[Oisf-users] Malware detection trough Mail how?
Jay M.
jskier at gmail.com
Fri May 8 13:59:03 UTC 2015
You would need to sniff and often decrypt traffic somewhere between
the Internet and your mail gate. Encryption usually hinders this
process, and if you have a tap in place already, this is probably way
you aren't seeing anything. Ideally your mail gate would have AV and a
plethora of filter options to address e-mail malware.
--
Jay
jskier at gmail.com
On Fri, May 8, 2015 at 8:11 AM, Nick de Bruijn <nick_hyves at hotmail.com> wrote:
> Hello all,
>
> I can't figure out how I could use Suricata to detect malware.
>
> I want Suricata to detect malware sent in email attachments.
>
> Could someone explain me how I can do this?
>
> Now when I sent myself an EICAR file, Suricata doesn't recognize it.
>
> I would very much appreciate the help!
>
> Kind regards,
> Nick
>
> _______________________________________________
> Suricata IDS Users mailing list: oisf-users at openinfosecfoundation.org
> Site: http://suricata-ids.org | Support: http://suricata-ids.org/support/
> List: https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
> Suricata User Conference November 4 & 5 in Barcelona: http://oisfevents.net
More information about the Oisf-users
mailing list