[Oisf-users] [FORGED] Re: List of protection against attacks

Russell Fulton r.fulton at auckland.ac.nz
Wed Oct 26 22:01:32 UTC 2016


> On 27 Oct 2016, at 10:16, Andreas Herz <andi at geekosphere.org> wrote:
> 
> On 25/10/16 at 14:54, Vishal Kotalwar wrote:
>> Hi All,
>> 
>>    I know that suricata can detect various botnets, malwares and even DDoS
>> attack. But do we have a comprehensive list which lists all attacks, which
>> suricata can protect. And also whether ET rules support is required or not
>> for those attacks prevention.
> 
> This highly depends on the rulset you're using. You are not bound to ET
> rules but they are with the best support. There you have different
> categories and classification. From that you can create such an list.

Further more many of the detect rules are fairly generic in scope and apply to several different scenarios.  In essence there really is no answer to this question.

Russell


More information about the Oisf-users mailing list