dgavshin/custom.rules

Last active June 19, 2021 22:32

Star (0) You must be signed in to star a gist
Fork (0) You must be signed in to fork a gist

Learn more about clone URLs
Clone this repository at <script src="https://gist.github.com/dgavshin/b4efde33ab1055baf838e9d2075ab7f9.js"></script>
Save dgavshin/b4efde33ab1055baf838e9d2075ab7f9 to your computer and use it in GitHub Desktop.

Download ZIP

Suricata IPS rules for attack&defence game

Raw

custom.rules

drop tcp $HOME_NET $SERVICE_PORTS -> $EXTERNAL_NET any (msg:"Multiple flags leak detected"; pcre:"/(?:[A-Z0-9]{31}=.*){5,}/s"; sid:101; rev:1;)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment