https://community.cisco.com/t5/network-security/custom-sigs-for-apt-detection/m-p/2162090#M54044 <P>Hi</P><P></P><P>I'm totally new to writing any kind of custom signature, but was wondering if anyone has written any for APT detection?&nbsp; Specifically I'm looking at creating sigs for certain TCP packet info containing HTML and mime type info.&nbsp; Please let me know if this is possible.</P><P></P><P>Thanks</P><P>Damon</P> Sun, 10 Mar 2019 12:54:24 GMT damonrouse 2019-03-10T12:54:24Z https://community.cisco.com/t5/network-security/custom-sigs-for-apt-detection/m-p/2162090#M54044 <P>Hi</P><P></P><P>I'm totally new to writing any kind of custom signature, but was wondering if anyone has written any for APT detection?&nbsp; Specifically I'm looking at creating sigs for certain TCP packet info containing HTML and mime type info.&nbsp; Please let me know if this is possible.</P><P></P><P>Thanks</P><P>Damon</P> Sun, 10 Mar 2019 12:54:24 GMT https://community.cisco.com/t5/network-security/custom-sigs-for-apt-detection/m-p/2162090#M54044 damonrouse 2019-03-10T12:54:24Z https://community.cisco.com/t5/network-security/custom-sigs-for-apt-detection/m-p/2162091#M54045 <HTML><HEAD></HEAD><BODY><P>FYI...I opened a TAC case just now.</P></BODY></HTML> Fri, 22 Feb 2013 21:00:55 GMT https://community.cisco.com/t5/network-security/custom-sigs-for-apt-detection/m-p/2162091#M54045 damonrouse 2013-02-22T21:00:55Z https://community.cisco.com/t5/network-security/custom-sigs-for-apt-detection/m-p/2162092#M54046 <HTML><HEAD></HEAD><BODY><P>Hi Damon,</P><P></P><P>What you described definitly sounds possible.</P><P></P><P>You will need to be more specific though if you want help with that issue.</P><P></P><P>Regards</P><P></P><P>Neil Archibald</P><P>IPS Signature Team</P></BODY></HTML> Mon, 25 Feb 2013 12:23:11 GMT https://community.cisco.com/t5/network-security/custom-sigs-for-apt-detection/m-p/2162092#M54046 nearchib 2013-02-25T12:23:11Z