[prev in list] [next in list] [prev in thread] [next in thread] 

List:       snort-sigs
Subject:    [Snort-sigs] Inquiry about configuration file
From:       Mohamed Sayed <mohamed.sayed () invictux ! com>
Date:       2024-03-17 19:11:26
Message-ID: MA0P287MB0878142E62705671E2E5F3A4942E2 () MA0P287MB0878 ! INDP287 ! PROD ! OUTLOOK ! COM
[Download RAW message or body]

[Attachment #2 (multipart/alternative)]


Hi snort Team,

I hope you are doing well.
Kindly, could any one help me where I can put these two lines in the configuration \
file step-by-step and if I downloaded the subscription rules how I can add these two \
lines to show CVE number when running Snort 3 Over a PCAP. These are the Lines:
search_engine.detect_raw_tcp = true
alerts.log_references = true

Best Regards,




Mohamed Sayed

OT/ICS Cybersecurity Engineer

OT/ICS Services | Invictux



Your Security Is Our Responsibility

[mobilePhone]

+2 01119588936

[emailAddress]

Mohamed.Sayed@Invictux.com<mailto:Mohamed.Sayed@Invictux.com>

[website]

www.Invictux.com<https://www.invictux.com/>

[address]

Ashgar Darna Compound, Ring Rd, El-Basatin, Cairo .


[Attachment #5 (text/html)]

<html xmlns:v="urn:schemas-microsoft-com:vml" \
xmlns:o="urn:schemas-microsoft-com:office:office" \
xmlns:w="urn:schemas-microsoft-com:office:word" \
xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" \
xmlns="http://www.w3.org/TR/REC-html40"> <head>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
<meta name="Generator" content="Microsoft Word 15 (filtered medium)">
<!--[if !mso]><style>v\:* {behavior:url(#default#VML);}
o\:* {behavior:url(#default#VML);}
w\:* {behavior:url(#default#VML);}
.shape {behavior:url(#default#VML);}
</style><![endif]--><style><!--
/* Font Definitions */
@font-face
	{font-family:"Cambria Math";
	panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
	{font-family:Calibri;
	panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
	{font-family:Aptos;
	panose-1:2 11 0 4 2 2 2 2 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
	{margin:0in;
	font-size:11.0pt;
	font-family:"Calibri",sans-serif;}
a:link, span.MsoHyperlink
	{mso-style-priority:99;
	color:blue;
	text-decoration:underline;}
p.xmsonormal, li.xmsonormal, div.xmsonormal
	{mso-style-name:x_msonormal;
	margin:0in;
	font-size:11.0pt;
	font-family:"Calibri",sans-serif;}
.MsoChpDefault
	{mso-style-type:export-only;}
@page WordSection1
	{size:8.5in 11.0in;
	margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
	{page:WordSection1;}
--></style>
</head>
<body lang="EN-US" link="blue" vlink="#954F72" style="word-wrap:break-word">
<div class="WordSection1">
<p class="MsoNormal">Hi snort Team,</p>
<p class="MsoNormal"><o:p>&nbsp;</o:p></p>
<p class="MsoNormal">I hope you are doing well.</p>
<p class="MsoNormal">Kindly, could any one help me where I can put these two lines in \
the configuration file step-by-step and if I downloaded the subscription rules how I \
can add these two lines to show CVE number when running Snort 3 Over a PCAP.</p> <p \
class="MsoNormal">These are the Lines:<br> <span \
style="font-size:12.0pt;font-family:&quot;Courier \
New&quot;;color:black">search_engine.detect_raw_tcp = true</span><o:p></o:p></p> <p \
class="MsoNormal"><span style="font-size:12.0pt;font-family:&quot;Courier \
New&quot;;color:black">alerts.log_references = true<o:p></o:p></span></p> <p \
class="MsoNormal"><span style="font-size:12.0pt;font-family:&quot;Courier \
New&quot;;color:black"><o:p>&nbsp;</o:p></span></p> <p class="MsoNormal"><span \
style="font-size:12.0pt;font-family:&quot;Courier New&quot;;color:black">Best \
Regards,</span></p> <p class="MsoNormal"><o:p>&nbsp;</o:p></p>
<p class="xmsonormal"><span \
style="font-size:12.0pt;font-family:&quot;Aptos&quot;,sans-serif;color:black">&nbsp;</span></p>
 <table class="MsoNormalTable" border="0" cellspacing="0" cellpadding="0" width="560" \
style="width:420.2pt;background:white;border-collapse:collapse"> <tbody>
<tr style="height:104.9pt">
<td width="240" style="width:179.95pt;border:solid windowtext 1.0pt;padding:0in 0in \
0in 0in;height:104.9pt"> <p><b><span \
style="font-size:13.5pt;font-family:&quot;Aptos&quot;,sans-serif;color:black">Mohamed \
Sayed</span></b></p> <p style="line-height:16.5pt"><span \
style="font-size:10.5pt;font-family:&quot;Aptos&quot;,sans-serif;color:black">OT/ICS \
Cybersecurity Engineer</span></p> <p style="line-height:16.5pt"><span \
style="font-size:10.5pt;font-family:&quot;Aptos&quot;,sans-serif;color:black">OT/ICS \
Services&nbsp;| <b>Invictux</b></span></p>
<p style="line-height:16.5pt"><span \
style="font-size:10.5pt;font-family:&quot;Aptos&quot;,sans-serif;color:black">&nbsp;</span></p>
 <p style="line-height:16.5pt"><span \
style="font-size:10.5pt;font-family:&quot;Aptos&quot;,sans-serif;color:red">Your \
Security Is Our Responsibility</span></p> </td>
<td style="border:solid windowtext 1.0pt;border-left:none;padding:0in 0in 0in \
0in;height:104.9pt"> <table class="MsoNormalTable" border="0" cellspacing="0" \
cellpadding="0" width="312" style="width:233.7pt;border-collapse:collapse"> <tbody>
<tr style="height:24.05pt">
<td width="29" style="width:21.95pt;padding:0in 0in 0in 0in;height:24.05pt">
<table class="MsoNormalTable" border="0" cellspacing="0" cellpadding="0" width="29" \
style="width:21.95pt;border-collapse:collapse"> <tbody>
<tr style="height:19.9pt">
<td valign="bottom" style="padding:0in 0in 0in 0in;height:19.9pt">
<p><span style="font-size:13.5pt;font-family:&quot;Arial&quot;,sans-serif;color:black;background:#21586F"><img \
width="10" height="10" style="width:.1083in;height:.1083in" id="Picture_x0020_4" \
src="cid:image001.png@01DA7489.218C5F00" alt="mobilePhone"></span></p> </td>
</tr>
</tbody>
</table>
</td>
<td valign="bottom" style="padding:0in 0in 0in 0in;height:24.05pt">
<p><u><span style="font-size:9.0pt;font-family:&quot;Aptos&quot;,sans-serif;color:black">+2 \
01119588936</span></u></p> </td>
</tr>
<tr style="height:24.05pt">
<td width="29" style="width:21.95pt;padding:0in 0in 0in 0in;height:24.05pt">
<table class="MsoNormalTable" border="0" cellspacing="0" cellpadding="0" width="29" \
style="width:21.95pt;border-collapse:collapse"> <tbody>
<tr style="height:19.9pt">
<td valign="bottom" style="padding:0in 0in 0in 0in;height:19.9pt">
<p><span style="font-size:13.5pt;font-family:&quot;Arial&quot;,sans-serif;color:black;background:#21586F"><img \
width="10" height="10" style="width:.1083in;height:.1083in" id="Picture_x0020_3" \
src="cid:image002.png@01DA7489.218C5F00" alt="emailAddress"></span></p> </td>
</tr>
</tbody>
</table>
</td>
<td valign="bottom" style="padding:0in 0in 0in 0in;height:24.05pt">
<p><u><span style="font-size:9.0pt;font-family:&quot;Aptos&quot;,sans-serif;color:black"><a \
href="mailto:Mohamed.Sayed@Invictux.com" \
title="mailto:Mohamed.Sayed@Invictux.com">Mohamed.Sayed@Invictux.com</a></span></u></p>
 </td>
</tr>
<tr style="height:24.05pt">
<td width="29" style="width:21.95pt;padding:0in 0in 0in 0in;height:24.05pt">
<table class="MsoNormalTable" border="0" cellspacing="0" cellpadding="0" width="29" \
style="width:21.95pt;border-collapse:collapse"> <tbody>
<tr style="height:19.9pt">
<td valign="bottom" style="padding:0in 0in 0in 0in;height:19.9pt">
<p><span style="font-size:13.5pt;font-family:&quot;Arial&quot;,sans-serif;color:black;background:#21586F"><img \
border="0" width="19" height="19" style="width:.2in;height:.2in" id="Picture_x0020_5" \
src="cid:image003.png@01DA7489.218C5F00" alt="website"></span></p> </td>
</tr>
</tbody>
</table>
</td>
<td valign="bottom" style="padding:0in 0in 0in 0in;height:24.05pt">
<p><u><span style="font-size:9.0pt;font-family:&quot;Aptos&quot;,sans-serif;color:black"><a \
href="https://www.invictux.com/"><span \
style="color:black">www.Invictux.com</span></a></span></u></p> </td>
</tr>
<tr style="height:24.05pt">
<td width="29" style="width:21.95pt;padding:0in 0in 0in 0in;height:24.05pt">
<table class="MsoNormalTable" border="0" cellspacing="0" cellpadding="0" width="29" \
style="width:21.95pt;border-collapse:collapse"> <tbody>
<tr style="height:19.9pt">
<td valign="bottom" style="padding:0in 0in 0in 0in;height:19.9pt">
<p><span style="font-size:13.5pt;font-family:&quot;Arial&quot;,sans-serif;color:black;background:#21586F"><img \
border="0" width="19" height="19" style="width:.2in;height:.2in" id="Picture_x0020_6" \
src="cid:image004.png@01DA7489.218C5F00" alt="address"></span></p> </td>
</tr>
</tbody>
</table>
</td>
<td valign="bottom" style="padding:0in 0in 0in 0in;height:24.05pt">
<p><span style="font-size:9.0pt;font-family:&quot;Aptos&quot;,sans-serif;color:black">Ashgar \
Darna Compound, Ring Rd, El-Basatin, Cairo .</span></p> </td>
</tr>
</tbody>
</table>
</td>
</tr>
</tbody>
</table>
<p><span style="font-size:12.0pt;font-family:&quot;Aptos&quot;,sans-serif;color:black">&nbsp;</span></p>
 <p class="MsoNormal"><o:p>&nbsp;</o:p></p>
</div>
</body>
</html>


["82EB0C054B2F4310A5F878D06D3994E1[141866].png" (image/png)]
["142E4AEE0DF34F89B4620816BA9C5AFF[141867].png" (image/png)]
["FB11C9AB3ED84AC8B08C2F91BAD5119A[141868].png" (image/png)]
["A0DFE9AB9EDD40F7888105F62D0F1D0F[141869].png" (image/png)]

_______________________________________________
Snort-sigs mailing list
Snort-sigs@lists.snort.org
https://lists.snort.org/mailman/listinfo/snort-sigs

Please visit http://blog.snort.org for the latest news about Snort!

Please follow these rules: https://snort.org/faq/what-is-the-mailing-list-etiquette

Visit the Snort.org to subscribe to the official Snort ruleset, make sure to stay up \
to date to catch the most <a href=" \
https://snort.org/downloads/#rule-downloads">emerging threats</a>!

--===============0964508792314168921==--



[prev in list] [next in list] [prev in thread] [next in thread]

Configure | About | News | Add a list | Sponsored by KoreLogic