[Oisf-users] [Suricata with Cuckoo Question]
09
oualid.makhloufi at gmail.com
Thu Apr 5 21:10:52 UTC 2018
Hi all,
I want to use Suricata to extract http files in real time when my internal
users are downloading these files from internet and then pass these files
to Cuckoo sandbox to analyze them.
I know how to extract files and how to pass them to my Sandbox but the
question is how to do that in real time for example apply some qos on the
internal interface to delay the download when analyzing the file by cuckoo
(which can take up to 1 minute or more) and if there is something on the
file i want to stop the download and drop the packets to finish the
session.
Could anyone help me on this please ?
Thank you for your help,
Best regards,
Oualid
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20180405/218c9a72/attachment.html>
More information about the Oisf-users
mailing list