« Fingerprinting Port 80 Attacks: A look into web server, and web application attack signatures. | Main | Opera Browser has several Javascript vulnerabilities »

Cgisecurity.com IDS rules used in Snort 1.8.2

I recently wrote some IDS rule sets I found to be useful
for snort that would help detect known, and unknown
port80 attacks. I submitted these rules to snort.org
and they liked them so much they are now included
in the newest release.

These rules were based from cgisecurity.com's paper #3
which will be released later today.

A copy of these new rules are below.



Feed You can follow this conversation by subscribing to the comment feed for this post.

All Comments are Moderated and will be delayed!

Post a comment

Remember personal info?