Home/Network IDS rules
IDS / IPS

Network IDS rules

127 rules · linked to T1614 · Snort / Suricata signatures
Network intrusion-detection signatures from open rulesets (ET Open, Snort Community, abuse.ch). These match malicious traffic patterns on the wire. Expand a rule to view its source link.

Rules

50 shown of 127
et-open external-ip-check
ET POLICY External IP Lookup
sid 2014292 format suricata
et-open external-ip-check
ET POLICY External IP Lookup Attempt To Wipmania
sid 2014304 format suricata
et-open external-ip-check
ET POLICY External IP Lookup / Tor Checker Domain (bridges.torproject .org in DNS lookup)
sid 2017925 format suricata
et-open external-ip-check
ET POLICY External IP Lookup / Tor Checker Domain (check.torproject .org in DNS lookup)
sid 2017926 format suricata
et-open external-ip-check
ET POLICY External IP Lookup
sid 2019126 format suricata
et-open external-ip-check
ET POLICY External IP Lookup maxmind.com
sid 2019140 format suricata
et-open external-ip-check
ET POLICY External IP Lookup ipinfo.io
sid 2020716 format suricata
et-open external-ip-check
ET POLICY External IP Lookup - Bravica
sid 2020830 format suricata
et-open external-ip-check
ET POLICY External IP Lookup - ip-whois
sid 2020831 format suricata
et-open external-ip-check
ET MALWARE Kriptovor External IP Lookup checkip.dyndns.org
sid 2020886 format suricata
et-open external-ip-check
ET POLICY External IP Lookup - ip2location.com
sid 2021162 format suricata
et-open external-ip-check
ET POLICY Possible External IP Lookup whoer.net
sid 2021195 format suricata
et-open external-ip-check
ET POLICY Possible External IP Lookup ip.webmasterhome.cn
sid 2021250 format suricata
et-open external-ip-check
ET POLICY Possible External IP Lookup www.whatsmyip.us
sid 2021371 format suricata
et-open external-ip-check
ET POLICY External IP Lookup - checkip.dyndns.org
sid 2021378 format suricata
et-open external-ip-check
ET POLICY External IP Lookup sina.com.cn
sid 2021438 format suricata
et-open external-ip-check
ET POLICY Possible External IP Lookup myip.kz
sid 2021533 format suricata
et-open external-ip-check
ET POLICY External IP Lookup trackip.net
sid 2021550 format suricata
et-open external-ip-check
ET POLICY External IP Lookup - www.ip.cn
sid 2021600 format suricata
et-open external-ip-check
ET POLICY External IP Lookup api.ipify.org
sid 2021997 format suricata
et-open external-ip-check
ET POLICY External IP Lookup ip-api.com
sid 2022082 format suricata
et-open external-ip-check
ET POLICY External IP Lookup ip2nation.com
sid 2022222 format suricata
et-open external-ip-check
ET POLICY External IP Lookup - ipecho.net
sid 2022351 format suricata
et-open external-ip-check
ET POLICY External IP Lookup - ip.tyk.nu
sid 2022368 format suricata
et-open external-ip-check
ET POLICY External IP Lookup - meuip.net.br
sid 2022405 format suricata
et-open external-ip-check
ET POLICY External IP Lookup ip-score.com
sid 2022892 format suricata
et-open external-ip-check
ET MALWARE Possible Emissary External IP Lookup
sid 2023470 format suricata
et-open external-ip-check
ET POLICY External IP Lookup Domain (myip .opendns .com in DNS lookup)
sid 2023472 format suricata
et-open external-ip-check
ET POLICY External IP Lookup (tinytools.nu)
sid 2023520 format suricata
et-open external-ip-check
ET POLICY External IP Lookup Domain (ipapi .co in DNS lookup)
sid 2024527 format suricata
et-open external-ip-check
ET POLICY External IP Lookup Domain (curlmyip .net in DNS lookup)
sid 2025154 format suricata
et-open external-ip-check
ET POLICY External IP Lookup SSL Cert Observed (ipinfo .io)
sid 2025330 format suricata
et-open external-ip-check
ET POLICY Possible External IP Lookup Domain Observed in SNI (ipinfo. io)
sid 2025331 format suricata
et-open external-ip-check
ET POLICY External IP Lookup Domain (up .jkc8 .com)
sid 2026216 format suricata
et-open external-ip-check
ET POLICY External IP Lookup Domain (ifconfig .me)
sid 2026718 format suricata
et-open external-ip-check
ET HUNTING Observed Suspicious SSL Cert (External IP Lookup - ident .me)
sid 2026743 format suricata
et-open external-ip-check
ET POLICY Observed External IP Lookup SSL Cert
sid 2026882 format suricata
et-open external-ip-check
ET POLICY Known External IP Lookup Service Domain in SNI
sid 2026896 format suricata
et-open external-ip-check
ET POLICY External IP Lookup - iplocation .truevue .org
sid 2027372 format suricata
et-open external-ip-check
ET POLICY Observed DNS Query to External IP Lookup Domain ( iplocation .truevue .org)
sid 2027373 format suricata
et-open external-ip-check
ET POLICY External IP Lookup Request
sid 2027430 format suricata
et-open external-ip-check
ET POLICY External IP Lookup (extreme-ip-lookup .com)
sid 2027765 format suricata
et-open external-ip-check
ET POLICY External IP Lookup (www .net .cn)
sid 2027786 format suricata
et-open external-ip-check
ET POLICY External IP Lookup getip.pw
sid 2027860 format suricata
et-open external-ip-check
ET POLICY External IP Lookup (api .ipaddress .com)
sid 2027905 format suricata
et-open external-ip-check
ET POLICY Observed External IP Lookup Domain (ipconfig .cf in TLS SNI)
sid 2027919 format suricata
et-open external-ip-check
ET POLICY External IP Lookup - free .ipwhois .io
sid 2029185 format suricata
et-open external-ip-check
ET POLICY External IP Lookup (whois .pconline .com .cn)
sid 2029243 format suricata
et-open policy-violation
ET POLICY External IP Lookup (avast .com)
sid 2029575 format suricata
et-open policy-violation
ET POLICY External IP Lookup (ipify .org)
sid 2029622 format suricata
Showing 1-50 of 127
Prev 1 Next
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh  ·  Open-source threat intelligence platform  ·  100+ authoritative sources  ·  Every fact traces to its origin