[Oisf-users] Discrepancies in Snort and Suricata alerts
Tags
| attack-pattern: | Data Domains - T1583.001 Domains - T1584.001 Malware - T1587.001 Malware - T1588.001 Server - T1583.004 Server - T1584.004 Connection Proxy - T1090 |
Common Information
| Type | Value |
|---|---|
| UUID | b56d292f-011e-4e7a-999c-c19ebb8b1407 |
| Fingerprint | 33d1f915cd465b9a |
| Analysis status | DONE |
| Considered CTI value | 0 |
| Text language | |
| Published | Sept. 25, 2018, midnight |
| Added to db | Jan. 18, 2023, 9:57 p.m. |
| Last updated | Nov. 18, 2024, 4:35 a.m. |
| Headline | [Oisf-users] Discrepancies in Snort and Suricata alerts |
| Title | [Oisf-users] Discrepancies in Snort and Suricata alerts |
| Detected Hints/Tags/Attributes | 31/1/32 |
Source URLs
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 2 | atomictrivia.ru |
|
| Details | Domain | 1 | setter.nss.udel.edu |
|
| Details | Domain | 1176 | gmail.com |
|
| Details | Domain | 1 | sp-alive-msg.databssint.com |
|
| Details | Domain | 1 | it-security-inc.com |
|
| Details | Domain | 1 | openinfosecfoundation.org |
|
| Details | Domain | 12 | suricata-ids.org |
|
| Details | Domain | 1 | lists.openinfosecfoundation.org |
|
| Details | Domain | 1 | suricon.net |
|
| Details | Domain | 1 | www.daemon-security.com |
|
| Details | File | 1 | atomic.php |
|
| Details | File | 1 | sp-alive-msg.dat |
|
| Details | File | 6 | www.dae |
|
| Details | File | 4 | attachment-0001.html |
|
| Details | md5 | 1 | 34e2350c2ed6a9a9e9d444102ae4dd87 |
|
| Details | IPv4 | 12 | 184.105.192.2 |
|
| Details | IPv4 | 1 | 128.4.73.143 |
|
| Details | IPv4 | 1 | 128.164.63.89 |
|
| Details | IPv4 | 1 | 54.243.209.194 |
|
| Details | IPv4 | 1 | 3.0.50.0 |
|
| Details | Url | 1 | http://atomictrivia.ru |
|
| Details | Url | 1 | http://184.105.192.2:80 |
|
| Details | Url | 1 | https://setter.nss.udel.edu:8443/en-us/app/search/search?q=search |
|
| Details | Url | 1 | http://128.164.63.89:51872 |
|
| Details | Url | 1 | http://54.243.209.194:80 |
|
| Details | Url | 3 | http://suricata-ids.org |
|
| Details | Url | 1 | http://suricata-ids.org/support |
|
| Details | Url | 1 | https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users |
|
| Details | Url | 1 | https://suricon.net |
|
| Details | Url | 1 | https://suricata-ids.org/training |
|
| Details | Url | 1 | https://www.daemon-security.com |
|
| Details | Url | 1 | http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20181003/c6c6c967/attachment-0001.html |