端口扫描接口_端口扫描snort规则
snort规则
这个嘛。你应该去看介绍snort规则的书,或者是官方手册snort manual.
snort的每一条规则分为规则头和规则体。例如第一条规则:
alert udp $EXTERNAL_NET any - $HOME_NET 161 (msg:"SNMP missing community string attempt"; content:"|04 00|"; depth:15; offset:5; metadata:service snmp; reference:bugtraq,2112; reference:cve,1999-0517; classtype:misc-attack; sid:1893; rev:6;)
159
0
2023-04-07
端口扫描