[Discussion] Text in Msgs

• Previous message (by thread): [Discussion] Text in Msgs
• Next message (by thread): [Discussion] Text in Msgs
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Good idea, as you could use this to pass of binaries (with the right 
signature set) into a sandnet.

Andre Ludwig

Matt Jonkman wrote:
> Would anyone be interested in the ability to insert captured text into
> the alert text of an event?
>
> For instance, I was just looking at a few hits on " ET POLICY exe
> download via HTTP". It'd be nice for that to say:
>
>  ET POLICY exe download via HTTP
> (down.onlinedowns.net/page/image/yahoons.exe)
>
> Quick way to decide if that was something of interest or not without
> having to dig into payload.
>
> What does everyone think?
>
> Matt
>
>   


-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.9.0 (Build 397)
Charset: ISO-8859-1

wsBVAwUBSQXfbcjAfVnRK9hXAQg57ggAxqkdTrkVLuBvd6NKgS2TX3BwW/MG89y5
MKUq/6fxvSloTLNguG7lhgzrelIaf5C724OAocJrb2WYMqRmmaKoEHdpuGOnt0y3
9zOZaTbYUzNoubv4CBjUvk1TmzLjoTzRKSvj8BI4e7IpqXzj23FgOzkWryvgTYSu
XwJIPq+jurphKm+8R8/S4AsD25igBYu40ULkHErsroPbcP3yWgjGcjtA0Yuu/WBD
zoHXazS5dLApuBM+EBmCh02rKz7W5N2+fJ+RB9NmqqA4wFBv0nGS76q6A9NibfqS
cL6nY5hYenraMisvK2j5a5US8HSustpmV2ln/6JXJSS7HY06fqyp3w==
=bJkv
-----END PGP SIGNATURE-----

• Previous message (by thread): [Discussion] Text in Msgs
• Next message (by thread): [Discussion] Text in Msgs
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]