Rules
Crusoe Researches donate azwalaro rule for detecting Safari Windows DoS
Crusoe Researches donate azwalaro rule for detecting IE html Style crashie vulnerability (related to ICQ)
Interisting Azwalaro rules :
ip.checksum_bad
ip.flags.rb
ip.fragment.error
ip.fragment.multipletails
ip.fragment.overlap.conflict
ip.fragment.toolongfragment
ip.ttl <=3
tcp.analysis.out_of_order
tcp.checksum_bad
tcp.flags.syn and tcp.flags.fin
tcp.segment.error
tcp.segment.overlap.conflict
tcp.segment.toolongfragment
icmp.checksum_bad
icmp.code>18
malformed
another Azwalaro rules by Security Alert:
http.request.uri contains "%0D%OA" # "cve2006-4624"
lower(http) contains "<script" and lower(http) contains "unescape"