« Fingerprinting Port 80 Attacks: A look into web server, and web application attack signatures. | Main | Opera Browser has several Javascript vulnerabilities »

Cgisecurity.com IDS rules used in Snort 1.8.2

I recently wrote some IDS rule sets I found to be useful
for snort that would help detect known, and unknown
port80 attacks. I submitted these rules to snort.org
and they liked them so much they are now included
in the newest release.

These rules were based from cgisecurity.com's paper #3
which will be released later today.

A copy of these new rules are below.



Feed You can follow this conversation by subscribing to the comment feed for this post.

All Comments are Moderated and will be delayed!