Home/Network IDS rules
IDS / IPS

Network IDS rules

52,377 rules · Snort / Suricata signatures
Network intrusion-detection signatures from open rulesets (ET Open, Snort Community, abuse.ch). These match malicious traffic patterns on the wire. Expand a rule to view its source link.

Rules

50 shown of 52,377
et-open web-application-attack
ET WEB_SPECIFIC_APPS PHPNuke general SQL injection attempt
sid 2001202 format suricata
et-open attempted-recon
ET SCAN Potential SSH Scan
sid 2001219 format suricata
et-open pup-activity
ET ADWARE_PUP Regnow.com Access
sid 2001223 format suricata
et-open not-suspicious
ET POLICY Cisco Device in Config Mode
sid 2001239 format suricata
et-open not-suspicious
ET POLICY Cisco Device New Config Built
sid 2001240 format suricata
et-open policy-violation
ET CHAT Yahoo IM voicechat
sid 2001254 format suricata
et-open policy-violation
ET CHAT Yahoo IM file transfer request
sid 2001259 format suricata
et-open successful-admin
ET POLICY Dameware Remote Control Service Install
sid 2001294 format suricata
et-open policy-violation
ET P2P eDonkey Server Status Request
sid 2001298 format suricata
et-open pup-activity
ET ADWARE_PUP Gator/Clarian Agent
sid 2001306 format suricata
et-open pup-activity
ET ADWARE_PUP Webhancer Data Upload
sid 2001317 format suricata
et-open pup-activity
ET ADWARE_PUP Websearch.com Spyware
sid 2001325 format suricata
et-open misc-activity
ET INFO RDP - Response To External Host
sid 2001330 format suricata
et-open pup-activity
ET ADWARE_PUP Ezula Install .exe
sid 2001334 format suricata
et-open pup-activity
ET ADWARE_PUP BInet Information Upload
sid 2001339 format suricata
et-open pup-activity
ET ADWARE_PUP ISearchTech.com XXXPornToolbar Activity (2)
sid 2001395 format suricata
et-open pup-activity
ET ADWARE_PUP E2give Related Downloading Code
sid 2001418 format suricata
et-open policy-violation
ET CHAT Yahoo IM Unavailable Status
sid 2001427 format suricata
et-open pup-activity
ET ADWARE_PUP MediaTickets Download
sid 2001448 format suricata
et-open pup-activity
ET ADWARE_PUP Xpire.info Spyware Install Reporting
sid 2001472 format suricata
et-open pup-activity
ET ADWARE_PUP Searchmeup Spyware Install (prog)
sid 2001474 format suricata
et-open pup-activity
ET ADWARE_PUP Searchmeup Spyware Receiving Commands
sid 2001475 format suricata
et-open pup-activity
ET ADWARE_PUP Searchmeup Spyware Install (systime)
sid 2001480 format suricata
et-open pup-activity
ET ADWARE_PUP Searchmeup Spyware Install (mstask)
sid 2001483 format suricata
et-open pup-activity
ET ADWARE_PUP Tibsystems Spyware Download
sid 2001488 format suricata
et-open pup-activity
ET ADWARE_PUP ISearchTech.com XXXPornToolbar Activity (IST)
sid 2001493 format suricata
et-open pup-activity
ET ADWARE_PUP Clickspring.net Spyware Reporting Successful Install
sid 2001494 format suricata
et-open pup-activity
ET ADWARE_PUP Outerinfo.com Spyware Advertising Campaign Download
sid 2001496 format suricata
et-open pup-activity
ET ADWARE_PUP Outerinfo.com Spyware Activity
sid 2001497 format suricata
et-open pup-activity
ET ADWARE_PUP Internet Optimizer Activity User-Agent (IOKernel)
sid 2001498 format suricata
et-open pup-activity
ET ADWARE_PUP Look2me Spyware Activity (1)
sid 2001499 format suricata
et-open pup-activity
ET ADWARE_PUP Clickspring.net Spyware Reporting
sid 2001500 format suricata
et-open pup-activity
ET ADWARE_PUP Searchmiracle.com Spyware Installer silent.exe Download
sid 2001533 format suricata
et-open pup-activity
ET ADWARE_PUP Searchmiracle.com Spyware Install (silent_install)
sid 2001534 format suricata
et-open pup-activity
ET ADWARE_PUP Searchmiracle.com Spyware Install (protector.exe)
sid 2001535 format suricata
et-open misc-activity
ET EXPLOIT NTDump Session Established Reg-Entry port 445
sid 2001543 format suricata
et-open misc-activity
ET EXPLOIT NTDump.exe Service Started port 445
sid 2001544 format suricata
et-open policy-violation
ET ADWARE_PUP Suspected PUP/PUA User-Agent (OSSProxy)
sid 2001562 format suricata
et-open policy-violation
ET ADWARE_PUP PUP/PUA OSSProxy HTTP Header
sid 2001564 format suricata
et-open pup-activity
ET ADWARE_PUP BInet Information Install Report
sid 2001576 format suricata
et-open misc-activity
ET SCAN Behavioral Unusual Port 137 traffic Potential Scan or Infection
sid 2001580 format suricata
et-open misc-activity
ET SCAN Behavioral Unusual Port 135 traffic Potential Scan or Infection
sid 2001581 format suricata
et-open misc-activity
ET SCAN Behavioral Unusual Port 1434 traffic Potential Scan or Infection
sid 2001582 format suricata
et-open misc-activity
ET SCAN Behavioral Unusual Port 1433 traffic Potential Scan or Infection
sid 2001583 format suricata
et-open policy-violation
ET CHAT Skype VOIP Checking Version (Startup)
sid 2001595 format suricata
et-open policy-violation
ET POLICY Netop Remote Control Usage
sid 2001597 format suricata
et-open trojan-activity
ET ATTACK_RESPONSE Zone-H.org defacement notification
sid 2001616 format suricata
et-open web-application-attack
ET ACTIVEX winhlp32 ActiveX control attack - phase 1
sid 2001622 format suricata
et-open web-application-attack
ET ACTIVEX winhlp32 ActiveX control attack - phase 2
sid 2001623 format suricata
et-open web-application-attack
ET ACTIVEX winhlp32 ActiveX control attack - phase 3
sid 2001624 format suricata
Showing 51-100 of 52,377
Prev 2 Next
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh  ·  Open-source threat intelligence platform  ·  100+ authoritative sources  ·  Every fact traces to its origin