02-21-2013 02:45 PM - edited 03-10-2019 05:54 AM
Hi
I'm totally new to writing any kind of custom signature, but was wondering if anyone has written any for APT detection? Specifically I'm looking at creating sigs for certain TCP packet info containing HTML and mime type info. Please let me know if this is possible.
Thanks
Damon
02-22-2013 01:00 PM
FYI...I opened a TAC case just now.
02-25-2013 04:23 AM
Hi Damon,
What you described definitly sounds possible.
You will need to be more specific though if you want help with that issue.
Regards
Neil Archibald
IPS Signature Team
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide