Snort rules are the conditions specified by a Network Administrator that differentiate between normal Internet activities and malicious activities. Snort rules are made up of two basic parts:

* Rule header: This is the part of any rule where the rule’s actions are identified. Alert, Log, Pass, Activate, Dynamic, etc. are some important actions used in snort rules.
* Rule options: This is the part of any rule where the rule’s alert messages are identified.

For example: A Network Administrator has written the following rule:

Alert tcp any -> any 6667 (msg:”IRC port in use”; flow:from_client)

The first portion of the rule specifies the action, which is to examine port 6667 traffic. If a match occurs, a message should be generated that reads “IRC port is in use”, and the IDS would create a record that an IRC port might have been accessed.

Explore More

BurmeseHackers Group Hacked Irrawaddy Online Store

BurmeseHackers Group Hacked Irrawaddy Online Store Last night a hacker group named “BurmeseHackers” hacked Irrawaddy Online Store owned by Irrawaddy News Magaine, The Irrawaddy magazine and its Web site cover

Read More

Expert Tips for Keeping Google Hacks at Bay

The first step for protecting yourself from something is knowing how that something works. In the case of Google hacking, you will have to learn how it can be used

Read More

Prevent spam in your Gmail account

Are you worried about spam in your precious gmail account ? If yes, then you would like to consider making aliases of your gmail id to use when you’re not

Read More