Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
732
Views
0
Helpful
2
Replies

Custom Sigs for APT Detection

damonrouse
Level 1
Level 1

‎02-21-2013 02:45 PM - edited ‎03-10-2019 05:54 AM

Hi

I'm totally new to writing any kind of custom signature, but was wondering if anyone has written any for APT detection?  Specifically I'm looking at creating sigs for certain TCP packet info containing HTML and mime type info.  Please let me know if this is possible.

Thanks

Damon

Labels:
0 Helpful
2 Replies 2

damonrouse
Level 1
Level 1

‎02-22-2013 01:00 PM

FYI...I opened a TAC case just now.

0 Helpful

nearchib
Level 1
Level 1

‎02-25-2013 04:23 AM

Hi Damon,

What you described definitly sounds possible.

You will need to be more specific though if you want help with that issue.

Regards

Neil Archibald

IPS Signature Team

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card