OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • English Forums »
  • Intrusion Detection and Prevention »
  • Abuse.ch SSBL - more performant TLS ruleset?
« previous next »
  • Print
Pages: [1]

Author Topic: Abuse.ch SSBL - more performant TLS ruleset?  (Read 2825 times)

abulafia

  • Full Member
  • ***
  • Posts: 156
  • Karma: 8
    • View Profile
Abuse.ch SSBL - more performant TLS ruleset?
« on: October 13, 2021, 10:46:35 am »
https://sslbl.abuse.ch/blacklist/ states:

Quote
In addition, SSLBL provides a more performant Suricata ruleset that uses tls_cert_fingerprint instead of tls.fingerprint. Please use either the ruleset above (sslblacklist.rules) OR sslblacklist_tls_cert.rules from below. Do not use both of them at the same time.

...

In order to use the more perfomant Suricata ruleset avilable for download below, you must run Suricata 4.1.0 or newer.

https://sslbl.abuse.ch/blacklist/sslblacklist_tls_cert.rules

Would it be possible to replace the current SSLBL ruleset with the more performant TLS ruleset? Or add it as a custom ruleset?

(the "user defined" tab only seems to permit adding custom rules, not custom rulesets)
Logged
  • Print
Pages: [1]
« previous next »
  • OPNsense Forum »
  • English Forums »
  • Intrusion Detection and Prevention »
  • Abuse.ch SSBL - more performant TLS ruleset?
 

OPNsense is an OSS project © Deciso B.V. 2015 - 2024 All rights reserved
  • SMF 2.0.19 | SMF © 2021, Simple Machines
    Privacy Policy     | XHTML | RSS | WAP2