From: Jack Mott <jack@malwarefor.me>
Date: Mon, 19 Aug 2019 19:36:30 +0000 (-0600)
Subject: classification: add command-and-control classtype
X-Git-Tag: suricata-5.0.0-rc1~48
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=adcd7ce0ffd05d05030d7380c66055e26fa4d3e1;p=thirdparty%2Fsuricata.git

classification: add command-and-control classtype

Added new classtype 'command-and-control' to be used with more
general TROJAN/MALWARE categories to designate traffic between
infected machine and c2 server.
---

diff --git a/classification.config b/classification.config
index 228737eaa3..d2fa5dcef8 100644
--- a/classification.config
+++ b/classification.config
@@ -75,3 +75,4 @@ config classification: pup-activity,Possibly Unwanted Program Detected,2
 config classification: credential-theft,Successful Credential Theft Detected,1
 config classification: social-engineering,Possible Social Engineering Attempted,2
 config classification: coin-mining,Crypto Currency Mining Activity Detected,2
+config classification: command-and-control,Malware Command and Control Activity Detected,1