Home/Network IDS rules
IDS / IPS

Network IDS rules

4,992 rules · linked to T1568 · Snort / Suricata signatures
Network intrusion-detection signatures from open rulesets (ET Open, Snort Community, abuse.ch). These match malicious traffic patterns on the wire. Expand a rule to view its source link.

Rules

50 shown of 4,992
et-open bad-unknown
ET INFO DYNAMIC_DNS HTTP Request to a *.dyndns-*.com domain
sid 2013096 format suricata
et-open bad-unknown
ET INFO DYNAMIC_DNS HTTP Request to a *.dyndns.* domain
sid 2013097 format suricata
et-open bad-unknown
ET INFO DYNAMIC_DNS HTTP Request to a 3322.net Domain *.3322.org
sid 2013213 format suricata
et-open bad-unknown
ET INFO DYNAMIC_DNS HTTP Request to a 3322.net Domain *.8866.org
sid 2013220 format suricata
et-open bad-unknown
ET INFO DYNAMIC_DNS Query to a Suspicious no-ip Domain
sid 2013743 format suricata
et-open bad-unknown
ET INFO DYNAMIC_DNS HTTP Request to a no-ip Domain
sid 2013744 format suricata
et-open bad-unknown
ET INFO DYNAMIC_DNS Query to a Suspicious *.myftp.biz Domain
sid 2013823 format suricata
et-open bad-unknown
ET INFO DYNAMIC_DNS HTTP Request to a *.myftp .biz Domain
sid 2013824 format suricata
et-open bad-unknown
ET INFO DYNAMIC_DNS Query to a Suspicious *.ez-dns.com Domain
sid 2013845 format suricata
et-open bad-unknown
ET INFO DYNAMIC_DNS HTTP Request to a *.ez-dns.com Domain
sid 2013846 format suricata
et-open bad-unknown
ET INFO DYNAMIC_DNS Query to a Suspicious *.dyndns-web.com Domain
sid 2013863 format suricata
et-open bad-unknown
ET INFO DYNAMIC_DNS HTTP Request to a *.dyndns-web.com Domain
sid 2013864 format suricata
et-open bad-unknown
ET INFO DYNAMIC_DNS Query to a *.3d-game.com Domain
sid 2014478 format suricata
et-open bad-unknown
ET INFO DYNAMIC_DNS HTTP Request to a *.3d-game.com Domain
sid 2014479 format suricata
et-open bad-unknown
ET INFO DYNAMIC_DNS Query to a *.4irc.com Domain
sid 2014480 format suricata
et-open bad-unknown
ET INFO DYNAMIC_DNS HTTP Request to a *.4irc.com Domain
sid 2014481 format suricata
et-open bad-unknown
ET INFO DYNAMIC_DNS Query to a *.b0ne.com Domain
sid 2014482 format suricata
et-open bad-unknown
ET INFO DYNAMIC_DNS HTTP Request to a *.b0ne.com Domain
sid 2014483 format suricata
et-open bad-unknown
ET INFO DYNAMIC_DNS Query to a *.bbsindex.com Domain
sid 2014484 format suricata
et-open bad-unknown
ET INFO DYNAMIC_DNS HTTP Request to a *.bbsindex.com Domain
sid 2014485 format suricata
et-open bad-unknown
ET INFO DYNAMIC_DNS Query to a *.chatnook.com Domain
sid 2014486 format suricata
et-open bad-unknown
ET INFO DYNAMIC_DNS HTTP Request to a *.chatnook.com Domain
sid 2014487 format suricata
et-open bad-unknown
ET INFO DYNAMIC_DNS Query to a *.darktech.org Domain
sid 2014488 format suricata
et-open bad-unknown
ET INFO DYNAMIC_DNS HTTP Request to a *.darktech.org Domain
sid 2014489 format suricata
et-open bad-unknown
ET INFO DYNAMIC_DNS Query to a *.deaftone.com Domain
sid 2014490 format suricata
et-open bad-unknown
ET INFO DYNAMIC_DNS HTTP Request to a *.deaftone.com Domain
sid 2014491 format suricata
et-open bad-unknown
ET INFO DYNAMIC_DNS Query to a *.dtdns.net Domain
sid 2014492 format suricata
et-open bad-unknown
ET INFO DYNAMIC_DNS HTTP Request to a *.dtdns.net Domain
sid 2014493 format suricata
et-open bad-unknown
ET INFO DYNAMIC_DNS Query to a *.effers.com Domain
sid 2014494 format suricata
et-open bad-unknown
ET INFO DYNAMIC_DNS HTTP Request to a *.effers.com Domain
sid 2014495 format suricata
et-open bad-unknown
ET INFO DYNAMIC_DNS Query to a *.etowns.net Domain
sid 2014496 format suricata
et-open bad-unknown
ET INFO DYNAMIC_DNS HTTP Request to a *.etowns.net Domain
sid 2014497 format suricata
et-open bad-unknown
ET INFO DYNAMIC_DNS Query to a *.etowns.org Domain
sid 2014498 format suricata
et-open bad-unknown
ET INFO DYNAMIC_DNS HTTP Request to a *.etowns.org Domain
sid 2014499 format suricata
et-open bad-unknown
ET INFO DYNAMIC_DNS HTTP Request to a *.flnet.org Domain
sid 2014501 format suricata
et-open bad-unknown
ET INFO DYNAMIC_DNS Query to a *.gotgeeks.com Domain
sid 2014502 format suricata
et-open bad-unknown
ET INFO DYNAMIC_DNS HTTP Request to a *.gotgeeks.com Domain
sid 2014503 format suricata
et-open bad-unknown
ET INFO DYNAMIC_DNS Query to a *.scieron.com Domain
sid 2014504 format suricata
et-open bad-unknown
ET INFO DYNAMIC_DNS HTTP Request to a *.scieron.com Domain
sid 2014505 format suricata
et-open bad-unknown
ET INFO DYNAMIC_DNS Query to a *.slyip.com Domain
sid 2014506 format suricata
et-open bad-unknown
ET INFO DYNAMIC_DNS HTTP Request to a *.slyip.com Domain
sid 2014507 format suricata
et-open bad-unknown
ET INFO DYNAMIC_DNS Query to a *.suroot.com Domain
sid 2014510 format suricata
et-open bad-unknown
ET INFO DYNAMIC_DNS HTTP Request to a *.suroot.com Domain
sid 2014511 format suricata
et-open bad-unknown
ET INFO DYNAMIC_DNS HTTP Request to a 3322.net Domain *.2288.org
sid 2014787 format suricata
et-open bad-unknown
ET INFO DYNAMIC_DNS HTTP Request to a 3322.net Domain *.3322.net
sid 2014788 format suricata
et-open bad-unknown
ET INFO DYNAMIC_DNS HTTP Request to a 3322.net Domain *.6600.org
sid 2014789 format suricata
et-open bad-unknown
ET INFO DYNAMIC_DNS HTTP Request to a 3322.net Domain *.7766.org
sid 2014790 format suricata
et-open bad-unknown
ET INFO DYNAMIC_DNS HTTP Request to a 3322.net Domain *.8800.org
sid 2014791 format suricata
et-open bad-unknown
ET INFO DYNAMIC_DNS HTTP Request to a 3322.net Domain *.9966.org
sid 2014792 format suricata
et-open bad-unknown
ET INFO DYNAMIC_DNS HTTP Request to a dns-stuff.com Domain *.dns-stuff.com
sid 2014867 format suricata
Showing 1-50 of 4,992
Prev 1 Next
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh  ·  Open-source threat intelligence platform  ·  100+ authoritative sources  ·  Every fact traces to its origin