Just to get an understanding of how indicators of compromise works. Take For example, in this article, the SMB tool. There is a MD5 hash for it. So is my firewalls or IDS supposed to be able to detect this MD5 hash string? How would my firewalls and IDS going to check against this MD5 hash? I am a bit lost on the concept of indicators of compromise. thanks
Aucun commentaire:
Enregistrer un commentaire