Snort mailing list archives
Rules for detecting IEC61850 GOOSE messages
From: Muhammad Talha Abdul Rashid <uchiha.lat () gmail com>
Date: Mon, 15 Dec 2014 12:33:52 +0800
Hi there, is it possible for Snort IDS to detect an attacks that exploited from IEC61850 GOOSE message protocol such as GOOSE DoS attack and GOOSE packet modification attack? If this is possible how and which part inside Snort IDS that needed to be modify or implemented a new code in order for the IDS to detect IEC61850 GOOSE-based attack?
------------------------------------------------------------------------------ Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server from Actuate! Instantly Supercharge Your Business Reports and Dashboards with Interactivity, Sharing, Native Excel Exports, App Integration & more Get technology previously reserved for billion-dollar corporations, FREE http://pubads.g.doubleclick.net/gampad/clk?id=164703151&iu=/4140/ostg.clktrk
_______________________________________________ Snort-sigs mailing list Snort-sigs () lists sourceforge net https://lists.sourceforge.net/lists/listinfo/snort-sigs http://www.snort.org Please visit http://blog.snort.org for the latest news about Snort!
Current thread:
- Rules for detecting IEC61850 GOOSE messages Muhammad Talha Abdul Rashid (Dec 14)
- Fwd: Rules for detecting IEC61850 GOOSE messages Muhammad Talha Abdul Rashid (Dec 14)