Snort mailing list archives
Re: Custom signature question
From: "Joel Esler (jesler)" <jesler () cisco com>
Date: Thu, 9 Oct 2014 12:17:16 +0000
Yes, it is possible to do that with Snort. -- Joel Esler Open Source Manager Threat Intelligence Team Lead Talos On Oct 8, 2014, at 3:43 PM, Jeronimo L. Cabral <jelocabral () gmail com<mailto:jelocabral () gmail com>> wrote: Dear, I'm using a Cisco IPS from my ASA firewall but I can't make the following signature rule: "Block traffic from Internet to destination IP x.x.x.x from my DMZ matching the HTTP Host Header "www.company.com<http://www.company.com/>" Is it possible to make it with Snort ??? Thanks a lot, JeLo ------------------------------------------------------------------------------ Meet PCI DSS 3.0 Compliance Requirements with EventLog Analyzer Achieve PCI DSS 3.0 Compliant Status with Out-of-the-box PCI DSS Reports Are you Audit-Ready for PCI DSS 3.0 Compliance? Download White paper Comply to PCI DSS 3.0 Requirement 10 and 11.5 with EventLog Analyzer http://pubads.g.doubleclick.net/gampad/clk?id=154622311&iu=/4140/ostg.clktrk_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
------------------------------------------------------------------------------ Meet PCI DSS 3.0 Compliance Requirements with EventLog Analyzer Achieve PCI DSS 3.0 Compliant Status with Out-of-the-box PCI DSS Reports Are you Audit-Ready for PCI DSS 3.0 Compliance? Download White paper Comply to PCI DSS 3.0 Requirement 10 and 11.5 with EventLog Analyzer http://pubads.g.doubleclick.net/gampad/clk?id=154622311&iu=/4140/ostg.clktrk
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- Custom signature question Jeronimo L. Cabral (Oct 08)
- Re: Custom signature question Joel Esler (jesler) (Oct 09)