You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

History

Juliana Fajardini 21b13c5d2f decode/ipv6: actually set ipv6 pkt too small event The event exists, but it was never set. Disabled the existing rule, to avoid flooding. Bug #7963		2 weeks ago
..
Makefile.am	…
README.md	…
app-layer-events.rules	app-layer: protocol change API	9 years ago
decoder-events.rules	decode/ipv6: actually set ipv6 pkt too small event	2 weeks ago
dhcp-events.rules	…
dnp3-events.rules	…
dns-events.rules	dns: improved handling of corrupt additionals	9 months ago
enip-events.rules	enip: convert to rust	1 year ago
files.rules	rules: spelling	2 years ago
ftp-events.rules	ftp: add events for command too long	3 years ago
http-events.rules	http: Use libhtp-rs.	6 months ago
http2-events.rules	http2: forbid data on stream 0	3 months ago
ipsec-events.rules	rules/ike: fix ike event names that have changed	11 months ago
kerberos-events.rules	Kerberos 5: rename weak crypto to weak encryption, and log it	7 years ago
mdns-events.rules	…
modbus-events.rules	rules/modbus: remove rule for event that not longer exists	11 months ago
mqtt-events.rules	…
nfs-events.rules	…
ntp-events.rules	Add event rules for NTP events	8 years ago
pgsql-events.rules	…
pop3-events.rules	pop3: fix event rule	4 months ago
quic-events.rules	quic: handle fragmented hello over multiple packets	8 months ago
rfb-events.rules	…
smb-events.rules	smb: checks against nbss records length	3 years ago
smtp-events.rules	smtp/events: set direction on rules	7 months ago
ssh-events.rules	rules: add SSH decoder events rules	5 years ago
stream-events.rules	stream: add TCP urgent handling options	10 months ago
tls-events.rules	…
websocket-events.rules	…

README.md

Suricata Reserved SID Allocations

Unless otherwise noted, each component or protocol is allocated 1000 signature IDs.

Components

Component	Start	End
Decoder	2200000	2200999
Stream	2210000	2210999
Generic App-Layer	2260000	2260999

App-Layer Protocols

Protocol	Start	End
SMTP	2220000	2220999
HTTP	2221000	2221999
NTP	2222000	2222999
NFS	2223000	2223999
IPsec	2224000	2224999
SMB	2225000	2225999
Kerberos	2226000	2226999
DHCP	2227000	2227999
SSH	2228000	2228999
MQTT	2229000	2229999
TLS	2230000	2230999
QUIC	2231000	2231999
FTP	2232000	2232999
POP3	2236000	2236999
DNS	2240000	2240999
PGSQL	2241000	2241999
mDNS	2242000	2242999
MODBUS	2250000	2250999
DNP3	2270000	2270999
HTTP2	2290000	2290999