Location:
Search - snort rules
Search list
Description: 这是个在linux下非常经典的代码,snort最新的规则,在使用snort的时候必须要加载的
Platform: |
Size: 112052 |
Author: 张明 |
Hits:
Description: IPv4和IPv6下发任意包的程序,针对snort规则发的包。-IPv4 and IPv6 packets under the arbitrary procedures, rules against snort fat packages.
Platform: |
Size: 197632 |
Author: chengjr |
Hits:
Description: snort入侵检测规则文件2.4
Snort是众所周知的网络入侵检测工具,轻型的IDS工具,拥有高效率和良好的可扩展性-snort rules
Platform: |
Size: 789504 |
Author: chen |
Hits:
Description: 分析了数据包调用检测函数匹配规则节点的平均次数计算函数,并用该函数对Snort系统规则树进行了优化,减少了数据包过滤匹配次数,极大提高了入侵检测效率-Analysis of packet matching rules called detection function of the average number of nodes the calculation function, and the system function of the Snort rules tree is optimized to reduce the number of packets matching filter, which greatly improved the efficiency of intrusion detection
Platform: |
Size: 122880 |
Author: TTstone |
Hits:
Description: 很好的学习入侵检测系统的电子文档,讲得好详细。-Good learning intrusion detection system of electronic documents, speak good detail.
Platform: |
Size: 1033216 |
Author: mixixiang |
Hits:
Description: snort 规则文件,2000多条入侵检测和防御相关规则,针对十几类攻击-snort rule
Platform: |
Size: 77824 |
Author: kasuo |
Hits:
Description: 本文首先系统分析了 snort 规则的组成,详细的介绍了各个部分的含义,这对于开发出新的入侵检测系统,建立自己的攻击规则库有很大的帮助。针对系统所需的适应性和自治性,在详细剖析 snort 规则同时,着重研究基于 CVE 入侵检测系统的规则库的实现,底层嗅探器的实现和嗅探过程等问题。在规则特征选项的模式匹配问题上进行重点说明,给出了一种改进的检测方法,即结合使用协议分析进行模式匹配,从试验数据上大大提高了效率,减少了误报率。同时,本系统所基于的 CVE 知识库,跟踪国际上 CVE 的最新发展动态,制订了国内统一的 CVE 标准,具有极大丰富的知识库,有效的解决了国内漏洞库不统一的问题.-The author also describes the architecture and functions and the design and the implement of the software. Intrusion detection system (IDS) is very important for network security. At present, the author systematically analyzes the composition and semantics of Snort rules, which may be of great help for creating signature database, then the paper studies the flexibility and self-controllability in the CVE-based Intrusion Detection System, emphasizes not only on analysis of the snort rules, but on the
realization of intrusion detecting based on CVE rules and the implement of the sniffer. Especially, this paper covers the intrusion signature matching methods, and analyzes the weakness when only uses pattern matching in intrusion analysis and presents an improved approach that combines protocol analysis and pattern matching, to dectect attacks. At the same time it gives an example to show how to use this approach. The experimental results show that the rules surely reduce the rate of misd
Platform: |
Size: 478208 |
Author: 陈中 |
Hits:
Description: snort的一个比较新的规则库,包含了最基础的一些规则。-snort of a relatively new rule base, contains some of the most basic rules.
Platform: |
Size: 476160 |
Author: LY |
Hits:
Description: 1. 具有嗅探功能。
2. 能够对数据包进行过滤
3. 能够分析数据包,甚至能够对系统日志进行检测和分析。
4. 设定检测的规则,可以参考snort的规则。
5. 可以根据用户自己设置的规则进行报警、记录、甚至响应。
6. 能够生成入侵检测系统的日志,记录各种检测到的事件。
-1. With sniffer functionality. 2. Capable of packet filtering 3. Be able to analyze the data packets, and can even log on the system testing and analysis. 4. To set detection rules can refer to the snort rules. 5. Can the rules set by user' s own alarm, record, or even to respond to. 6. Be able to generate intrusion detection system log to record all detected events.
Platform: |
Size: 3720192 |
Author: 江尘封 |
Hits:
Description: 1. 具有嗅探功能。
2. 能够对数据包进行过滤
3. 能够分析数据包,甚至能够对系统日志进行检测和分析。
4. 设定检测的规则,可以参考snort的规则。
-1. With sniffer functionality. 2. Capable of packet filtering 3. Be able to analyze the data packets, and can even log on the system testing and analysis. 4. To set detection rules can refer to the snort rules.
Platform: |
Size: 3621888 |
Author: 江尘封 |
Hits:
Description: snort有三种工作模式:嗅探器、数据包记录器、网络入侵检测系统。嗅探器模式仅仅是从网络上读取数据包并作为连续不断的流显示在终端上。数据包记录器模式把数据包记录到硬盘上。网路入侵检测模式是最复杂的,而且是可配置的。我们可以让snort分析网络数据流以匹配用户定义的一些规则,并根据检测结果采取一定的动作。-snort There are three operating modes: sniffer, packet logger, and network intrusion detection system. Sniffer mode simply reads the data packets from the network and as a continuous stream displayed in the terminal. Packet logger mode of the data packets recorded on the hard disk. Network intrusion detection mode is the most complex, and is configurable. We can snort analysis of network data stream to match the user-defined rules and, based on test results to take certain action.
Platform: |
Size: 30720 |
Author: chen |
Hits:
Description: 附件是开源入侵检测系统Snort的规则库, 已经经过本人测试, 可以用-The attachment is the rules of Snort. It has been test successfully.
Platform: |
Size: 669696 |
Author: 张仲景 |
Hits:
Description: 从本质上说,Snort是网络数据包嗅探器。只要运行Snort时不加载规则,就可以把网络中的数据包显示出来。但是Snort的真正价值在于把数据包经过规则处理的过程。Snort灵活的和强大的语言能对网络中的所有数据包作充分的分析,决定如何处理任何特殊的数据包。Snort可以选择的方式有忽略、记录或告警管理员。Snort有很多种记录或告警的方法,例如,syslog、写入文件、写入XML格式文件、发送WinPopup消息等。当有了新的攻击手段时,只要简单加入新的规则就可以升级Snort。
-In essence, Snort is a network packet sniffer. As long as the rules do not load when running Snort, you can put the network packet is displayed. However, Snort' s real value lies in the data packet through the rules of the process. Snort flexible and powerful language able to network all packets for a full analysis, to decide how to deal with any special data packet. The forms of Snort can choose to ignore, recording, or alarm administrator. There are many records of Snort or alarm, for example, syslog, write documents, write XML format, so send WinPopup messages. With the new means of attack when the time, simply by adding new rules can upgrade Snort.
Platform: |
Size: 5405696 |
Author: betty |
Hits:
Description: This the snapshot of Snort Rules-This is the snapshot of Snort Rules
Platform: |
Size: 20065280 |
Author: hai an |
Hits:
Description: Snort有三种工作模式:嗅探器、数据包记录器、网络入侵检测系统。嗅探器模式仅仅是从网络上读取数据包并作为连续不断的流显示在终端上。数据包记录器模式把数据包记录到硬盘上。网路入侵检测模式是最复杂的,而且是可配置的。我们可以让snort分析网络数据流以匹配用户定义的一些规则,并根据检测结果采取一定的动作。-Snort has three operating modes: sniffer, packet logger, network intrusion detection system. Sniffer mode simply reads the packets from the network as a continuous stream and displayed on the terminal. Packet logger mode, the data packet recorded on the hard disk. Network intrusion detection mode is the most complex, and is configurable. We can snort analyze network data stream to match some user-defined rules, based on test results to take some action.
Platform: |
Size: 5728256 |
Author: 林建光 |
Hits:
Description: Gui For Managing Snort Rules with PHP
Platform: |
Size: 3072 |
Author: mosazhien |
Hits:
Description: snort 规则 用于windows和linux平台的snort过滤规则,可以抓取和分析数据包-snort snort rule filtering rules for windows and linux platforms can crawl and analyze packets
Platform: |
Size: 216064 |
Author: whoz |
Hits:
Description: snort规则合集,可以用来设置snort选项,可以实现入侵检测的预警以及防御,进而提高系统的安全性-snort rules collection can be used to set snort options, you can achieve intrusion detection and early warning defense, thus improving system security
Platform: |
Size: 163840 |
Author: Stefan1111 |
Hits:
Description: snort规则源文件,包括最新木马规则,以及dns规则,黑ip规则-snort rules source files, including the latest Trojan rules, and dns rule, black ip rule
Platform: |
Size: 265216 |
Author: lipeiting |
Hits:
Description: snort安装必备包 community-rules.tar.gz(Snort installation prerequisite package community-rules.tar.gz)
Platform: |
Size: 330752 |
Author: kid1998 |
Hits: