[Oisf-users] Suricata 1.4 simple alert rule, first visit to website not triggering an alert

Eoin Miller eoin.miller at trojanedbinaries.com
Thu Jan 10 20:34:24 UTC 2013

Previous message (by thread): [Oisf-users] Suricata 1.4 simple alert rule, first visit to website not triggering an alert
Next message (by thread): [Oisf-users] Suricata 1.4 simple alert rule, first visit to website not triggering an alert
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 1/10/2013 19:57, Vincent Fang wrote:
> 
> alert http any any -> 207.86.164.0/24 <http://207.86.164.0/24> any (msg:
> "visiting businessweek")

Maybe try alert tcp instead of alert http.

-- Eoin

Previous message (by thread): [Oisf-users] Suricata 1.4 simple alert rule, first visit to website not triggering an alert
Next message (by thread): [Oisf-users] Suricata 1.4 simple alert rule, first visit to website not triggering an alert
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Oisf-users mailing list