Snort mailing list archives
Newbie question
From: "Foster, Ken" <KFoster () federatedinv com>
Date: Wed, 8 Dec 2004 15:58:53 -0500
I'm new to snort, so forgive simple question. I'm reading in a file in tcpdump format and it has a few Code Red II packets that I can see when I dump in hex, but I don't know why http inspect preprocessor isn't detecting it. Is it because Code Red is too old? Http inspect is detecting other packets so I know it's functioning to some degree. Thanks. -Ken Foster
Current thread:
- Newbie question Foster, Ken (Dec 08)