[Oisf-users] Endpoints outside of the US (Albert E. Whale, CEH CHS CISA CISSP)

Jag Mander jag at thecybersecurityexpert.com
Thu Jan 24 15:48:13 UTC 2019

As Coop explained cloud computing means your traffic could head to lots of
different countries.

I wondered if the Server Name Indication SNI field was present in the
traffic and does that help identify what the traffic is related to i.e.
onedrive, dropbox etc.


I can't tell you how this would work specifically in Suricata because we
use a different method to pull out SNI fields on SSL/TLS traffic.  Regards

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20190124/a74f5889/attachment.html>

More information about the Oisf-users mailing list