Snort mailing list archives
Re: F5 BIG-IP
From: Y M <snort () outlook com>
Date: Fri, 10 Feb 2017 22:56:23 +0000
This FAQ provides good information about Shared Object Rule: https://www.snort.org/faq/shared-object-rules YM ________________________________ From: eternity336 () gmail com <eternity336 () gmail com> on behalf of Joshua Ochsankehl <joshua.ochsankehl () gmail com> Sent: Saturday, February 11, 2017 1:50:47 AM To: Y M Cc: snort-sigs () lists sourceforge net Subject: Re: [Snort-sigs] F5 BIG-IP Does that mean there is a plugin or process outside of the snort rule inspecting the traffic? On Fri, Feb 10, 2017 at 4:39 PM, Y M <snort () outlook com<mailto:snort () outlook com>> wrote: This is a gid:3 signature; a shared object rule. The detection part of a is a compiled object. What you see is the signature stub. YM ________________________________ From: Joshua Ochsankehl <joshua.ochsankehl () gmail com<mailto:joshua.ochsankehl () gmail com>> Sent: Saturday, February 11, 2017 1:31:26 AM To: snort-sigs () lists sourceforge net<mailto:snort-sigs () lists sourceforge net> Subject: [Snort-sigs] F5 BIG-IP Snort talos rules 41547-8 don't contain any content and only have commands within metadata. What is it actually doing? V/R, Joshua "Ox" Ochsankehl ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, SlashDot.org! http://sdm.link/slashdot _______________________________________________ Snort-sigs mailing list Snort-sigs () lists sourceforge net<mailto:Snort-sigs () lists sourceforge net> https://lists.sourceforge.net/lists/listinfo/snort-sigs http://www.snort.org Please visit http://blog.snort.org for the latest news about Snort! Visit the Snort.org to subscribe to the official Snort ruleset, make sure to stay up to date to catch the most <a href=" https://snort.org/downloads/#rule-downloads">emerging threats</a>!
------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, SlashDot.org! http://sdm.link/slashdot
_______________________________________________ Snort-sigs mailing list Snort-sigs () lists sourceforge net https://lists.sourceforge.net/lists/listinfo/snort-sigs http://www.snort.org Please visit http://blog.snort.org for the latest news about Snort! Visit the Snort.org to subscribe to the official Snort ruleset, make sure to stay up to date to catch the most <a href=" https://snort.org/downloads/#rule-downloads">emerging threats</a>!
Current thread:
- F5 BIG-IP Joshua Ochsankehl (Feb 10)
- Re: F5 BIG-IP Alex McDonnell (Feb 10)
- Re: F5 BIG-IP Y M (Feb 10)
- Re: F5 BIG-IP Joshua Ochsankehl (Feb 10)
- Re: F5 BIG-IP Y M (Feb 10)
- Re: F5 BIG-IP Joshua Ox (Feb 10)
- Re: F5 BIG-IP Geoffrey Serrao (Feb 10)
- Re: F5 BIG-IP Joshua Ochsankehl (Feb 10)