Home/Network IDS rules
IDS / IPS

Network IDS rules

52,377 rules · Snort / Suricata signatures
Network intrusion-detection signatures from open rulesets (ET Open, Snort Community, abuse.ch). These match malicious traffic patterns on the wire. Expand a rule to view its source link.

Rules

50 shown of 52,377
et-open policy-violation
ET P2P Gnutella Connect
sid 2001664 format suricata
et-open misc-attack
ET EXPLOIT Exploit MS05-002 Malformed .ANI stack overflow attack
sid 2001668 format suricata
et-open pup-activity
ET ADWARE_PUP Webhancer Data Post
sid 2001677 format suricata
et-open pup-activity
ET ADWARE_PUP YourSiteBar User-Agent (istsvc)
sid 2001699 format suricata
et-open pup-activity
ET ADWARE_PUP Shop at Home Select Spyware User-Agent (Bundle)
sid 2001702 format suricata
et-open pup-activity
ET ADWARE_PUP Context Plus Spyware User-Agent (Apropos)
sid 2001703 format suricata
et-open pup-activity
ET ADWARE_PUP Context Plus Spyware Install
sid 2001704 format suricata
et-open pup-activity
ET ADWARE_PUP Context Plus Spyware User-Agent (Envolo)
sid 2001706 format suricata
et-open pup-activity
ET ADWARE_PUP Shop at Home Select Spyware User-Agent (SAH)
sid 2001707 format suricata
et-open pup-activity
ET ADWARE_PUP SurfSidekick Activity
sid 2001731 format suricata
et-open pup-activity
ET ADWARE_PUP UCMore Spyware User-Agent (UCmore)
sid 2001736 format suricata
et-open pup-activity
ET ADWARE_PUP Enhance My Search Spyware User-Agent (HelperH)
sid 2001746 format suricata
et-open suspicious-login
ET EXPLOIT Pwdump4 Session Established GetHash port 139
sid 2001753 format suricata
et-open suspicious-login
ET EXPLOIT Pwdump4 Session Established GetHash port 445
sid 2001754 format suricata
et-open pup-activity
ET ADWARE_PUP ABX Toolbar ActiveX Install
sid 2001761 format suricata
et-open web-application-activity
ET WEB_SERVER MSSQL Server OLEDB asp error
sid 2001768 format suricata
et-open pup-activity
ET ADWARE_PUP Media Pass ActiveX Install
sid 2001783 format suricata
et-open policy-violation
ET P2P Kazaa over UDP
sid 2001796 format suricata
et-open policy-violation
ET CHAT ICQ Status Invisible
sid 2001801 format suricata
et-open policy-violation
ET CHAT ICQ Status Change (1)
sid 2001802 format suricata
et-open policy-violation
ET CHAT ICQ Status Change (2)
sid 2001803 format suricata
et-open policy-violation
ET CHAT ICQ Login
sid 2001804 format suricata
et-open policy-violation
ET CHAT ICQ Message
sid 2001805 format suricata
et-open policy-violation
ET P2P Limewire P2P UDP Traffic
sid 2001809 format suricata
et-open misc-activity
ET WEB_CLIENT Encoded javascriptdocument.write - usually hostile
sid 2001811 format suricata
et-open pup-activity
ET ADWARE_PUP Easy Search Bar Spyware User-Agent (ESB)
sid 2001853 format suricata
et-open pup-activity
ET ADWARE_PUP EZULA Spyware User Agent
sid 2001854 format suricata
et-open pup-activity
ET ADWARE_PUP Fun Web Products Spyware User-Agent (FunWebProducts)
sid 2001855 format suricata
et-open pup-activity
ET ADWARE_PUP Hotbar Spyware User-Agent (Hotbar)
sid 2001858 format suricata
et-open pup-activity
ET ADWARE_PUP Fun Web Products Spyware User-Agent (MyWay)
sid 2001864 format suricata
et-open pup-activity
ET ADWARE_PUP MyWebSearch Spyware User-Agent (MyWebSearch)
sid 2001865 format suricata
et-open pup-activity
ET ADWARE_PUP Spyware User-Agent (sureseeker)
sid 2001868 format suricata
et-open pup-activity
ET ADWARE_PUP Spyware User-Agent (Sidesearch)
sid 2001869 format suricata
et-open pup-activity
ET ADWARE_PUP Target Saver Spyware User-Agent (TSA)
sid 2001871 format suricata
et-open pup-activity
ET ADWARE_PUP Visicom Spyware User-Agent (Visicom)
sid 2001872 format suricata
et-open pup-activity
ET ADWARE_PUP ToolbarPartner Spyware Agent Download (1)
sid 2001890 format suricata
et-open trojan-activity
ET USER_AGENTS Suspicious User Agent (agent)
sid 2001891 format suricata
et-open protocol-command-decode
ET SCAN MYSQL 4.0 brute force root login attempt
sid 2001906 format suricata
et-open network-scan
ET SCAN Behavioral Unusually fast Terminal Server Traffic Potential Scan or Infection (Inbound)
sid 2001972 format suricata
et-open pup-activity
ET ADWARE_PUP SurfSidekick Download
sid 2001992 format suricata
et-open pup-activity
ET ADWARE_PUP UCMore Spyware Reporting
sid 2001995 format suricata
et-open pup-activity
ET ADWARE_PUP UCMore Spyware User-Agent (EI)
sid 2001996 format suricata
et-open pup-activity
ET ADWARE_PUP 180solutions Spyware Keywords Download
sid 2002001 format suricata
et-open pup-activity
ET ADWARE_PUP Better Internet Spyware User-Agent (poller)
sid 2002005 format suricata
et-open pup-activity
ET ADWARE_PUP Grandstreet Interactive Spyware User-Agent (IEP)
sid 2002021 format suricata
et-open misc-activity
ET CHAT IRC USER command
sid 2002023 format suricata
et-open misc-activity
ET CHAT IRC NICK command
sid 2002024 format suricata
et-open misc-activity
ET CHAT IRC JOIN command
sid 2002025 format suricata
et-open misc-activity
ET CHAT IRC PRIVMSG command
sid 2002026 format suricata
et-open misc-activity
ET CHAT IRC PING command
sid 2002027 format suricata
Showing 101-150 of 52,377
Prev 3 Next
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh  ·  Open-source threat intelligence platform  ·  100+ authoritative sources  ·  Every fact traces to its origin