Структура и функционирование СОВ Snort

Дипломная работа - Компьютеры, программирование

Другие дипломы по предмету Компьютеры, программирование

your rule set$RULE_PATH/local.rules$RULE_PATH/bad-traffic.rules$RULE_PATH/exploit.rules$RULE_PATH/scan.rules$RULE_PATH/finger.rules$RULE_PATH/ftp.rules$RULE_PATH/telnet.rules$RULE_PATH/rpc.rules$RULE_PATH/rservices.rules$RULE_PATH/dos.rules$RULE_PATH/ddos.rules$RULE_PATH/dns.rules$RULE_PATH/tftp.rules$RULE_PATH/web-cgi.rules$RULE_PATH/web-coldfusion.rules$RULE_PATH/web-iis.rules$RULE_PATH/web-frontpage.rules$RULE_PATH/web-misc.rules$RULE_PATH/web-client.rules$RULE_PATH/web-php.rules$RULE_PATH/sql.rules$RULE_PATH/x11.rules$RULE_PATH/icmp.rules$RULE_PATH/netbios.rules$RULE_PATH/misc.rules$RULE_PATH/attack-responses.rules$RULE_PATH/oracle.rules$RULE_PATH/mysql.rules$RULE_PATH/snmp.rules$RULE_PATH/smtp.rules$RULE_PATH/imap.rules$RULE_PATH/pop2.rules$RULE_PATH/pop3.rules$RULE_PATH/nntp.rules$RULE_PATH/other-ids.rules$RULE_PATH/experimental.rules

Приложение 2

alert tcp $EXTERNAL_NET any -> $HOME_NET any (msg:"SCAN FIN"; flow:stateless; flags:F,12; reference:arachnids,27; classtype:attempted-recon; sid:621; rev:8;)tcp any any -> $HOME_NET $SMB (msg:SMB attack!; content: |0A 2D 42 C8|; sid: 1000004; rev:2;)ip $EXTERNAL_NET any -> $HOME_NET any (msg:"DOS IGMP dos attack"; fragbits:M+; ip_proto:2; metadata:policy security-ips drop; reference:bugtraq,514; reference:cve,1999-0918; reference:url,www.microsoft.com/technet/security/bulletin/MS99-034.mspx; classtype:attempted-dos; sid:272; rev:12;)icmp $EXTERNAL_NET any -> $HOME_NET any (msg:"DOS ath"; itype:8; content:"+++ath"; nocase; metadata:policy balanced-ips drop, policy security-ips drop; reference:arachnids,264; reference:cve,1999-1228; classtype:attempted-dos; sid:274; rev:8;)tcp $EXTERNAL_NET any -> $HOME_NET 7070 (msg:"DOS Real Audio Server"; flow:to_server,established; content:"|FF F4 FF FD 06|"; metadata:policy security-ips drop; reference:cve,1999-0271; reference:nessus,10183; classtype:attempted-dos; sid:276; rev:8;)tcp $EXTERNAL_NET any -> $TELNET_SERVERS 23 (msg:"TELNET SGI telnetd format bug"; flow:to_server,established; content:"_RLD"; content:"bin/sh"; metadata:policy balanced-ips drop, policy security-ips drop, service telnet; reference:arachnids,304; reference:bugtraq,1572; reference:cve,2000-0733; classtype:attempted-admin; sid:711; rev:11;)

• На первую страницу
• Назад
• 3
• 4
• 5
• 6
• 7
• 8
• 9
• 10
• 11
• 12
• 13