I want to ask you for help.
Help with writing 2 Snort rules!
rule 1: save information about images that are requested from the server
(choose the server name yourself)
rule 2: detect x.509 certificates in the traffic stream with the word “google”
(regardless of the registrar).
you can take any word that really will be there
I appreciate any thoughts!