Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Re: [Snort-users] Interested in developing a preprocessor; want all the documentation I can get.

From: Joel Esler <jesler () sourcefire com>
Date: Tue, 13 Aug 2013 08:56:23 -0400
On Aug 12, 2013, at 9:52 PM, Tony Robinson <deusexmachina667 () gmail com> wrote:


this gives me a good starting point... Do you or anyone else for that matter know if the starter kit is compatible 
with the latest snort versions? I'm assuming so, since the web page refers to snort 2.9.4.x while the text doc in the 
tarball refers to snort 2.9.0.x

also specifically what I'm looking to do is take normalized traffic in either a passive or inline config and pass the 
cleaned up/reassembled traffic to prads or p0f for more accurate host detection, and in turn prads or p0f could be 
used to build more accurate stream 5 or frag 3 host policies.. makes sense, no?


It’s compatible.


------------------------------------------------------------------------------
Get 100% visibility into Java/.NET code with AppDynamics Lite!
It's a free troubleshooting tool designed for production.
Get down to code-level detail for bottlenecks, with <2% overhead. 
Download for free and get started troubleshooting in minutes. 
http://pubads.g.doubleclick.net/gampad/clk?id=48897031&iu=/4140/ostg.clktrk
_______________________________________________
Snort-devel mailing list
Snort-devel () lists sourceforge net
https://lists.sourceforge.net/lists/listinfo/snort-devel
Archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-devel

Please visit http://blog.snort.org for the latest news about Snort!
Previous By Date Next
Previous By Thread Next

Current thread: