[Emerging-Sigs] Question about Tor sig (2018789)

Jake Warren jake.warren at masergy.com
Tue Sep 23 14:20:51 EDT 2014


When you guys were QA'ing 2018789, did you measure how bad the performance
hit would be to include port 443? The reason I ask is because I'm seeing
this signature miss the majority of TOR traffic since most of the Tor
traffic I'm seeing is going out over 443 versus 9001.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.emergingthreats.net/pipermail/emerging-sigs/attachments/20140923/13635756/attachment.html>

More information about the Emerging-sigs mailing list