[Oisf-users] Detecting Non SSL traffic over TCP 443

Özkan KIRIK ozkan.kirik at gmail.com
Wed Nov 26 18:27:03 UTC 2014


I need a rule that detects Non SSL traffic over TCP 443 Port.

I tried this rule, but it matches both SSL and Non SSL traffic.
alert tcp any any -> any 443 (msg: "Non TLS / SSL traffic ";

What is wrong with this rule?

Best Regards,
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20141126/d140b417/attachment.html>

More information about the Oisf-users mailing list