Project

General

Profile

Actions

Feature #2021

closed

doc: sha256 filesum extraction missing in documentation

Added by erik clark over 7 years ago. Updated over 5 years ago.

Status:
Closed
Priority:
Normal
Target version:
Effort:
low
Difficulty:
low
Label:
Beginner, Outreachy

Description

The following is missing from redmine documentation:

...
The routine is the same -
alert http any any -> any any (msg:"Black list checksum match and
extract SHA256"; filesha256:fileextraction-chksum.list; filestore;
sid:666; rev:1;)
and then the file - fileextraction-chksum.list in your rules directory
will contain the sha256 sums
...

Actions #1

Updated by Victor Julien over 7 years ago

  • Tracker changed from Support to Feature
  • Subject changed from sha256 filesum extraction missing in documentation to doc: sha256 filesum extraction missing in documentation
  • Assignee set to OISF Dev
  • Target version set to Documentation
Actions #2

Updated by Victor Julien over 5 years ago

  • Assignee changed from OISF Dev to Community Ticket
  • Target version changed from Documentation to TBD
  • Effort set to low
  • Difficulty set to low
  • Label Beginner, Outreachy added
Actions #3

Updated by Andreas Herz over 5 years ago

  • Status changed from New to Closed
Actions #4

Updated by Victor Julien about 3 years ago

  • Related to Task #4772: tracking: parity between fields logged and fields available for detection added
Actions #5

Updated by Victor Julien about 3 years ago

  • Related to deleted (Task #4772: tracking: parity between fields logged and fields available for detection)
Actions

Also available in: Atom PDF