Get a Pentest and security assessment of your IT network.

News

Rule Performance Part One: Content Matches

Snort sensors are constantly reviewing rule performance data. The first and perhaps most important common common error is a lack of a long, unique content match. Snort takes the first, longest content match in a rule, and places it in the appropriate fast-pattern matcher. The PCRE engine is very useful, but we dont want to pay the penalty of its use without ensuring we have a chance to detect. The rule detects a 2006 vulnerability in Microsofts Vector Graphics Rendering.”]

Source: https://blog.talosintelligence.com/2009/07/rule-performance-part-one-content.html

Related posts
News

Ashley Madison 2.0 Hackers Leak 20GB Data Dump, Including CEO's Emails

News

Art of Twitter account hacking

News

Botnet authors use Evernote account as C&C Server

News

Canadian agency breached as hackers exploit CVE-2017-5638 flaw in Apache Struts 2