[Oisf-devel] BIt Torrent Traffic
Andreas Herz
andi at geekosphere.org
Sun Oct 23 21:16:42 UTC 2016
On 24/10/16 at 01:16, Steve wrote:
> HI
>
> I have Suricata setup and detecting various signatures, but I can't
> detect Bit Torrent traffic.
Can you describe your setup in more detail?
> I have the emerging-p2p.rules loaded and set to Drop, but nothing gets
> detected, not by protocol or DHT detection.
What rules do you think should trigger and do you have some .pcap to
share? Maybe the rules just don't fit your traffic.
> Any ideas on that ? I'm using Suricata 3.1
>
> Regards,
> Steve
>
> _______________________________________________
> Suricata IDS Devel mailing list: oisf-devel at openinfosecfoundation.org
> Site: http://suricata-ids.org | Participate: http://suricata-ids.org/participate/
> List: https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-devel
> Redmine: https://redmine.openinfosecfoundation.org/
> Suricata User Conference November 9-11 in Washington, DC: http://suricon.net
--
Andreas Herz
More information about the Oisf-devel
mailing list