Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Rules for detecting IEC61850 GOOSE messages

From: Muhammad Talha Abdul Rashid <uchiha.lat () gmail com>
Date: Mon, 15 Dec 2014 12:33:52 +0800
Hi there, is it possible for Snort IDS to detect an attacks that exploited
from IEC61850 GOOSE message protocol such as GOOSE DoS attack and GOOSE
packet modification attack?

If this is possible how and which part inside Snort IDS that needed to be
modify or implemented a new code in order for the IDS to detect IEC61850
GOOSE-based attack?

------------------------------------------------------------------------------
Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server
from Actuate! Instantly Supercharge Your Business Reports and Dashboards
with Interactivity, Sharing, Native Excel Exports, App Integration & more
Get technology previously reserved for billion-dollar corporations, FREE
http://pubads.g.doubleclick.net/gampad/clk?id=164703151&iu=/4140/ostg.clktrk
_______________________________________________
Snort-sigs mailing list
Snort-sigs () lists sourceforge net
https://lists.sourceforge.net/lists/listinfo/snort-sigs
http://www.snort.org


Please visit http://blog.snort.org for the latest news about Snort!
Previous By Date Next
Previous By Thread Next

Current thread: