[Oisf-users] Large list of domains in Suricata?
mikael vingaard
mikaelvingaard at gmail.com
Tue Mar 11 13:22:40 UTC 2014
Hello oisf-users,
This is my first posting on this list, I have looked in FAQ/Google but
can't find
what I am looking for, please point me in the right direction if my
question are
already documented somewhere.
I would like to use a large list of domains (100+) to block/alert in
Suricata.
Using a rule with {domain1,domain2,domain3} would be too cumbersome,
but I has found a method of blocking MD5 sums (source
http://blog.inliniac.net/2012/06/09/suricata-md5-blacklisting/)
-almost similar to what I would like to achieve with domains.
Could someone assist me in writing a similar rule with domains
Many thanks in advance for any feedback/input.
Mikael
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20140311/3413dc40/attachment.html>
More information about the Oisf-users
mailing list