- The Autoshun Shun List
- Autoshun Plugin
- Snort p0f Plugin
- Pepper Jack's Recommendations. This is a Snort source tree with p0f, timeofday, dayofweek, bastardlist, snortsam, and autoshun plug-ins already built-in.
- Pepper Jack's Snort plug-ins
- Interesting snort rulesets
- Wildcard "*" DNS snort rules
- Pedantic Blackhole DNS snort rules
- Regex-from-hell Blackhole DNS snort rules
only use one of the bh dns rulesets - Rules to alert on communications with one of the known storm C&C addresses
- snort rules for the Dec2008 IE7 exploit domains
- more detailed snort rules for the conficker worm domains
- more efficient snort rules for the conficker worm domains
- snort rules to alert on Zeus C&C IP addrs
- snort rules to alert on Zeus C&C domain Names
- snort rules to alert on Conficker domain Names
- Old arachnids stuff, just to see how it used to be done
- vision.conf 422 rules from October 2000
- vision18.conf the last (I think) ruleset from arachnids, 545 rules from July 2001
- Pepper Jack's LibChart-1.2 patches. The charts on this page were made (mostly) with libchart. I had to make some changes to libchart in order to get the vertical aspect ratio and the stacked line charts. Here is the patch. Or if you prefer, the already patched PHP source code.
MD5Sum Page
MD5 Sums for various downloads.
Patch files
(snort 2-4 version is no longer being maintained)
17e7bc12ed1cecd641325fd1ed13e74f Feb 22 2007 Snort-2.4-AutoshunPatch.tgz
(snort 2-6 version will only be updated for serious defects)
e409ed8286453e51991b2353dfd80795 Jan 28 2008 Snort-2.6-AutoshunPatch.tgz
d562a2c2856c530c9f81de2e24de7863 Jan 28 2008 Snort-2.8-AutoshunPatch.tgz
(p0f patch is only compatible with snort 2.6, but is still actively supported in the "PrePatched" source tree, below)
eeb250972b7e9020acf6703a1e5786f1 Feb 27 2007 Snort-P0f-plugin.tgz
PrePatched Snort source Trees
(snort 2-6 version will only be updated for serious defects)
7a90714412fd32337718778f1941de15 Jan 28 2008 snort-2.6.1.3-Patched_2_perfection.tgz
3c9524ac239fbb05dbb8ae4b6ae8fbc9 Jan 28 2008 snort-2.8.0.1-Patched_2_perfection.tgz
