Github Twitter YouTube

Lost in Security (and mostly everything else)

 
Skip to content
  • About me
  • My GitHub Repos
  • Packet Analysis
  • SecurityOnion
  • Challenges
Home Page

Security Onion and Elsa issues

Herbie Zimmerman November 6, 2014 January 25, 2015SecurityOnion NSM, SecurityOnion 0

So the other day while reviewing alerts in Squert I noticed a lot of alerts triggering for ‘ET POLICY SSLv3 outbound connection from client vulnerable to POODLE attack.’ The rule for this is: alert tcp $EXTERNAL_NET [443,465,993,995,25] -> $HOME_NET any (msg:”ET POLICY SSLv3 outbound connection from client vulnerable to POODLE…

Continue reading

«‹91011
Powered by Nirvana & WordPress.