SERVER-OTHER NTP mode 6 UNSETTRAP denial of service attempt (server-other.rules) * 1:34130 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Banload variant outbound connection (malware-cnc.rules) * 1:34115 <-> ENABLED <-> MALWARE-CNC MacOS.Trojan.Wirelurker variant outbound connection attempt (malware-cnc.rules) * 1:34116 <-> ENABLED <-> MALWARE-CNC MacOS.Trojan.Wirelurker variant outbound connection attempt (malware-cnc.rules) * 1:34117 <-> ENABLED <-> MALWARE-CNC Win.Backdoor.Zupdax variant outbound connection attempt (malware-cnc.rules) * 1:34131 <-> DISABLED <-> FILE-OFFICE RTF file with embedded OLE object (file-office.rules) * 1:34132 <-> ENABLED <-> MALWARE-CNC Win.Backdoor.Erotimpact variant outbound connection attempt (malware-cnc.rules) * 1:34133 <-> ENABLED <-> FILE-IMAGE Adobe Flash Player element array stack overflow attempt (file-image.rules) * 1:34134 <-> ENABLED <-> FILE-IMAGE Adobe Flash Player element array stack overflow attempt (file-image.rules) * 1:34120 <-> DISABLED <-> PUA-ADWARE InstallMetrix fetch offers stage outbound connection (pua-adware.rules) * 1:34136 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Banload variant MSSQL response (malware-cnc.rules) * 1:34135 <-> DISABLED <-> FILE-IMAGE Microsoft Kodak Imaging small offset malformed tiff - little-endian (file-image.rules)
* 1:17232 <-> DISABLED <-> FILE-IMAGE Microsoft Kodak Imaging large offset malformed tiff - big-endian (file-image.rules) * 1:18685 <-> DISABLED <-> FILE-OFFICE RTF file with embedded OLE object (file-office.rules) * 1:23561 <-> DISABLED <-> FILE-IMAGE Microsoft Kodak Imaging large offset malformed tiff - big-endian (file-image.rules) * 1:21340 <-> ENABLED <-> FILE-MULTIMEDIA Adobe Flash Player MP4 zero length atom titl field attempt (file-multimedia.rules) * 1:28509 <-> DISABLED <-> FILE-OTHER Microsoft Wordpad embedded BMP overflow attempt (file-other.rules) * 1:29105 <-> DISABLED <-> SERVER-WEBAPP ManageEngine DesktopCentral agentLogUploader servlet directory traversal attempt (server-webapp.rules) * 1:31332 <-> ENABLED <-> EXPLOIT-KIT Angler exploit kit outbound URL structure (exploit-kit.rules) * 1:31408 <-> ENABLED <-> BROWSER-PLUGINS Adobe Reader 11 messageHandler ActiveX access attempt (browser-plugins.rules) * 1:31407 <-> ENABLED <-> BROWSER-PLUGINS Adobe Reader 11 messageHandler ActiveX access attempt (browser-plugins.rules) * 1:31409 <-> ENABLED <-> BROWSER-PLUGINS Adobe Reader 11 messageHandler ActiveX access attempt (browser-plugins.rules) * 1:31410 <-> ENABLED <-> BROWSER-PLUGINS Adobe Reader 11 messageHandler ActiveX access attempt (browser-plugins.rules) * 1:32817 <-> DISABLED <-> FILE-FLASH Adobe Flash Player corrupt MP4 video denial of service attempt (file-flash.rules) * 1:31701 <-> ENABLED <-> EXPLOIT-KIT Hanjuan exploit kit Silverlight exploit request (exploit-kit.rules) * 1:32818 <-> DISABLED <-> FILE-FLASH Adobe Flash Player corrupt MP4 video denial of service attempt (file-flash.rules) * 1:33100 <-> DISABLED <-> BROWSER-PLUGINS PTC IsoView ActiveX clsid access attempt (browser-plugins.rules) * 1:33101 <-> DISABLED <-> BROWSER-PLUGINS PTC IsoView ActiveX clsid access attempt (browser-plugins.rules) * 1:33103 <-> DISABLED <-> BROWSER-PLUGINS PTC IsoView ActiveX clsid access attempt (browser-plugins.rules) * 1:33102 <-> DISABLED <-> BROWSER-PLUGINS PTC IsoView ActiveX clsid access attempt (browser-plugins.rules) * 1:33166 <-> ENABLED <-> SERVER-OTHER IBM Tivoli Endpoint Manager Mobile Device Management remote code execution attempt (server-other.rules) * 1:33167 <-> ENABLED <-> SERVER-OTHER IBM Tivoli Endpoint Manager Mobile Device Management remote code execution attempt (server-other.rules) * 1:33168 <-> ENABLED <-> SERVER-OTHER IBM Tivoli Endpoint Manager Mobile Device Management remote code execution attempt (server-other.rules) * 1:33169 <-> ENABLED <-> SERVER-OTHER IBM Tivoli Endpoint Manager Mobile Device Management remote code execution attempt (server-other.rules)
This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 2972.
The format of the file is:
gid:sid <-> Default rule state <-> Message (rule group)
* 1:34136 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Banload variant MSSQL response (malware-cnc.rules) * 1:34135 <-> DISABLED <-> FILE-IMAGE Microsoft Kodak Imaging small offset malformed tiff - little-endian (file-image.rules) * 1:34134 <-> ENABLED <-> FILE-IMAGE Adobe Flash Player element array stack overflow attempt (file-image.rules) * 1:34133 <-> ENABLED <-> FILE-IMAGE Adobe Flash Player element array stack overflow attempt (file-image.rules) * 1:34132 <-> ENABLED <-> MALWARE-CNC Win.Backdoor.Erotimpact variant outbound connection attempt (malware-cnc.rules) * 1:34131 <-> DISABLED <-> FILE-OFFICE RTF file with embedded OLE object (file-office.rules) * 1:34130 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Banload variant outbound connection (malware-cnc.rules) * 1:34129 <-> ENABLED <-> BLACKLIST DNS request for known malware domain jamel100pirar.com.br - Win.Trojan.Banload (blacklist.rules) * 1:34128 <-> ENABLED <-> MALWARE-CNC Win.Trojan.WIntruder outbound connection attempt (malware-cnc.rules) * 1:34127 <-> DISABLED <-> PUA-ADWARE Vitruvian outbound connection (pua-adware.rules) * 1:34126 <-> DISABLED <-> PUA-ADWARE Vitruvian outbound connection (pua-adware.rules) * 1:34125 <-> DISABLED <-> PUA-ADWARE User-Agent Vitruvian (pua-adware.rules) * 1:34124 <-> ENABLED <-> SERVER-WEBAPP PHP php_date.c DateTimeZone data user after free attempt (server-webapp.rules) * 1:34123 <-> ENABLED <-> SERVER-WEBAPP PHP php_date.c DateTimeZone data user after free attempt (server-webapp.rules) * 1:34122 <-> DISABLED <-> PUA-ADWARE InstallMetrix reporting fetch offers stage status (pua-adware.rules) * 1:34121 <-> DISABLED <-> PUA-ADWARE InstallMetrix reporting binary installation stage status (pua-adware.rules) * 1:34120 <-> DISABLED <-> PUA-ADWARE InstallMetrix fetch offers stage outbound connection (pua-adware.rules) * 1:34119 <-> DISABLED <-> PUA-ADWARE InstallMetrix precheck stage outbound connection (pua-adware.rules) * 1:34118 <-> DISABLED <-> INDICATOR-OBFUSCATION known malicious javascript packer detected (indicator-obfuscation.rules) * 1:34117 <-> ENABLED <-> MALWARE-CNC Win.Backdoor.Zupdax variant outbound connection attempt (malware-cnc.rules) * 1:34116 <-> ENABLED <-> MALWARE-CNC MacOS.Trojan.Wirelurker variant outbound connection attempt (malware-cnc.rules) * 1:34115 <-> ENABLED <-> MALWARE-CNC MacOS.Trojan.Wirelurker variant outbound connection attempt (malware-cnc.rules) * 1:34114 <-> DISABLED <-> SERVER-OTHER NTP mode 6 UNSETTRAP denial of service attempt (server-other.rules) * 1:34113 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Agent beacon reply attempt (malware-cnc.rules) * 1:34112 <-> DISABLED <-> SERVER-OTHER NTP mode 6 REQ_NONCE denial of service attempt (server-other.rules) * 1:34111 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Chrozil variant outbound connection (malware-cnc.rules) * 1:34110 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox proxy prototype privileged javascript execution attempt (browser-firefox.rules) * 1:34109 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox proxy prototype privileged javascript execution attempt (browser-firefox.rules) * 1:34108 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Scarsi variant outbound connection (malware-cnc.rules) * 1:34107 <-> ENABLED <-> BLACKLIST DNS request for known malware domain ahoforaje.ru - Win.Trojan.Scarsi (blacklist.rules) * 1:34106 <-> DISABLED <-> SERVER-WEBAPP Novell ZENworks Configuration Management directory traversal attempt (server-webapp.rules) * 1:34105 <-> DISABLED <-> SERVER-WEBAPP Novell ZENworks Configuration Management directory traversal attempt (server-webapp.rules) * 1:34104 <-> DISABLED <-> SERVER-WEBAPP Novell ZENworks Configuration Management directory traversal attempt (server-webapp.rules)
* 1:17232 <-> DISABLED <-> FILE-IMAGE Microsoft Kodak Imaging large offset malformed tiff - big-endian (file-image.rules) * 1:18685 <-> DISABLED <-> FILE-OFFICE RTF file with embedded OLE object (file-office.rules) * 1:21340 <-> ENABLED <-> FILE-MULTIMEDIA Adobe Flash Player MP4 zero length atom titl field attempt (file-multimedia.rules) * 1:23561 <-> DISABLED <-> FILE-IMAGE Microsoft Kodak Imaging large offset malformed tiff - big-endian (file-image.rules) * 1:28509 <-> DISABLED <-> FILE-OTHER Microsoft Wordpad embedded BMP overflow attempt (file-other.rules) * 1:29105 <-> DISABLED <-> SERVER-WEBAPP ManageEngine DesktopCentral agentLogUploader servlet directory traversal attempt (server-webapp.rules) * 1:31332 <-> ENABLED <-> EXPLOIT-KIT Angler exploit kit outbound URL structure (exploit-kit.rules) * 1:31407 <-> ENABLED <-> BROWSER-PLUGINS Adobe Reader 11 messageHandler ActiveX access attempt (browser-plugins.rules) * 1:31408 <-> ENABLED <-> BROWSER-PLUGINS Adobe Reader 11 messageHandler ActiveX access attempt (browser-plugins.rules) * 1:31409 <-> ENABLED <-> BROWSER-PLUGINS Adobe Reader 11 messageHandler ActiveX access attempt (browser-plugins.rules) * 1:31410 <-> ENABLED <-> BROWSER-PLUGINS Adobe Reader 11 messageHandler ActiveX access attempt (browser-plugins.rules) * 1:31701 <-> ENABLED <-> EXPLOIT-KIT Hanjuan exploit kit Silverlight exploit request (exploit-kit.rules) * 1:32817 <-> DISABLED <-> FILE-FLASH Adobe Flash Player corrupt MP4 video denial of service attempt (file-flash.rules) * 1:32818 <-> DISABLED <-> FILE-FLASH Adobe Flash Player corrupt MP4 video denial of service attempt (file-flash.rules) * 1:33100 <-> DISABLED <-> BROWSER-PLUGINS PTC IsoView ActiveX clsid access attempt (browser-plugins.rules) * 1:33101 <-> DISABLED <-> BROWSER-PLUGINS PTC IsoView ActiveX clsid access attempt (browser-plugins.rules) * 1:33102 <-> DISABLED <-> BROWSER-PLUGINS PTC IsoView ActiveX clsid access attempt (browser-plugins.rules) * 1:33103 <-> DISABLED <-> BROWSER-PLUGINS PTC IsoView ActiveX clsid access attempt (browser-plugins.rules) * 1:33166 <-> ENABLED <-> SERVER-OTHER IBM Tivoli Endpoint Manager Mobile Device Management remote code execution attempt (server-other.rules) * 1:33167 <-> ENABLED <-> SERVER-OTHER IBM Tivoli Endpoint Manager Mobile Device Management remote code execution attempt (server-other.rules) * 1:33168 <-> ENABLED <-> SERVER-OTHER IBM Tivoli Endpoint Manager Mobile Device Management remote code execution attempt (server-other.rules) * 1:33169 <-> ENABLED <-> SERVER-OTHER IBM Tivoli Endpoint Manager Mobile Device Management remote code execution attempt (server-other.rules)
©2024 Cisco and/or its affiliates. Snort, the Snort and Pig logo are registered trademarks of Cisco. All rights reserved.
