[Oisf-users] Sample script to lookup md5sums against virustotal or others
Cooper F. Nelson
cnelson at ucsd.edu
Wed Oct 16 15:35:32 UTC 2013
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Is there a way to tell suricata to only log the details of files of
certain types?
On 10/16/2013 4:35 AM, Victor Julien wrote:
> On 10/16/2013 11:33 AM, C. L. Martinez wrote:
>> Hi all,
>>
>> I would like to lookup files and md5's files downloaded from our
>> workstations with suricata (at first stage, exe, zips and pdf files)
>> against virustotal or others.
>>
>> Any sample??
>
> Check the contrib/file_processor directory in the source tar ball.
>
- --
Cooper Nelson
Network Security Analyst
UCSD ACT Security Team
cnelson at ucsd.edu x41042
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.17 (MingW32)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iQEcBAEBAgAGBQJSXrJEAAoJEKIFRYQsa8FW0z8IAKVvgM33INTwRnnHdjYMEBR4
4tY/W3fpub+XCOzwEO502ySWvYy2hIjBZVk9+uiyopg+pQvXfwEOZGQ3mbDtt3cw
1ZjboXCRKLHzyYAMRreBbD4KkI0EzsqxnmM48uvVWbwb5j7vXiK+6KxzZNK0nUl2
2p0VKcnTFV60zY5gFAz5zi+8fHnywrqakk48n7mTwO+5g6rdmoOgID8NqEWrtqVC
kmkSVGg6+BA7RV5CQueRAJhAlJqgBYkwtm4jsn1cfz305aN5oAS4hRDHiFecpek9
+BVp+1WeHui2DIH+QeI1IwqgThkAazPqOVk3ivHOstQA6U6w8Y8K73aR6sJFbUQ=
=DdcV
-----END PGP SIGNATURE-----
More information about the Oisf-users
mailing list