[Snort-users] Fwd: Rules for detecting IEC61850 GOOSE messages

Muhammad Talha Abdul Rashid uchiha.lat at ...11827...
Mon Dec 15 02:43:20 EST 2014


Hi there, is it possible for Snort IDS to detect an attacks that exploited
from IEC61850 GOOSE message protocol such as GOOSE DoS attack and GOOSE
packet modification attack?

If this is possible how and which part inside Snort IDS that needed to be
modify or implemented a new code in order for the IDS to detect IEC61850
GOOSE-based attack?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20141215/6c730bfd/attachment.html>


More information about the Snort-users mailing list