4. Grizzly Steppe - TA18-106A - Filter incoming protocols

Grizzly Steppe - TA18-106A - Filter incoming protocols

  • J

    I was reading through the information in Alert (TA18-106A) https://www.us-cert.gov/ncas/alerts/TA18-106A Russian State-Sponsored Cyber Actors Targeting Network Infrastructure Devices, aka Grizzly Steppe from US CERT. Near the bottom of that document it lists commands that may be used from the Internet to gather information. I am sure it is only the tip of the iceberg for the number of possibilities that are capable.

    What technology in a Firewall will inspect the Allowed incoming data stream and block these keywords? Would this be what Suricata and Snort are used for? Or is there a lighter weight alternative?

    So as I envision it. I have created a firewall, and set up rules to allow traffic, but now as the traffic is passed through if there are certain parts of the protocol that I don't want to transmit to the internal system the system will inspect, classify and block or filter.

    Perhaps a proxy is what I am looking for?

    Thanks!

    0
 

Products

Applications

Support

Services

News

Resources

Company

Our Mission

As host of the pfSense open source firewall project, Netgate believes in enhancing network connectivity that maintains both security and privacy. We also believe everyone should be able to afford it.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy