Feature #2785: rules index update - add JA3 / SSL IP sources - Suricata-Update - Open Information Security Foundation

Actions

Feature #2785

open

rules index update - add JA3 / SSL IP sources

Added by Peter Manev almost 6 years ago. Updated over 5 years ago.

Status:

New

Priority:

Normal

Assignee:

Target version:

-

Effort:

Difficulty:

Label:

Description

The following public sets are also available form https://sslbl.abuse.ch/blacklist/ for Suricata 4.1.0+ :

JA3:
https://sslbl.abuse.ch/blacklist/ja3_fingerprints.rules

SSLIP
https://sslbl.abuse.ch/blacklist/sslipblacklist.rules

Maybe we can consider adding those to - https://www.openinfosecfoundation.org/rules/index.yaml

Actions

Also available in: Atom PDF