Home/Network IDS rules
IDS / IPS

Network IDS rules

7 rules · linked to T1590 · Snort / Suricata signatures
Network intrusion-detection signatures from open rulesets (ET Open, Snort Community, abuse.ch). These match malicious traffic patterns on the wire. Expand a rule to view its source link.

Rules

7 shown of 7
et-open web-application-activity
ET WEB_SPECIFIC_APPS Ivanti Connect Secure Host Checker Recon (CVE-2025-0282)
sid 2059095 format suricata
et-open trojan-activity
ET HUNTING Suspicious User-Agent String Observed Inbound (Salesforce-CLI/1.0)
sid 2064295 format suricata
et-open misc-activity
ET INFO External IP Lookup Domain (get-my-ip .ddns .softether-network .net) in DNS Lookup
sid 2068194 format suricata
et-open misc-activity
ET INFO External IP Lookup Domain (get-my-ip-v6 .ddns .softether-network .net) in DNS Lookup
sid 2068195 format suricata
et-open misc-activity
ET INFO Observed External IP Lookup Domain (get-my-ip .ddns .softether-network .net in TLS SNI)
sid 2068196 format suricata
et-open misc-activity
ET INFO Observed External IP Lookup Domain (get-my-ip-v6 .ddns .softether-network .net in TLS SNI)
sid 2068197 format suricata
et-open misc-activity
ET HUNTING Detect iPhone or MacOS Device and Force Safari Usage
sid 2068402 format suricata
Showing 1-7 of 7
Prev 1 Next
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh  ·  Open-source threat intelligence platform  ·  100+ authoritative sources  ·  Every fact traces to its origin