Documents

The following setup guides have been contributed by members of the Snort Community for your use. Comments and questions on these documents should be submitted directly to the author by clicking on their names below.


Latest rule documents - Search
1:66807
This rule looks for specially crafted SMB traffic intended to exploit an elevation of privilege vulnerability in Windows SMB.
1:66806
This rule looks for bytes known to be specific to files that are intended to exploit an elevation of privilege vulnerability in the Microsoft Windows operating system.
1:66805
This rule looks for bytes known to be specific to files that are intended to exploit an elevation of privilege vulnerability in the Microsoft Windows operating system.
1:66804
This rule looks for bytes known to be specific to files that are intended to exploit an elevation of privilege vulnerability in the Microsoft Windows operating system.
1:66803
This rule looks for bytes known to be specific to files that are intended to exploit an elevation of privilege vulnerability in the Microsoft Windows operating system.
1:66802
This rule looks for HTTP requests being sent to the Windows Admin Center that could indicate potential attempts to exploit a vulnerability that allows for arbitrary command execution.