From: Jason Ish <jish@oisf.net>
Date: Wed, 8 May 2024 23:14:08 +0000 (-0600)
Subject: sslbl/ja3-fingerprints: use .tar.gz URL
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=e63df8348c31aeceec720d7c41f077864de6fd9d;p=thirdparty%2Fsuricata-intel-index.git

sslbl/ja3-fingerprints: use .tar.gz URL

Saves a bit of bandwidth.
---

diff --git a/index.yaml b/index.yaml
index 9f7ed07..ef05906 100644
--- a/index.yaml
+++ b/index.yaml
@@ -99,7 +99,7 @@ sources:
       If you are running Suricata, you can use the SSLBL's Suricata JA3 FingerprintRuleset to detect and/or block malicious SSL connections in your network based on the JA3 fingerprint. Please note that your need Suricata 4.1.0 or newer in order to use the JA3 fingerprint ruleset.
     vendor: Abuse.ch
     license: CC0-1.0
-    url: https://sslbl.abuse.ch/blacklist/ja3_fingerprints.rules
+    url: https://sslbl.abuse.ch/blacklist/ja3_fingerprints.tar.gz
     min-version: 4.1.0
     checksum: false