snort-sample-rules-2.9.8.3-1.fc25.noarch.rpm


Advertisement

Description

snort-sample-rules - Sample rules for snort

Distribution: Fedora 25
Repository: CERT Forensics Tools x86_64
Package name: snort-sample-rules
Package version: 2.9.8.3
Package release: 1.fc25
Package architecture: noarch
Package type: rpm
Installed size: 128 B
Download size: 24.00 KB
Official Mirror: forensics.cert.org
These are a set of sample rules for snort so that snort start up without error

Provides

  • snort-sample-rules = 2.9.8.3-1.fc25

    Install Howto

    1. Download cert-forensics-tools-release-25 rpm:
      https://forensics.cert.org/cert-forensics-tools-release-25.rpm
    2. Install cert-forensics-tools-release-25 rpm:
      # rpm -Uvh cert-forensics-tools-release*rpm
    3. Install snort-sample-rules rpm package:
      # dnf --enablerepo=forensics install snort-sample-rules

    Files

    • /etc/snort/rules/app-detect.rules
    • /etc/snort/rules/attack-responses.rules
    • /etc/snort/rules/backdoor.rules
    • /etc/snort/rules/bad-traffic.rules
    • /etc/snort/rules/black_list.rules
    • /etc/snort/rules/blacklist.rules
    • /etc/snort/rules/botnet-cnc.rules
    • /etc/snort/rules/browser-chrome.rules
    • /etc/snort/rules/browser-firefox.rules
    • /etc/snort/rules/browser-ie.rules
    • /etc/snort/rules/browser-other.rules
    • /etc/snort/rules/browser-plugins.rules
    • /etc/snort/rules/browser-webkit.rules
    • /etc/snort/rules/chat.rules
    • /etc/snort/rules/content-replace.rules
    • /etc/snort/rules/ddos.rules
    • /etc/snort/rules/dns.rules
    • /etc/snort/rules/dos.rules
    • /etc/snort/rules/experimental.rules
    • /etc/snort/rules/exploit-kit.rules
    • /etc/snort/rules/exploit.rules
    • /etc/snort/rules/file-executable.rules
    • /etc/snort/rules/file-flash.rules
    • /etc/snort/rules/file-identify.rules
    • /etc/snort/rules/file-image.rules
    • /etc/snort/rules/file-multimedia.rules
    • /etc/snort/rules/file-office.rules
    • /etc/snort/rules/file-other.rules
    • /etc/snort/rules/file-pdf.rules
    • /etc/snort/rules/finger.rules
    • /etc/snort/rules/ftp.rules
    • /etc/snort/rules/icmp-info.rules
    • /etc/snort/rules/icmp.rules
    • /etc/snort/rules/imap.rules
    • /etc/snort/rules/indicator-compromise.rules
    • /etc/snort/rules/indicator-obfuscation.rules
    • /etc/snort/rules/indicator-shellcode.rules
    • /etc/snort/rules/info.rules
    • /etc/snort/rules/local.rules
    • /etc/snort/rules/malware-backdoor.rules
    • /etc/snort/rules/malware-cnc.rules
    • /etc/snort/rules/malware-other.rules
    • /etc/snort/rules/malware-tools.rules
    • /etc/snort/rules/misc.rules
    • /etc/snort/rules/multimedia.rules
    • /etc/snort/rules/mysql.rules
    • /etc/snort/rules/netbios.rules
    • /etc/snort/rules/nntp.rules
    • /etc/snort/rules/oracle.rules
    • /etc/snort/rules/os-linux.rules
    • /etc/snort/rules/os-other.rules
    • /etc/snort/rules/os-solaris.rules
    • /etc/snort/rules/os-windows.rules
    • /etc/snort/rules/other-ids.rules
    • /etc/snort/rules/p2p.rules
    • /etc/snort/rules/phishing-spam.rules
    • /etc/snort/rules/policy-multimedia.rules
    • /etc/snort/rules/policy-other.rules
    • /etc/snort/rules/policy-social.rules
    • /etc/snort/rules/policy-spam.rules
    • /etc/snort/rules/policy.rules
    • /etc/snort/rules/pop2.rules
    • /etc/snort/rules/pop3.rules
    • /etc/snort/rules/protocol-finger.rules
    • /etc/snort/rules/protocol-ftp.rules
    • /etc/snort/rules/protocol-icmp.rules
    • /etc/snort/rules/protocol-imap.rules
    • /etc/snort/rules/protocol-pop.rules
    • /etc/snort/rules/protocol-services.rules
    • /etc/snort/rules/protocol-voip.rules
    • /etc/snort/rules/pua-adware.rules
    • /etc/snort/rules/pua-other.rules
    • /etc/snort/rules/pua-p2p.rules
    • /etc/snort/rules/pua-toolbars.rules
    • /etc/snort/rules/rpc.rules
    • /etc/snort/rules/rservices.rules
    • /etc/snort/rules/scada.rules
    • /etc/snort/rules/scan.rules
    • /etc/snort/rules/server-apache.rules
    • /etc/snort/rules/server-iis.rules
    • /etc/snort/rules/server-mail.rules
    • /etc/snort/rules/server-mssql.rules
    • /etc/snort/rules/server-mysql.rules
    • /etc/snort/rules/server-oracle.rules
    • /etc/snort/rules/server-other.rules
    • /etc/snort/rules/server-webapp.rules
    • /etc/snort/rules/shellcode.rules
    • /etc/snort/rules/smtp.rules
    • /etc/snort/rules/snmp.rules
    • /etc/snort/rules/specific-threats.rules
    • /etc/snort/rules/spyware-put.rules
    • /etc/snort/rules/sql.rules
    • /etc/snort/rules/telnet.rules
    • /etc/snort/rules/tftp.rules
    • /etc/snort/rules/virus.rules
    • /etc/snort/rules/voip.rules
    • /etc/snort/rules/web-activex.rules
    • /etc/snort/rules/web-attacks.rules
    • /etc/snort/rules/web-cgi.rules
    • /etc/snort/rules/web-client.rules
    • /etc/snort/rules/web-coldfusion.rules
    • /etc/snort/rules/web-frontpage.rules
    • /etc/snort/rules/web-iis.rules
    • /etc/snort/rules/web-misc.rules
    • /etc/snort/rules/web-php.rules
    • /etc/snort/rules/white_list.rules
    • /etc/snort/rules/x11.rules

    Changelog

    2016-07-04 - Lawrence R. Rogers <lrr@cert.org> 2.9.8.3-1 * Release 2.9.8.3-1 Version update and created all rules in the current version of snort.conf.

    2015-12-01 - Lawrence R. Rogers <lrr@cert.org> 2.9.8.0-1 * Release 2.9.8.0-1 Version update and created all rules in the current version of snort.conf.

    2015-10-02 - Lawrence R. Rogers <lrr@cert.org> 2.9.7.6-1 * Release 2.9.7.6-1 Just an update to stay in sync with snort version.

    2015-08-03 - Lawrence R. Rogers <lrr@cert.org> 2.9.7.5-1 * Release 2.9.7.5-1 Just an update to stay in sync with snort version.

    2015-06-29 - Lawrence R. Rogers <lrr@cert.org> 2.9.7.3-1 * Release 2.9.7.3-1 Just an update to stay in sync with snort version.

    2014-12-24 - Lawrence R. Rogers <lrr@cert.org> 2.9.7.2-1 * Release 2.9.7.2-1 Just an update to stay in sync with snort version.

    2014-10-24 - Lawrence R. Rogers <lrr@cert.org> 2.9.7.0-1 * Release 2.9.7.0-1 Just an update to stay in sync with snort version.

    2014-07-21 - Lawrence R. Rogers <lrr@cert.org> 2.9.6.2-1 * Release 2.9.6.2-1 Just an update to stay in sync with snort version.

    2014-05-13 - Lawrence R. Rogers <lrr@cert.org> 2.9.6.1-1 * Release 2.9.6.1-1 Just an update to stay in sync with snort version.

    2014-01-31 - Lawrence R. Rogers <lrr@cert.org> 2.9.6.0-1 * Release 2.9.6.0-1 Just an update to stay in sync with snort version.

    Advertisement
    Advertisement