Configuring Suricata to alert on Malicious files

IDSTower · July 22, 2022, 3:42pm

Learn how to configure Suricata IDS to alert on malicious files hashes in our latest blog post.

IDSTower has this feature (&more) configured out-of-the-box, moreover, it will download hashes IOCs from from free/commercial feeds and will push those indicators to Suricata automatically.

Feedback is appreciated!

noob_17 · July 22, 2022, 4:11pm

Will this work against an existing suricata installation?

IDSTower · July 22, 2022, 4:27pm

If you are asking about this feature, then yes, you can configure your current Suricata installation to do the same.

Topic		Replies	Views
Why suricata don't generate filehash for alerts Help	17	1838	September 15, 2023
Why you should use Suricata IDS to alert on IOCs Community Announcements	0	389	July 23, 2021
Notification from Suricata when it detects an attack? Help	2	156	November 28, 2023
Alert on specific filepath? Rules	1	787	December 23, 2020
No alert triggered on Malicious Files Hashes but found different hash value in eve.json Rules rules , suricata	6	283	October 28, 2023

Configuring Suricata to alert on Malicious files

Related Topics