[Snort-sigs] Email Tracking Code Signature

Simeon Bush Sbush at ...3617...
Thu Oct 27 15:01:02 EDT 2011

I was wondering if snort has the capability to detect a tracking code in an email source code. I'm sure this rule/signature  would be expensive in terms of resource utilization. I've noticed that targeted phishing emails will have these embedded into the source code as a callback.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-sigs/attachments/20111027/8ee3bed7/attachment.html>

More information about the Snort-sigs mailing list