[Snort-users] Creating Your Own Snort Rule?

Jeremy Golden goldenjc97 at ...11827...
Tue Mar 12 12:28:19 EDT 2013

Does anyone have a good rule they've created on their own? I need to make my own rule, but I want it to be simple, yet effective.

For example, maybe a rule that alerts when an .exe file is being downloaded. Nothing too intense, but simple to understand.

Any examples would be great.


More information about the Snort-users mailing list