[Oisf-users] What could be the reason behind this failure?
Blason R
blason16 at gmail.com
Mon Mar 12 03:49:04 UTC 2018
Hi team,
I am trying to load certain sigs/rules but its failing any reason why or
how do I debug it?
12/3/2018 -- 09:14:41 - <Error> - [ERRCODE: SC_ERR_INVALID_SIGNATURE(39)] -
error parsing signature "drop udp any any -> any 53 (msg: "CleanDNS_Phase1:
Malicious domain xxlvbrloxvriy2c5.onion";
content:"|10|xxlvbrloxvriy2c5|05|onion|00|"; nocase; reference:url,
app.threatconnect.com/auth/indicators/details/host.xhtml?host=xxlvbrloxvriy2c5.onion;
sid:5700006; rev:1;)" from file /etc/suricata/rules/dnstunnel.rules at line
9
12/3/2018 -- 09:14:41 - <Error> - [ERRCODE: SC_ERR_NO_RULES_LOADED(43)] -
Loading signatures failed.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20180312/8ea2692d/attachment.html>
More information about the Oisf-users
mailing list