[Bro] signature configuration
Sharath SN
shrtsns at gmail.com
Fri Dec 19 03:52:50 PST 2014
hi,
Can anyone suggest me how to add our own signatures. I had tried with below
code place it in policy/framework/signature/ssl_renegotiation.sig
signature ssl_renegotiation {
ip-proto == tcp
dst-port == 443
event "ssl renegotiation"
payload /.*\x14\x03/
}
but signature logs are not getting generated. could you please suggest me
what I'm doing wrong with this. dont mind if it is silly q'n.. I'm new this
bro..
Thanks for ur time,
shrtsns
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20141219/92138dc9/attachment.html
More information about the Bro
mailing list