]> git.ipfire.org Git - thirdparty/suricata.git/commitdiff
projects / thirdparty / suricata.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 798d874)
classification: add command-and-control classtype
authorJack Mott <jack@malwarefor.me>
Mon, 19 Aug 2019 19:36:30 +0000 (13:36 -0600)
committerVictor Julien <victor@inliniac.net>
Mon, 16 Sep 2019 09:38:38 +0000 (11:38 +0200)
Added new classtype 'command-and-control' to be used with more
general TROJAN/MALWARE categories to designate traffic between
infected machine and c2 server.

classification.config patch | blob | blame | history

diff --git a/classification.config b/classification.config
index 228737eaa355955563af62a242702c7849c803d2..d2fa5dcef83070045c3d1c630bb54cecb5d79193 100644 (file)
--- a/classification.config
+++ b/classification.config
@@ -75,3 +75,4 @@ config classification: pup-activity,Possibly Unwanted Program Detected,2
 config classification: credential-theft,Successful Credential Theft Detected,1
 config classification: social-engineering,Possible Social Engineering Attempted,2
 config classification: coin-mining,Crypto Currency Mining Activity Detected,2
+config classification: command-and-control,Malware Command and Control Activity Detected,1
Mirror of https://github.com/OISF/suricata.git