curben
/
phishing-filter
mirror of https://gitlab.com/malware-filter/phishing-filter
1
0
Fork 0
Code Issues Releases Wiki Activity

fix: unique sid 

- resolve conflict with urlhaus-filter
This commit is contained in:
MDLeom 2021-03-20 00:56:59 +00:00
parent fc9a18f10f
commit 153970064d
No known key found for this signature in database
GPG Key ID: 32D3E28E96A695E8
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/script.sh
View File

@ -231,7 +231,7 @@ rm -f "../dist/phishing-filter-snort2.rules" \
"../dist/phishing-filter-snort3.rules" \
"../dist/phishing-filter-suricata.rules"
SID="100000001"
SID="200000001"
while read DOMAIN; do
SN_RULE="alert tcp \$HOME_NET any -> \$EXTERNAL_NET [80,443] (msg:\"phishing-filter phishing website detected\"; flow:established,from_client; content:\"GET\"; http_method; content:\"$DOMAIN\"; content:\"Host\"; http_header; classtype:attempted-recon; sid:$SID; rev:1;)"