ids:emerging_threats:emerging_threat_categories
Differences
This shows you the differences between two versions of the page.
| Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
| ids:emerging_threats:emerging_threat_categories [2021/07/20 11:55] – peter | ids:emerging_threats:emerging_threat_categories [2021/07/20 13:45] (current) – removed peter | ||
|---|---|---|---|
| Line 1: | Line 1: | ||
| - | ====== IDS - Emerging Threats - Emerging Threat Categories ====== | ||
| - | [[IDS: | ||
| - | |||
| - | ^Category^Description^Reference^ | ||
| - | |3CORESec|Generated automatically from the 3CORESec team IP block lists; based on malicious activity from their Honeypots.|https:// | ||
| - | |ActiveX|Protects against attacks and exploits against Microsoft ActiveX controls.|| | ||
| - | |Adware-PUP|Ad tracking and spyware related activity.|| | ||
| - | |Attack Response|Identifies responses indicative of intrusion; such as LMHost file download, presence of certain web banners and the detection of Metasploit Meterpreter kill command.|| | ||
| - | |Botcc (Bot Command and Control)|Autogenerated from several sources of known and confirmed active botnet and other Command and Control (C2) hosts.|https:// | ||
| - | |Botcc Portgrouped|Similar to the Botcc category but grouped by destination port. Rules grouped by port can offer higher fidelity than those not grouped by port.|| | ||
| - | | | ||
| - | |||
| - | |||
| - | ---- | ||
| - | |||
| - | ===== References ===== | ||
| - | |||
| - | https:// | ||
ids/emerging_threats/emerging_threat_categories.1626782112.txt.gz · Last modified: 2021/07/20 11:55 by peter