Cisco NetRanger not tripping customized STRINGS.TCP Signatures.
Hello, I will make this quick and simple.
I need to verify that my STRING.TCP regular expressions are working, 'MyTestStringMatchesThis.
I've used a browser from inside my network going to google.com and searching through google for my string. I know that the browsers traffic is touching the sensors interface because I used snoop on the promiscuous interface to see my browsers IP address. Check, I saw the traffic, but the signature did not trip.
Is there any special way I can test my new signature and trip it?
Questions 2, where can I find Cisco's documetation for NetRangers customer Signatures Regular Expressions Syntax?
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...