Shellcode
These signatures are based on shellcode that is common ammong multiple publicly available exploits.

Because these signatures check ALL traffic for shellcode, these signatures are disabled by default. There is a LARGE performance hit by enabling these signatures.