12034 – Add URLhaus malware rules to Suricata

Bug 12034 - Add URLhaus malware rules to Suricata

Summary: Add URLhaus malware rules to Suricata

Status:	CLOSED CANTFIX

Alias:	None

Product:	IPFire
Classification:	Unclassified
Component:	--- (show other bugs)
Version:	2
Hardware:	unspecified Unspecified

Importance:	- Unknown - - Unknown -
Assignee:	Stefan Schantl
QA Contact:

URL:
Keywords:

Depends on:
Blocks:	SURICATA
	Show dependency tree / graph

Reported:	2019-04-01 12:10 UTC by Michael Tremer
Modified:	2019-04-12 17:02 UTC (History)
CC List:	1 user (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Michael Tremer 2019-04-01 12:10:00 UTC

abuse.ch has a service that has some rules to block malware: https://urlhaus.abuse.ch/api/

I think it is a good idea to have this available on IPFire.

Comment 1 Stefan Schantl 2019-04-12 17:02:34 UTC

Sadly the download-able tarball is not compatible with oinkmaster!

Format For Printing
- XML
- Clone This Bug
- Top of page