<div dir="ltr">Ahh! I hear you.<div><br></div><div>I've done some nasty things with nc in sensor testing... :-)</div></div><div class="gmail_extra"><br><div class="gmail_quote">On Tue, Jun 30, 2015 at 9:45 AM, Oliver Humpage <span dir="ltr"><<a href="mailto:oliver@watershed.co.uk" target="_blank">oliver@watershed.co.uk</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><span class=""><br>
On 30 Jun 2015, at 15:42, Brandon Lattin <<a href="mailto:latt0050@umn.edu">latt0050@umn.edu</a>> wrote:<br>
<br>
> nc is great for backdoors, but not exactly my first choice for production configurations.<br>
<br>
</span>I was suggesting for testing, not for actual real use :) Just thought it'd be worth checking the feed to the SIEM was totally clean.<br>
<br>
Admittedly I was assuming nc was installed on their suricata box by default...<br>
<div class="HOEnZb"><div class="h5"><br>
Oliver.<br>
_______________________________________________<br>
Suricata IDS Users mailing list: <a href="mailto:oisf-users@openinfosecfoundation.org">oisf-users@openinfosecfoundation.org</a><br>
Site: <a href="http://suricata-ids.org" rel="noreferrer" target="_blank">http://suricata-ids.org</a> | Support: <a href="http://suricata-ids.org/support/" rel="noreferrer" target="_blank">http://suricata-ids.org/support/</a><br>
List: <a href="https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users" rel="noreferrer" target="_blank">https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users</a><br>
Suricata User Conference November 4 & 5 in Barcelona: <a href="http://oisfevents.net" rel="noreferrer" target="_blank">http://oisfevents.net</a><br>
</div></div></blockquote></div><br><br clear="all"><div><br></div>-- <br><div class="gmail_signature"><div dir="ltr">Brandon Lattin<div>Security Analyst<br><div>University of Minnesota - University Information Security<br>Office: 612-626-6672</div></div></div></div>
</div>