Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

adopt digitalbond/Quickdraw ICS rules into Malcolm's suricata instance #460

Open
mmguero opened this issue Apr 18, 2024 · 0 comments
Open

adopt digitalbond/Quickdraw ICS rules into Malcolm's suricata instance #460

mmguero opened this issue Apr 18, 2024 · 0 comments
Labels
enhancement New feature or request ics Relating to ICS (Industrial Control Systems) devices suricata
Milestone
v24.06.0

Comments

@mmguero
Copy link
Collaborator

mmguero commented Apr 18, 2024

See:

Tasks:

  • Examine suricata rules and either modify and add to Malcolm under here or adjust build to pull them in via git clone
  • Examine snort rules and convert to suricata, then do the same process as in the previous bullet
  • Examine any new variables that might need to be defined and determine if those need to be defined by the user, or if we can figure them out automatically or what
  • test based on PCAPs provided by those repos
@mmguero mmguero added enhancement New feature or request ics Relating to ICS (Industrial Control Systems) devices suricata labels Apr 18, 2024
@mmguero mmguero added this to the z.staging milestone Apr 18, 2024
@mmguero mmguero modified the milestones: z.staging, v24.06.0 May 15, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request ics Relating to ICS (Industrial Control Systems) devices suricata
Projects
Malcolm
Status: Todo (investigate)
Milestone
v24.06.0
Development

No branches or pull requests
1 participant
@mmguero