<div dir="ltr"><div><div><div>yes i am running suricata and executing wget <a href="http://old.honeynet.org/scans/scan19/scan19.tar.gz">http://old.honeynet.org/scans/scan19/scan19.tar.gz</a> .<br></div>The tar file has been downloaded to suricata file-store .Once i extract it i get that pcap file .<br></div><div>My expectation is suricata calculates md5 hash of the file and matches with md5 hash DB .<br><br></div>thanks<br></div>srinivas<br><br></div><div class="gmail_extra"><br><div class="gmail_quote">On Thu, Jul 13, 2017 at 12:00 AM, Cooper F. Nelson <span dir="ltr"><<a href="mailto:cnelson@ucsd.edu" target="_blank">cnelson@ucsd.edu</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
  
    
  
  <div text="#000000" bgcolor="#FFFFFF">
    <div class="m_4949996989535811526moz-cite-prefix">That is a pcap file, not an extracted
      file.  <br>
      <br>
      -Coop<span class=""><br>
      <br>
      On 7/12/2017 11:26 AM, Srinivasreddy R wrote:<br>
    </span></div><span class="">
    <blockquote type="cite">
      <div dir="ltr">
        <div>
          <div>I am able to see some results .<br>
            The md5 hash i am searching is  :
            38e85119953076c904fd2105dfcb6c<wbr>db<br>
            <br>
            <br>
          </div>
          thanks<br>
        </div>
        srinivas<br>
      </div>
      <div class="gmail_extra"><br>
        <div class="gmail_quote">On Wed, Jul 12, 2017 at 11:43 PM,
          Cooper F. Nelson <span dir="ltr"><<a href="mailto:cnelson@ucsd.edu" target="_blank">cnelson@ucsd.edu</a>></span>
          wrote:<br>
          <blockquote class="gmail_quote">What happens if you search for
            the hash here?<br>
            <br>
            > <a href="https://www.virustotal.com/en/#search" rel="noreferrer" target="_blank">https://www.virustotal.com/en/<wbr>#search</a><br>
            <br>
            -Coop</blockquote>
        </div>
      </div>
    </blockquote>
    <p><br>
    </p>
    </span><span class=""><pre class="m_4949996989535811526moz-signature" cols="72">-- 
Cooper Nelson
Network Security Analyst
UCSD ACT Security Team
<a class="m_4949996989535811526moz-txt-link-abbreviated" href="mailto:cnelson@ucsd.edu" target="_blank">cnelson@ucsd.edu</a> x41042</pre>
  </span></div>

</blockquote></div><br></div>