Alex-Devera/tpotce
1
0
Fork 0
mirror of https://github.com/telekom-security/tpotce.git synced 2025-10-26 18:24:45 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2
1336 commits 9 branches 18 tags 393 MiB
Commit graph

5 commits

Author SHA1 Message Date
Andrea De Pasquale
620a909657 Suricata: improve setup/config for ETPRO ruleset 
PROBLEM (see #487)
- ET rule files start with the "emerging-*" prefix;
- ETPRO rule files do not start with that prefix.

SOLUTION
Concatenate all rule files, with the exception of "*disabled.rules",
into a single rule file at "/etc/suricata/rules/tpotce.rules"

I have left as-is the "sed" command that enables all commented-out
rules. Since that is usually done for performance reasons, maybe it
could be turned into a configuration option like the OINKCODE.

Another thing worth considering is to use "suricata-update" instead:
https://suricata-update.readthedocs.io/en/latest/quickstart.html
 2020-11-25 15:27:01 +01:00
t3chn0m4g3
78135df9e7 Bump Suricata to 5.0.0 2019-10-22 15:20:23 +00:00
t3chn0m4g3
c7e9015a5a Bump Suricata to 4.1.3 
Build with Rust
Enable JA3
Enable more protocols
Improve payload logging
... and more.
 2019-03-26 16:26:47 +00:00
listbot
6467a03d19 fix suricata ref location 2019-02-28 20:59:20 +00:00
Marco Ochse
0d5d80b1e3 include docker repos 
... skip emobility since it is a dev repo
 2017-10-13 18:58:14 +00:00