Emerging Threats
- Vielzahl von IDS/IPS-Regelsätzen
siehe https://doc.emergingthreats.net/bin/view/Main/AboutEmergingThreats
Versionen
| Version |
Beschreibung
|
| ET Open |
frei, BSD-lizenziert
|
| ET Pro Telemetrie |
kostenpflichtig
|
ET Open
- OPNsense hat eine integrierte Unterstützung für ETOpen-Regeln
- Proofpoint bietet eine kostenlose Alternative für den bekannten ET Pro Telemetry edition Regelsatz
- Kann in Machen Umgebungen nicht ausreichend sein
| Regelwerk |
Beschreibung
|
| ET open/botcc |
https://doc.emergingthreats.net/bin/view/Main/EmergingFAQ
|
| ET open/botcc.portgrouped |
|
| ET open/ciarmy |
|
| ET open/compromised |
|
| ET open/drop |
|
| ET open/dshield |
|
| ET open/emerging-activex |
|
| ET open/emerging-adware_pup |
|
| ET open/emerging-attack_response |
|
| ET open/emerging-chat |
|
| ET open/emerging-coinminer |
|
| ET open/emerging-current_events |
|
| ET open/emerging-deleted |
|
| ET open/emerging-dns |
|
| ET open/emerging-dos |
|
| ET open/emerging-exploit |
|
| ET open/emerging-exploit_kit |
|
| ET open/emerging-ftp |
|
| ET open/emerging-games |
|
| ET open/emerging-hunting |
|
| ET open/emerging-icmp |
|
| ET open/emerging-icmp_info |
|
| ET open/emerging-imap |
|
| ET open/emerging-inappropriate |
|
| ET open/emerging-info |
|
| ET open/emerging-ja3 |
|
| ET open/emerging-malware |
|
| ET open/emerging-misc |
|
| ET open/emerging-mobile_malware |
|
| ET open/emerging-netbios |
|
| ET open/emerging-p2p |
|
| ET open/emerging-phishing |
|
| ET open/emerging-policy |
|
| ET open/emerging-pop3 |
|
| ET open/emerging-rpc |
|
| ET open/emerging-scada |
|
| ET open/emerging-scan |
|
| ET open/emerging-shellcode |
|
| ET open/emerging-smtp |
|
| ET open/emerging-snmp |
|
| ET open/emerging-sql |
|
| ET open/emerging-telnet |
|
| ET open/emerging-tftp |
|
| ET open/emerging-user_agents |
|
| ET open/emerging-voip |
|
| ET open/emerging-web_client |
|
| ET open/emerging-web_server |
|
| ET open/emerging-web_specific_apps |
|
| ET open/emerging-worm |
|
| ET open/tor |
|
- Details und Richtlinien
- Dokumentation der Regeln
ET Pro Telemetrie
App-Erkennung
- Blockieren von Webdiensten
- und entsprechenden URLs
- 80 Prozent des Datenverkehrs sind Webanwendungen
- Weitere Informationen
| Regelwerk |
Beschreibung
|
| OPNsense-App-detect/file-transfer |
|
| OPNsense-App-detect/mail |
|
| OPNsense-App-detect/media-streaming |
|
| OPNsense-App-detect/messaging |
|
| OPNsense-App-detect/social-networking |
|
| OPNsense-App-detect/test |
|
| OPNsense-App-detect/uncategorized |
|