1 Antwort
- Neueste
- Die meisten Stimmen
- Die meisten Kommentare
0
Hello Gabriel, It is possible to do this through the ByteMatch statements, though the hash of the malware needs to be known. The WAF Rule that you'd include would look something like this : ByteMatchSet | ByteMatch | Headers | Content-Type | 0 | eq | MD5 | ##################### (Known HASH). I've included a document below with the official AWS documentation that shows how to do this in different formats. https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-waf-bytematchset.html
beantwortet vor 10 Monaten
Relevanter Inhalt
- AWS OFFICIALAktualisiert vor 2 Jahren
- AWS OFFICIALAktualisiert vor einem Jahr
- AWS OFFICIALAktualisiert vor 2 Jahren
How are you obtaining the malware hashes and how do you expect them to be sent during a http request?