[Oisf-users] suricata and ClamAV
Srinivasreddy R
srinivasreddy4390 at gmail.com
Wed Jul 12 18:38:27 UTC 2017
yes i am running suricata and executing wget
http://old.honeynet.org/scans/scan19/scan19.tar.gz .
The tar file has been downloaded to suricata file-store .Once i extract it
i get that pcap file .
My expectation is suricata calculates md5 hash of the file and matches with
md5 hash DB .
thanks
srinivas
On Thu, Jul 13, 2017 at 12:00 AM, Cooper F. Nelson <cnelson at ucsd.edu> wrote:
> That is a pcap file, not an extracted file.
>
> -Coop
>
> On 7/12/2017 11:26 AM, Srinivasreddy R wrote:
>
> I am able to see some results .
> The md5 hash i am searching is : 38e85119953076c904fd2105dfcb6cdb
>
>
> thanks
> srinivas
>
> On Wed, Jul 12, 2017 at 11:43 PM, Cooper F. Nelson <cnelson at ucsd.edu>
> wrote:
>
>> What happens if you search for the hash here?
>>
>> > https://www.virustotal.com/en/#search
>>
>> -Coop
>
>
> --
> Cooper Nelson
> Network Security Analyst
> UCSD ACT Security Teamcnelson at ucsd.edu x41042
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20170713/d62d815f/attachment-0002.html>
More information about the Oisf-users
mailing list