?? bad-traffic.rules
字號:
# Autogenerated skeleton rules file. Do NOT edit by handalert udp any 53 <> any any (msg:"BAD-TRAFFIC dns cache poisoning attempt"; sid:13667; gid:3; rev:3; classtype:misc-attack; reference:cve,2008-0087; reference:url,www.microsoft.com/technet/security/bulletin/MS08-020.mspx; reference:cve,2008-1447; reference:url,www.microsoft.com/technet/security/bulletin/MS08-037.mspx; reference:cve,1999-0024; reference:url,www.kb.cert.org/vuls/id/800113; metadata: engine shared, soid 3|13667;)alert udp $HOME_NET 67 <> $HOME_NET 68 (msg:"BAD-TRAFFIC invalid dhcp offer denial of service attempt"; sid:13450; gid:3; rev:1; classtype:attempted-dos; reference:cve,2008-0084; reference:url,www.microsoft.com/technet/security/bulletin/ms08-004.mspx; metadata: engine shared, soid 3|13450;)alert udp $EXTERNAL_NET 53 -> $HOME_NET any (msg:"BAD-TRAFFIC dns root nameserver poisoning attempt"; sid:13887; gid:3; rev:5; classtype:misc-attack; reference:cve,2008-1454; reference:url,www.microsoft.com/technet/security/bulletin/MS08-037.mspx; metadata: engine shared, soid 3|13887, policy balanced-ips drop, policy security-ips drop;)alert ip $EXTERNAL_NET any -> $HOME_NET any (msg:"BAD-TRAFFIC linux ICMP header dos attempt"; sid:13307; gid:3; rev:1; classtype:denial-of-service; reference:url,www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.15.3; reference:cve,2006-0454; reference:bugtraq,16532; metadata: engine shared, soid 3|13307;)alert ip any any <> any any (msg:"BAD-TRAFFIC Windows remote kernel tcp/ip igmp vulnerability exploit attempt"; sid:13287; gid:3; rev:2; classtype:attempted-admin; reference:cve,2007-0069; reference:url,www.microsoft.com/technet/security/Bulletin/MS08-001.mspx; metadata: engine shared, soid 3|13287;)alert icmp $HOME_NET any <> 224.0.0.1 any (msg:"BAD-TRAFFIC Windows remote kernel tcp/ip icmp vulnerability exploit attempt"; sid:13288; gid:3; rev:2; classtype:attempted-admin; reference:cve,2007-0066; reference:url,www.microsoft.com/technet/security/Bulletin/MS08-001.mspx; metadata: engine shared, soid 3|13288;)alert ip $EXTERNAL_NET any -> $HOME_NET any (msg:"BAD-TRAFFIC PGM nak list overflow attempt"; sid:8351; gid:3; rev:4; classtype:attempted-admin; reference:url,www.microsoft.com/technet/security/bulletin/ms06-052.mspx; reference:cve,2006-3442; reference:bugtraq,19922; metadata: engine shared, soid 3|8351;)?? 快捷鍵說明
復制代碼
Ctrl + C
搜索代碼
Ctrl + F
全屏模式
F11
切換主題
Ctrl + Shift + D
顯示快捷鍵
?
增大字號
Ctrl + =
減小字號
Ctrl + -