Snort mailing list archives
Graph based IDS
From: Florian Klickermann <florian.klickermann () gmail com>
Date: Fri, 10 May 2013 10:53:03 +0200
Hi, I'm a new user of snort and I want to develop a graph based IDS module for it. This graph based module should use the sniffed TCP/IP connections from snort to check if the connection is new or not. Therefore I need a Snort Specification document but i cant find it. I need the following Information for my project: - Which variable saves the IP address or can I create a rule which sends all IP connections to a file or a variable? - Through which API can I include my new module? - Do I need a new preprocessor for my project? Thanks in advance!
------------------------------------------------------------------------------ Learn Graph Databases - Download FREE O'Reilly Book "Graph Databases" is the definitive new guide to graph databases and their applications. This 200-page book is written by three acclaimed leaders in the field. The early access version is available now. Download your free book today! http://p.sf.net/sfu/neotech_d2d_may
_______________________________________________ Snort-devel mailing list Snort-devel () lists sourceforge net https://lists.sourceforge.net/lists/listinfo/snort-devel Archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-devel Please visit http://blog.snort.org for the latest news about Snort!
Current thread:
- Graph based IDS Florian Klickermann (May 10)