Home/Network IDS rules
IDS / IPS

Network IDS rules

57 rules · linked to T1082 · Snort / Suricata signatures
Network intrusion-detection signatures from open rulesets (ET Open, Snort Community, abuse.ch). These match malicious traffic patterns on the wire. Expand a rule to view its source link.

Rules

7 shown of 57
et-open web-application-attack
ET WEB_SPECIFIC_APPS N-able N-central Session ID Disclosure
sid 2065914 format suricata
et-open pup-activity
ET ADWARE_PUP Activity Monitoring/Keylogger Software Domain in DNS Lookup (refog .com)
sid 2068334 format suricata
et-open pup-activity
ET ADWARE_PUP Activity Monitoring/Keylogger Software Domain in DNS Lookup (mipko .ru)
sid 2068335 format suricata
et-open pup-activity
ET ADWARE_PUP Observed Activity Monitoring/Keylogger Domain (refog .com in TLS SNI)
sid 2068336 format suricata
et-open pup-activity
ET ADWARE_PUP Observed Activity Monitoring/Keylogger Domain (mipko .ru in TLS SNI)
sid 2068337 format suricata
et-open trojan-activity
ET MALWARE Atemu EDR Data Exfiltration Attempt
sid 2068891 format suricata
et-open trojan-activity
ET MALWARE Atemu Systeminfo Data Exfiltration Attempt
sid 2068892 format suricata
Showing 51-57 of 57
Prev 2 Next
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh  ·  Open-source threat intelligence platform  ·  100+ authoritative sources  ·  Every fact traces to its origin