Signature rules

Signature rules are patterns of characters than can be matched against a traffic stream. For example, a signature rule might look for a specific string in an HTTP request. If the string matches one in a known attack, action is taken. These rules provide protection against known attacks.

Signatures are designed for specific applications and for specific operating systems; for example, web servers such as Apache, IIS, and NES/iPlanet. The majority of signatures protect the entire operating system, while some protect specific applications.

Copyright © 2006 McAfee, Inc. All Rights Reserved.