[Oisf-users] Detecting Non SSL traffic over TCP 443
Özkan KIRIK
ozkan.kirik at gmail.com
Wed Nov 26 18:27:03 UTC 2014
Hi,
I need a rule that detects Non SSL traffic over TCP 443 Port.
I tried this rule, but it matches both SSL and Non SSL traffic.
alert tcp any any -> any 443 (msg: "Non TLS / SSL traffic ";
app-layer-protocol:!tls;)
What is wrong with this rule?
Best Regards,
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20141126/d140b417/attachment.html>
More information about the Oisf-users
mailing list