Bleeding Edge of Snort

A new Web site is available for those of you who use Snort IDS. The site offers new snort rules that aren't necessarily part of the regular Snort rules distribution.

ITPro Today

October 10, 2004

1 Min Read
ITPro Today logo in a gray background | ITPro Today

A new Web site, The Bleeding Edge of Snort, is available for those who use Snort IDS.  Among other things, the site offers new Snort rules that aren't necessarily part of the regular Snort rules distribution.

For example, there are intrusion detection rules for the issues that were recently discovered in ASP.NET.  There are also rules to detect certain denial of service (DoS) attacks against Cisco routers, DoS attacks against Microsoft SMS, buffer overflows in Adobe Acrobat Reader, almost two dozen rules that detect exploits against Internet Explorer (IE), over a dozen rules to detect exploits against Internet Information Server (IIS), rules for Microsoft SQL Server exploits, rules to help protect against various file downloads such as registry files, executables, DLLs, and a much more. The Snort rules are freely available to the public and new rules can be contributed by anyone.

The site is run by numerous contributors and sponsored by Vortek Hosting, infotex, and Applied Watch Technologies. Also available at the site are message boards, news feeds, new files announcements, and more.

Sign up for the ITPro Today newsletter
Stay on top of the IT universe with commentary, news analysis, how-to's, and tips delivered to your inbox daily.

You May Also Like