[Snort-sigs] Current rules

Joel Esler jesler at ...435...
Wed Oct 31 12:03:36 EDT 2012


The official list:

app-detect.rules
attack-responses.rules
backdoor.rules
bad-traffic.rules
blacklist.rules
botnet-cnc.rules
browser-chrome.rules
browser-firefox.rules
browser-ie.rules
browser-other.rules
browser-plugins.rules
browser-webkit.rules
chat.rules
content-replace.rules
ddos.rules
deleted.rules
dns.rules
dos.rules
experimental.rules
exploit-kit.rules
exploit.rules
file-executable.rules
file-flash.rules
file-identify.rules
file-image.rules
file-multimedia.rules
file-office.rules
file-other.rules
file-pdf.rules
finger.rules
ftp.rules
icmp-info.rules
icmp.rules
imap.rules
indicator-compromise.rules
indicator-obfuscation.rules
indicator-shellcode.rules
info.rules
local.rules
malware-backdoor.rules
malware-cnc.rules
malware-other.rules
malware-tools.rules
misc.rules
multimedia.rules
mysql.rules
netbios.rules
nntp.rules
oracle.rules
os-linux.rules
os-other.rules
os-solaris.rules
os-windows.rules
other-ids.rules
p2p.rules
phishing-spam.rules
policy-multimedia.rules
policy-other.rules
policy.rules
policy-social.rules
policy-spam.rules
pop2.rules
pop3.rules
protocol-finger.rules
protocol-ftp.rules
protocol-icmp.rules
protocol-imap.rules
protocol-pop.rules
protocol-services.rules
protocol-voip.rules
pua-adware.rules
pua-other.rules
pua-p2p.rules
pua-toolbars.rules
rpc.rules
rservices.rules
scada.rules
scan.rules
server-apache.rules
server-iis.rules
server-mail.rules
server-mssql.rules
server-mysql.rules
server-oracle.rules
server-other.rules
server-webapp.rules
shellcode.rules
smtp.rules
snmp.rules
specific-threats.rules
spyware-put.rules
sql.rules
telnet.rules
tftp.rules
virus.rules
voip.rules
web-activex.rules
web-attacks.rules
web-cgi.rules
web-client.rules
web-coldfusion.rules
web-frontpage.rules
web-iis.rules
web-misc.rules
web-php.rules
x11.rules

However, some of those are now empty.

attack-responses.rules
backdoor.rules
bad-traffic.rules
botnet-cnc.rules
chat.rules
ddos.rules
finger.rules
ftp.rules
icmp.rules
imap.rules
info.rules
misc.rules
multimedia.rules
mysql.rules
oracle.rules
other-ids.rules
p2p.rules
phishing-spam.rules
policy.rules
pop2.rules
pop3.rules
rservices.rules
shellcode.rules
smtp.rules
virus.rules
voip.rules
web-activex.rules
web-attacks.rules
web-cgi.rules
web-coldfusion.rules
web-iis.rules
web-misc.rules
web-php.rules



On Wed, Oct 31, 2012 at 11:35 AM, James Lay <jlay at ...3266...>wrote:

> Team,
>
> As the recategorization takes place, I wanted to ask about the current
> list of rulesets that have rules in them.  So far this is what I have:
>
> app-detect.rules
> blacklist.rules
> botnet-cnc.rules
> browser-chrome.rules
> browser-firefox.rules
> browser-ie.rules
> browser-other.rules
> browser-plugins.rules
> browser-webkit.rules
> content-replace.rules
> deleted.rules
> dns.rules
> dos.rules
> exploit-kit.rules
> exploit.rules
> exploit.rules##
> file-executable.rules
> file-flash.rules
> file-identify.rules
> file-image.rules
> file-multimedia.rules
> file-office.rules
> file-other.rules
> file-pdf.rules
> icmp-info.rules
> indicator-compromise.rules
> indicator-obfuscation.rules
> indicator-shellcode.rules
> malware-backdoor.rules
> malware-cnc.rules
> malware-other.rules
> malware-tools.rules
> misc.rules
> netbios.rules
> nntp.rules
> os-linux.rules
> os-other.rules
> os-solaris.rules
> os-windows.rules
> policy-multimedia.rules
> policy-other.rules
> policy-social.rules
> policy-spam.rules
> protocol-finger.rules
> protocol-ftp.rules
> protocol-icmp.rules
> protocol-imap.rules
> protocol-pop.rules
> protocol-services.rules
> protocol-voip.rules
> pua-adware.rules
> pua-other.rules
> pua-p2p.rules
> pua-toolbars.rules
> rpc.rules
> scada.rules
> scan.rules
> server-apache.rules
> server-iis.rules
> server-mail.rules
> server-mssql.rules
> server-mysql.rules
> server-oracle.rules
> server-other.rules
> server-webapp.rules
> snmp.rules
> specific-threats.rules
> spyware-put.rules
> sql.rules
> telnet.rules
> tftp.rules
> web-client.rules
> web-frontpage.rules
> web-misc.rules
> x11.rules
>
> Does anyone know if this is the full list?  Am I missing anything?
> Thank you.
>
> James
>
>
> ------------------------------------------------------------------------------
> Everyone hates slow websites. So do we.
> Make your web apps faster with AppDynamics
> Download AppDynamics Lite for free today:
> http://p.sf.net/sfu/appdyn_sfd2d_oct
> _______________________________________________
> Snort-sigs mailing list
> Snort-sigs at lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/snort-sigs
> http://www.snort.org
>
>
> Please visit http://blog.snort.org for the latest news about Snort!
>



-- 
Joel Esler
Senior Research Engineer, VRT
OpenSource Community Manager
Sourcefire
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-sigs/attachments/20121031/afe3f578/attachment.html>


More information about the Snort-sigs mailing list