Emerging Threats Threats SID Allocation

1000000-1999999 Reserved for Local Use -- Put your custom rules in this range to avoid conflicts

The following are the reservations for SIDs in the 2000000 space allocated to this project:

2000000-2099999 Emerging Threats Open Rulesets

2100000-2103999 Forked ET Versions of the Original Snort GPL Signatures Originally sids 3464 and prior, forked to be maintained and converted to Suricata

2200000-2200999 Suricata Decoder Events

2210000-2210999 Suricata Stream Events

2220000-2299999 Suricata Reserved

2800000-2899999 Emerging Threats Pro Full Coverage Ruleset -- ETProRules

Dynamicly Updated Rules

2400000-2400999 SpamHaus DROP List — Updated Daily -- SpamHausDROPList

2402000-2402299 Dshield Top Attackers Rules — Updated Daily -- DshieldTopAttackers

2403300-2403499 CIArmy.com Top Attackers Rules — Updated Daily - See http://www.ciarmy.com#list -- CiArmy?

2404000-2405999 Shadowserver.org Bot C&C List — Updated Daily -- BotCC

2404000-2405999 Shadowserver.org Bot C&C List Grouped by Port — Updated Daily -- BotCC

2406000-2406999 Russian Business Network Known Nets --- OBSOLETED -- RussianBusinessNetwork

2408000-2408499 Russian Business Network Known Malvertisers --- OBSOLETED -- RussianBusinessNetwork

2520000-2521999 Tor Exit Nodes List Updated Daily -- TorRules

2522000-2524999 Tor Relay Nodes List (NOT Exit nodes) Updated Daily -- TorRules

2525000-2526999 ET 3CORESec Poor Reputation Updated Daily -- 3CORESec

2527000-2528999 ET Threatview.io High Confidence Cobalt Strike C2 Updated Daily -- threatview_io

Topic revision: r19 - 2021-12-08 - PhilSchroeder
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats