Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Homebrew unified2 processing vs barnyard2

From: Joel Esler <jesler () sourcefire com>
Date: Mon, 19 Jul 2010 14:33:14 -0400
I used barnyard2 recently in a customer consulting engagement and it worked perfectly on Unified2.  

Joel

On Jul 19, 2010, at 2:24 PM, K D wrote:


Having spent a good amount of time away from snort and trying to get back into the swing of things, I was wondering 
what the current consensus was on barnyard vs homebrew unified2 parsing. Previously, I was doing unified parsing via 
a homebrew application, but looking forward, it seems like barnyard2 is the popular, stable, and standard app for the 
job. Anyone willing to persuade me otherwise?

Also, are you guys using any perl or python (preferred) libraries for unified2 file access? If so, what role do these 
play in your current configuration and how are they used in conjunction with or instead of barnyard?



------------------------------------------------------------------------------
This SF.net email is sponsored by Sprint
What will you do first with EVO, the first 4G phone?
Visit sprint.com/first -- http://p.sf.net/sfu/sprint-com-first
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: