vasco/FSI
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Suricata done

Browse Source
This commit is contained in:
root
2026-03-22 10:41:11 +00:00
parent 79be50b220
commit e407142f66
2 changed files with 2247 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
suricata.rules Normal file
View File

@@ -0,0 +1,5 @@
drop tcp $EXTERNAL_NET any -> $HOME_NET any (msg:"ET"; flags:S; threshold:type both, track by_src, count 5, seconds 60; classtype:attempted-recon; sid:1000001; rev:1;)
drop tcp any any -> any 80 (msg:"SQL injection"; content:"union"; nocase; content:"select"; nocase; classtype:web-application-attack; sid:1000002; rev:1;)
drop tcp any any -> any 80 (msg:"SQl injection"; content:"'or 1=1"; nocase; classtype:web-application-attack; sid:1000003; rev:1;)
drop tcp any any -> any 80 (msg:"XSS"; content:"<script"; nocase; classtype:web-application-attack; sid:1000004; rev:1;)

2242
suricata.yaml Normal file
View File

File diff suppressed because it is too large Load Diff