Feature #2021
closed
doc: sha256 filesum extraction missing in documentation
Added by erik clark over 7 years ago.
Updated over 5 years ago.
Label:
Beginner, Outreachy
Description
The following is missing from redmine documentation:
...
The routine is the same -
alert http any any -> any any (msg:"Black list checksum match and
extract SHA256"; filesha256:fileextraction-chksum.list; filestore;
sid:666; rev:1;)
and then the file - fileextraction-chksum.list in your rules directory
will contain the sha256 sums
...
- Tracker changed from Support to Feature
- Subject changed from sha256 filesum extraction missing in documentation to doc: sha256 filesum extraction missing in documentation
- Assignee set to OISF Dev
- Target version set to Documentation
- Assignee changed from OISF Dev to Community Ticket
- Target version changed from Documentation to TBD
- Effort set to low
- Difficulty set to low
- Label Beginner, Outreachy added
- Status changed from New to Closed
- Related to Task #4772: tracking: parity between fields logged and fields available for detection added
- Related to deleted (Task #4772: tracking: parity between fields logged and fields available for detection)
Also available in: Atom
PDF