Can I use pcres in Suricata for UDP traffic?
I have a pattern that goes like this:
Starts with |00|, is followed by a variable number of ASCII characters in uppercase that can have at most length 22, followed by 12 |00| bytes, followed by 6 random bytes, followed by an md5 hash, foll… Continue reading Can I use pcres in Suricata for UDP traffic?