[Discussion] Text in Msgs
Andre Ludwig
aludwig at packetspy.com
Mon Oct 27 15:34:03 UTC 2008
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Good idea, as you could use this to pass of binaries (with the right
signature set) into a sandnet.
Andre Ludwig
Matt Jonkman wrote:
> Would anyone be interested in the ability to insert captured text into
> the alert text of an event?
>
> For instance, I was just looking at a few hits on " ET POLICY exe
> download via HTTP". It'd be nice for that to say:
>
> ET POLICY exe download via HTTP
> (down.onlinedowns.net/page/image/yahoons.exe)
>
> Quick way to decide if that was something of interest or not without
> having to dig into payload.
>
> What does everyone think?
>
> Matt
>
>
-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.9.0 (Build 397)
Charset: ISO-8859-1
wsBVAwUBSQXfbcjAfVnRK9hXAQg57ggAxqkdTrkVLuBvd6NKgS2TX3BwW/MG89y5
MKUq/6fxvSloTLNguG7lhgzrelIaf5C724OAocJrb2WYMqRmmaKoEHdpuGOnt0y3
9zOZaTbYUzNoubv4CBjUvk1TmzLjoTzRKSvj8BI4e7IpqXzj23FgOzkWryvgTYSu
XwJIPq+jurphKm+8R8/S4AsD25igBYu40ULkHErsroPbcP3yWgjGcjtA0Yuu/WBD
zoHXazS5dLApuBM+EBmCh02rKz7W5N2+fJ+RB9NmqqA4wFBv0nGS76q6A9NibfqS
cL6nY5hYenraMisvK2j5a5US8HSustpmV2ln/6JXJSS7HY06fqyp3w==
=bJkv
-----END PGP SIGNATURE-----
More information about the Discussion
mailing list