Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Help with a rule

From: Joel Esler <jesler () sourcefire com>
Date: Sat, 19 Jan 2013 11:44:02 -0500
Dear Michael,

Thanks for your email.  I believe you will find what you are looking for here: http://manual.snort.org/node291.html


--
Joel Esler
Senior Research Engineer, VRT
OpenSource Community Manager
Sourcefire

On Jan 19, 2013, at 9:45 AM, Michael Bower <mbower2 () gmail com> wrote:


I am needing to  write a rule to look for file downloads of 2 files.  We have found some bytes that the 2 binaries 
have in common.  Is there a way to use these in a rule to alert me on download of the files or anything with the 
similar bytes?



------------------------------------------------------------------------------
Master Visual Studio, SharePoint, SQL, ASP.NET, C# 2012, HTML5, CSS,
MVC, Windows 8 Apps, JavaScript and much more. Keep your skills current
with LearnDevNow - 3,200 step-by-step video tutorials by Microsoft
MVPs and experts. SALE $99.99 this month only -- learn more at:
http://p.sf.net/sfu/learnmore_122912
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!
Previous By Date Next
Previous By Thread Next

Current thread: