IDS / IPS
Network IDS rules
3,578 rules · Snort / Suricata signatures
Network intrusion-detection signatures from open rulesets (ET Open, Snort Community, abuse.ch). These match malicious traffic patterns on the wire. A rule name links to its upstream reference where the ruleset publishes one; rules without a public reference show as plain text.
◈
Rules
50 shown of 3,578
et-open
command-and-control
ET MALWARE Tibs Checkin
et-open
command-and-control
ET MALWARE W32.Downloader Tibs.jy Reporting to C&C (2)
et-open
command-and-control
ET MALWARE Downloader.VB.TX/Backdoor.Win32.DSSdoor!IK Checkin
et-open
command-and-control
ET MALWARE Dialer-715 Install Checkin
et-open
command-and-control
ET MALWARE Bot Backdoor Checkin/registration Request
et-open
command-and-control
ET MALWARE General Downloader Checkin URL (GUID+)
et-open
command-and-control
ET MALWARE Hupigon URL Infection Checkin Detected
et-open
command-and-control
ET MALWARE Lop.gfr/Swizzor HTTP Update/Checkin
et-open
command-and-control
ET MALWARE Densmail.com Related Trojan Checkin
et-open
command-and-control
ET MALWARE Illusion Bot (Lussilon) Checkin
et-open
command-and-control
ET MALWARE Downloader General Bot Checking In via HTTP Post (bot_id push)
et-open
command-and-control
ET MALWARE Theoreon.com Related Trojan Checkin
et-open
command-and-control
ET MALWARE Downloader General Bot Checking In - Possible Win32.Small.htz related
et-open
command-and-control
ET MALWARE Bzub2 Related RPC/Http Checkin
et-open
command-and-control
ET MALWARE LDPinch Checkin (3)
et-open
command-and-control
ET MALWARE Banload HTTP Checkin
et-open
command-and-control
ET MALWARE Dialer.MC(vf) HTTP Request - Checkin
et-open
command-and-control
ET MALWARE Backdoor.Win32.VB.brg C&C Checkin
et-open
command-and-control
ET MALWARE Banker Trojan (General) HTTP Checkin (vit)
et-open
command-and-control
ET MALWARE Win32.Agent.cyt (Or variant) HTTP POST Checkin
et-open
command-and-control
ET MALWARE Turkojan C&C Initial Checkin (ams)
et-open
command-and-control
ET MALWARE Turkojan C&C Info Command (MINFO)
et-open
command-and-control
ET MALWARE Turkojan C&C Info Command Response (MINFO)
et-open
command-and-control
ET MALWARE Turkojan C&C Logs Parse Command (LOGS1)
et-open
command-and-control
ET MALWARE Turkojan C&C Keepalive (BAGLANTI)
et-open
command-and-control
ET MALWARE Turkojan C&C Browse Drive Command (BROWSC)
et-open
command-and-control
ET MALWARE Turkojan C&C nxt Command (nxt)
et-open
command-and-control
ET MALWARE Delf Checkin via HTTP (5)
et-open
command-and-control
ET MALWARE Yahoo550.com Related Downloader/Trojan Checkin
et-open
command-and-control
ET MALWARE Daemonize.ft HTTP Checkin
et-open
command-and-control
ET MALWARE Win32/FakeXPA Checkin URL
et-open
command-and-control
ET MALWARE Win32 Cloaker Related Post Infection Checkin
et-open
command-and-control
ET MALWARE Generic Spambot (often Tibs) Post-Infection Checkin (justcount.net likely)
et-open
command-and-control
ET MALWARE Common Downloader Install Report URL (farfly checkin)
et-open
command-and-control
ET MALWARE Knockbot Proxy Checkin
et-open
command-and-control
ET MALWARE Banload HTTP Checkin Detected (envia.php)
et-open
command-and-control
ET MALWARE DMSpammer HTTP Post Checkin
et-open
command-and-control
ET MALWARE Hitpop.AG/Pophot.az HTTP Checkin
et-open
command-and-control
ET MALWARE Win32.Small.AB or related Post-infection checkin
et-open
command-and-control
ET MALWARE FraudLoad.aww HTTP CnC Post
et-open
command-and-control
ET MALWARE Lop.gfr/Swizzor HTTP Update/Checkin (usually host-domain-lookup.com related)
et-open
command-and-control
ET MALWARE KLog Nick Keylogger Checkin
et-open
command-and-control
ET MALWARE Lost Door Checkin
et-open
command-and-control
ET MALWARE Playtech Downloader Online Gaming Checkin
Showing 1-50 of 3,578