Snort rules are the conditions specified by a Network Administrator that differentiate between normal Internet activities and malicious activities. Snort rules are made up of two basic parts:

* Rule header: This is the part of any rule where the rule’s actions are identified. Alert, Log, Pass, Activate, Dynamic, etc. are some important actions used in snort rules.
* Rule options: This is the part of any rule where the rule’s alert messages are identified.

For example: A Network Administrator has written the following rule:

Alert tcp any -> any 6667 (msg:”IRC port in use”; flow:from_client)

The first portion of the rule specifies the action, which is to examine port 6667 traffic. If a match occurs, a message should be generated that reads “IRC port is in use”, and the IDS would create a record that an IRC port might have been accessed.

Explore More

More Trojan horse for Apple Mac! Is Mac more insecure than windows?

One more malware have been spotted for the Apple Mac machine. This time Trojan.iServices.B which gets into the system, open the backdoor in Mac machines and connect them to a

Read More

Google Hacking

Using Google, and some finely crafted searches we can find a lot of interesting information.For Example we can find: Credit Card Numbers Passwords Software / MP3’s …… (and on and

Read More

XSS Shell

This script in asp permettedi executing of the commandos taking advantage of a bug of the XSSper greater info you can see the video: Code: http://ferruh.mavituna.com/xssshell/demo/ and the shell: Code:

Read More