[Oisf-users] (no subject)
Cooper F. Nelson
cnelson at ucsd.edu
Mon Jun 17 18:25:56 UTC 2013
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
See the oinkmaster.conf file for lots of examples, like this:
> # Example to make SID 1378 a 'drop' rule (valid if you're running
> # Snort_inline).
> # modifysid 1378 "^alert" | "drop"
On 6/16/2013 4:03 AM, mouna amani wrote:
> I am using a framework to perform evasion techniques : TCP evasion
> technique,HTTP evasion techniques,IPV4 evasion techniques
> how make only this rules to drop using modifysid of oinkmaster
> help me please I am stick
> any advise or link that can be helpful.
>
>
>
> _______________________________________________
> Suricata IDS Users mailing list: oisf-users at openinfosecfoundation.org
> Site: http://suricata-ids.org | Support: http://suricata-ids.org/support/
> List: https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
> OISF: http://www.openinfosecfoundation.org/
>
- --
Cooper Nelson
Network Security Analyst
UCSD ACT Security Team
cnelson at ucsd.edu x41042
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.17 (MingW32)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iQEcBAEBAgAGBQJRv1S0AAoJEKIFRYQsa8FWHMEIAMhLjIeuODehqRRK3Ckiumfy
H9dAm82Xy8fB54NcjfLWaB6vPBOlRndL+DmBSFav9fdKatbZkBtDPuF+pgv9plfi
2wci8E1dNCkOlcJ16zHwLVtLDt4ZC40G0QIKuCEt2D+3UhQ+Nn3sRKRyTrGj6qW+
0Xz8UCILDS5IKM2lcr+/hvxCoXZ9ZUxJPq9MrVpu1M+XHrbezJiqwhrtyBr6EH3A
mHPFtSlk4yW6oCimkCew19wyFxgYCI3aRhxnHd9bIubQri08QUV5VyhGqpQK71Sc
f662GBurXoR9HLS7PfLDyJGk/8Ds8K3SEnR1wxS6NBgNtLtLz5QJ8JkjpfpgLIc=
=/x/b
-----END PGP SIGNATURE-----
More information about the Oisf-users
mailing list