Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
I am need to understand how to configure and use correlation rules in sourcefire. Appreciate if anybody could share Sample correlation rules / Correlation Use Cases and steps to configure the same.
I need TLS negotiation logs for specific email communication. I checked "mail_log" file but the I could see only single line for TLS communication (ICID XXXX TLS success protocol TLSv1 cipher DHE-RSA-AES256-SHA) I want detailed negotiation logs to ch...
Please help me to understand this alert from Ironport ESA The Warning message is:Invalid SimpleFilter: Block_Pornography rule: <filters.URL_Category_Rule instance at 0x94a8a758>('egg/filters.py _walk_parts|3040', "<type 'exceptions.AttributeError'>",...
With (attachment-filename) filter it checks entire file name instead of extension which created lots of false positives.eg: I have added "hlp" in above filter but it is also blocking word file "M09 hlp.doc" as file name contains hlp key word.any solu...
