-
Notifications
You must be signed in to change notification settings - Fork 647
/
snort-vrt.xml
128 lines (128 loc) · 12.4 KB
/
snort-vrt.xml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
<?xml version="1.0"?>
<ruleset documentation_url="https://www.snort.org/rules_explanation">
<location url="https://www.snort.org/rules/%%snort_vrt.rulesfile%%?oinkcode=%%snort_vrt.oinkcode%%" prefix="Snort VRT"/>
<files>
<file description="app-detect" url="inline::rules/app-detect.rules">snort_vrt.app-detect.rules</file>
<file description="attack-responses" url="inline::rules/attack-responses.rules">snort_vrt.attack-responses.rules</file>
<file description="backdoor" url="inline::rules/backdoor.rules">snort_vrt.backdoor.rules</file>
<file description="bad-traffic" url="inline::rules/bad-traffic.rules">snort_vrt.bad-traffic.rules</file>
<file description="blacklist" url="inline::rules/blacklist.rules">snort_vrt.blacklist.rules</file>
<file description="botnet-cnc" url="inline::rules/botnet-cnc.rules">snort_vrt.botnet-cnc.rules</file>
<file description="browser-chrome" url="inline::rules/browser-chrome.rules">snort_vrt.browser-chrome.rules</file>
<file description="browser-firefox" url="inline::rules/browser-firefox.rules">snort_vrt.browser-firefox.rules</file>
<file description="browser-ie" url="inline::rules/browser-ie.rules">snort_vrt.browser-ie.rules</file>
<file description="browser-other" url="inline::rules/browser-other.rules">snort_vrt.browser-other.rules</file>
<file description="browser-plugins" url="inline::rules/browser-plugins.rules">snort_vrt.browser-plugins.rules</file>
<file description="browser-webkit" url="inline::rules/browser-webkit.rules">snort_vrt.browser-webkit.rules</file>
<file description="chat" url="inline::rules/chat.rules">snort_vrt.chat.rules</file>
<file description="content-replace" url="inline::rules/content-replace.rules">snort_vrt.content-replace.rules</file>
<file description="ddos" url="inline::rules/ddos.rules">snort_vrt.ddos.rules</file>
<file description="deleted" url="inline::rules/deleted.rules">snort_vrt.deleted.rules</file>
<file description="dns" url="inline::rules/dns.rules">snort_vrt.dns.rules</file>
<file description="dos" url="inline::rules/dos.rules">snort_vrt.dos.rules</file>
<file description="experimental" url="inline::rules/experimental.rules">snort_vrt.experimental.rules</file>
<file description="exploit-kit" url="inline::rules/exploit-kit.rules">snort_vrt.exploit-kit.rules</file>
<file description="exploit" url="inline::rules/exploit.rules">snort_vrt.exploit.rules</file>
<file description="file-executable" url="inline::rules/file-executable.rules">snort_vrt.file-executable.rules</file>
<file description="file-flash" url="inline::rules/file-flash.rules">snort_vrt.file-flash.rules</file>
<file description="file-identify" url="inline::rules/file-identify.rules">snort_vrt.file-identify.rules</file>
<file description="file-image" url="inline::rules/file-image.rules">snort_vrt.file-image.rules</file>
<file description="file-java" url="inline::rules/file-java.rules">snort_vrt.file-java.rules</file>
<file description="file-multimedia" url="inline::rules/file-multimedia.rules">snort_vrt.file-multimedia.rules</file>
<file description="file-office" url="inline::rules/file-office.rules">snort_vrt.file-office.rules</file>
<file description="file-other" url="inline::rules/file-other.rules">snort_vrt.file-other.rules</file>
<file description="file-pdf" url="inline::rules/file-pdf.rules">snort_vrt.file-pdf.rules</file>
<file description="finger" url="inline::rules/finger.rules">snort_vrt.finger.rules</file>
<file description="ftp" url="inline::rules/ftp.rules">snort_vrt.ftp.rules</file>
<file description="icmp-info" url="inline::rules/icmp-info.rules">snort_vrt.icmp-info.rules</file>
<file description="icmp" url="inline::rules/icmp.rules">snort_vrt.icmp.rules</file>
<file description="imap" url="inline::rules/imap.rules">snort_vrt.imap.rules</file>
<file description="indicator-compromise" url="inline::rules/indicator-compromise.rules">snort_vrt.indicator-compromise.rules</file>
<file description="indicator-obfuscation" url="inline::rules/indicator-obfuscation.rules">snort_vrt.indicator-obfuscation.rules</file>
<file description="indicator-scan" url="inline::rules/indicator-scan.rules">snort_vrt.indicator-scan.rules</file>
<file description="indicator-shellcode" url="inline::rules/indicator-shellcode.rules">snort_vrt.indicator-shellcode.rules</file>
<file description="info" url="inline::rules/info.rules">snort_vrt.info.rules</file>
<file description="local" url="inline::rules/local.rules">snort_vrt.local.rules</file>
<file description="malware-backdoor" url="inline::rules/malware-backdoor.rules">snort_vrt.malware-backdoor.rules</file>
<file description="malware-cnc" url="inline::rules/malware-cnc.rules">snort_vrt.malware-cnc.rules</file>
<file description="malware-other" url="inline::rules/malware-other.rules">snort_vrt.malware-other.rules</file>
<file description="malware-tools" url="inline::rules/malware-tools.rules">snort_vrt.malware-tools.rules</file>
<file description="misc" url="inline::rules/misc.rules">snort_vrt.misc.rules</file>
<file description="multimedia" url="inline::rules/multimedia.rules">snort_vrt.multimedia.rules</file>
<file description="mysql" url="inline::rules/mysql.rules">snort_vrt.mysql.rules</file>
<file description="netbios" url="inline::rules/netbios.rules">snort_vrt.netbios.rules</file>
<file description="nntp" url="inline::rules/nntp.rules">snort_vrt.nntp.rules</file>
<file description="oracle" url="inline::rules/oracle.rules">snort_vrt.oracle.rules</file>
<file description="os-linux" url="inline::rules/os-linux.rules">snort_vrt.os-linux.rules</file>
<file description="os-mobile" url="inline::rules/os-mobile.rules">snort_vrt.os-mobile.rules</file>
<file description="os-other" url="inline::rules/os-other.rules">snort_vrt.os-other.rules</file>
<file description="os-solaris" url="inline::rules/os-solaris.rules">snort_vrt.os-solaris.rules</file>
<file description="os-windows" url="inline::rules/os-windows.rules">snort_vrt.os-windows.rules</file>
<file description="other-ids" url="inline::rules/other-ids.rules">snort_vrt.other-ids.rules</file>
<file description="p2p" url="inline::rules/p2p.rules">snort_vrt.p2p.rules</file>
<file description="phishing-spam" url="inline::rules/phishing-spam.rules">snort_vrt.phishing-spam.rules</file>
<file description="policy-multimedia" url="inline::rules/policy-multimedia.rules">snort_vrt.policy-multimedia.rules</file>
<file description="policy-other" url="inline::rules/policy-other.rules">snort_vrt.policy-other.rules</file>
<file description="policy-social" url="inline::rules/policy-social.rules">snort_vrt.policy-social.rules</file>
<file description="policy-spam" url="inline::rules/policy-spam.rules">snort_vrt.policy-spam.rules</file>
<file description="policy" url="inline::rules/policy.rules">snort_vrt.policy.rules</file>
<file description="pop2" url="inline::rules/pop2.rules">snort_vrt.pop2.rules</file>
<file description="pop3" url="inline::rules/pop3.rules">snort_vrt.pop3.rules</file>
<file description="protocol-dns" url="inline::rules/protocol-dns.rules">snort_vrt.protocol-dns.rules</file>
<file description="protocol-finger" url="inline::rules/protocol-finger.rules">snort_vrt.protocol-finger.rules</file>
<file description="protocol-ftp" url="inline::rules/protocol-ftp.rules">snort_vrt.protocol-ftp.rules</file>
<file description="protocol-icmp" url="inline::rules/protocol-icmp.rules">snort_vrt.protocol-icmp.rules</file>
<file description="protocol-imap" url="inline::rules/protocol-imap.rules">snort_vrt.protocol-imap.rules</file>
<file description="protocol-nntp" url="inline::rules/protocol-nntp.rules">snort_vrt.protocol-nntp.rules</file>
<file description="protocol-other" url="inline::rules/protocol-other.rules">snort_vrt.protocol-other.rules</file>
<file description="protocol-pop" url="inline::rules/protocol-pop.rules">snort_vrt.protocol-pop.rules</file>
<file description="protocol-rpc" url="inline::rules/protocol-rpc.rules">snort_vrt.protocol-rpc.rules</file>
<file description="protocol-scada" url="inline::rules/protocol-scada.rules">snort_vrt.protocol-scada.rules</file>
<file description="protocol-services" url="inline::rules/protocol-services.rules">snort_vrt.protocol-services.rules</file>
<file description="protocol-snmp" url="inline::rules/protocol-snmp.rules">snort_vrt.protocol-snmp.rules</file>
<file description="protocol-telnet" url="inline::rules/protocol-telnet.rules">snort_vrt.protocol-telnet.rules</file>
<file description="protocol-tftp" url="inline::rules/protocol-tftp.rules">snort_vrt.protocol-tftp.rules</file>
<file description="protocol-voip" url="inline::rules/protocol-voip.rules">snort_vrt.protocol-voip.rules</file>
<file description="pua-adware" url="inline::rules/pua-adware.rules">snort_vrt.pua-adware.rules</file>
<file description="pua-other" url="inline::rules/pua-other.rules">snort_vrt.pua-other.rules</file>
<file description="pua-p2p" url="inline::rules/pua-p2p.rules">snort_vrt.pua-p2p.rules</file>
<file description="pua-toolbars" url="inline::rules/pua-toolbars.rules">snort_vrt.pua-toolbars.rules</file>
<file description="rpc" url="inline::rules/rpc.rules">snort_vrt.rpc.rules</file>
<file description="rservices" url="inline::rules/rservices.rules">snort_vrt.rservices.rules</file>
<file description="scada" url="inline::rules/scada.rules">snort_vrt.scada.rules</file>
<file description="scan" url="inline::rules/scan.rules">snort_vrt.scan.rules</file>
<file description="server-apache" url="inline::rules/server-apache.rules">snort_vrt.server-apache.rules</file>
<file description="server-iis" url="inline::rules/server-iis.rules">snort_vrt.server-iis.rules</file>
<file description="server-mail" url="inline::rules/server-mail.rules">snort_vrt.server-mail.rules</file>
<file description="server-mssql" url="inline::rules/server-mssql.rules">snort_vrt.server-mssql.rules</file>
<file description="server-mysql" url="inline::rules/server-mysql.rules">snort_vrt.server-mysql.rules</file>
<file description="server-oracle" url="inline::rules/server-oracle.rules">snort_vrt.server-oracle.rules</file>
<file description="server-other" url="inline::rules/server-other.rules">snort_vrt.server-other.rules</file>
<file description="server-samba" url="inline::rules/server-samba.rules">snort_vrt.server-samba.rules</file>
<file description="server-webapp" url="inline::rules/server-webapp.rules">snort_vrt.server-webapp.rules</file>
<file description="shellcode" url="inline::rules/shellcode.rules">snort_vrt.shellcode.rules</file>
<file description="smtp" url="inline::rules/smtp.rules">snort_vrt.smtp.rules</file>
<file description="snmp" url="inline::rules/snmp.rules">snort_vrt.snmp.rules</file>
<file description="specific-threats" url="inline::rules/specific-threats.rules">snort_vrt.specific-threats.rules</file>
<file description="spyware-put" url="inline::rules/spyware-put.rules">snort_vrt.spyware-put.rules</file>
<file description="sql" url="inline::rules/sql.rules">snort_vrt.sql.rules</file>
<file description="telnet" url="inline::rules/telnet.rules">snort_vrt.telnet.rules</file>
<file description="tftp" url="inline::rules/tftp.rules">snort_vrt.tftp.rules</file>
<file description="virus" url="inline::rules/virus.rules">snort_vrt.virus.rules</file>
<file description="voip" url="inline::rules/voip.rules">snort_vrt.voip.rules</file>
<file description="web-activex" url="inline::rules/web-activex.rules">snort_vrt.web-activex.rules</file>
<file description="web-attacks" url="inline::rules/web-attacks.rules">snort_vrt.web-attacks.rules</file>
<file description="web-cgi" url="inline::rules/web-cgi.rules">snort_vrt.web-cgi.rules</file>
<file description="web-client" url="inline::rules/web-client.rules">snort_vrt.web-client.rules</file>
<file description="web-coldfusion" url="inline::rules/web-coldfusion.rules">snort_vrt.web-coldfusion.rules</file>
<file description="web-frontpage" url="inline::rules/web-frontpage.rules">snort_vrt.web-frontpage.rules</file>
<file description="web-iis" url="inline::rules/web-iis.rules">snort_vrt.web-iis.rules</file>
<file description="web-misc" url="inline::rules/web-misc.rules">snort_vrt.web-misc.rules</file>
<file description="web-php" url="inline::rules/web-php.rules">snort_vrt.web-php.rules</file>
<file description="x11" url="inline::rules/x11.rules">snort_vrt.x11.rules</file>
</files>
<properties>
<property name="snort_vrt.oinkcode" default=""/>
<property name="snort_vrt.rulesfile" default="snortrules-snapshot-29200.tar.gz"/>
</properties>
</ruleset>