[Bro] Question on file hashes and cyrmu db
Doug Burks
doug.burks at gmail.com
Fri Aug 15 03:07:50 PDT 2014
On Thu, Aug 14, 2014 at 9:26 PM, Dave DeChellis <dave at dechellis.com> wrote:
> In the
> event there are no matches, could someone point me to some sample pcap files
> so I can test my scripts?
Hi Dave,
The following pcap generates a TeamCymruMalwareHashRegistry::Match for me:
https://github.com/markofu/workshop/blob/master/samples/pcaps/netforensics_evidence05.pcap
--
Doug Burks
Need Security Onion Training or Commercial Support?
http://securityonionsolutions.com
More information about the Bro
mailing list