Use "TGI HUNT" instead of "SURICATA" on some rules.

Question

Use "TGI HUNT" instead of "SURICATA" on some rules.

jasonish opened this issue 4 years ago · comments

Hi Travis,

I got really confused as to where some "SURICATA TLS on unusual port" alerts were coming from and traced them back to this rule set. Any chance you could prefix these with "TGI HUNT" as well?

Thanks.

Travis Green commented 4 years ago

deleted

Travis Green · Answer 1 · Sat Apr 18 2020 02:52:46 GMT+0800 (China Standard Time)

I'll probably just delete them, they exist elsewhere for those that want them.

…

On Fri, Apr 17, 2020 at 12:41 PM Jason Ish ***@***.***> wrote: Hi Travis, I got really confused as to where some "SURICATA TLS on unusual port" alerts were coming from and traced them back to this rule set. Any chance you could prefix these with "TGI HUNT" as well? Thanks. — You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub <#4>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/AALCHHNLZWPB2CDU5QZNBQTRNCPHFANCNFSM4MK6THVA> .

-- (406) 284-1911 travisgreen.net PGP key <http://travisgreen.net/assets/travis@travisgreen.net.asc> calendly.com/travisgreen