Re: Re:Extracting URLS from snort logs

["S." <sleepy () maximumunix org>]

Hello

I havent written such a thing, the closest thing I wrote was using libipq on linux to process packets in user space, I 
programmed it to block http traffic that doesnt have a GET or post REQUEST, although this is easily worked around, it 
was just done for demonstration for a company I worked for. unfortunately I did not keep the code .anyway, I am working 
on ACID-XML for unix, and the xml parsing is done, including the packet payload so you might find this useful when I 
release it.

Good luck to you
Sleepy
http://www.maximumunix.org

  ----- Original Message ----- 
  From: Mahdi Kefaiati 
  To: S. 
  Cc: Snort Users 
  Sent: Tuesday, December 31, 2002 9:36 PM
  Subject: Re: [Snort-users] Re:Extracting URLS from snort logs


  In the Name of the Dearest

  Hi My Friend;

  I'm completely aware of all you said and I know how to program to gain what I want. The thing I wanted to know is 
that any body here knows, or has written such a handy script that makes all the things go well. I'm not going to invent 
the wheel for the second time ;).Please tell me if you or any of your friends know about such a program or script.

  Regards,

  Mahdi Kefayati





------------------------------------------------------------------------------
  Do you Yahoo!?
  Yahoo! Mail Plus - Powerful. Affordable. Sign up now