Snort mailing list archives
Re: Help with a rule
From: Kyle Creyts <kyle.creyts () gmail com>
Date: Tue, 10 Dec 2013 10:47:56 -0800
+1, flow analysis/session analysis seem like the right paths to examine. On Tue, Dec 10, 2013 at 10:09 AM, lists () packetmail net <lists () packetmail net
wrote:
On 12/10/2013 11:20 AM, Tyler MacPherson wrote:Any suggestions?I wouldn't use Snort for this, I'd use another method -- perhaps daemonlogger flow analysis, libnids, netflow, lib-pcap based session tracking, etc. Snort isn't the right tool here. Cheers, Nathan ------------------------------------------------------------------------------ Rapidly troubleshoot problems before they affect your business. Most IT organizations don't have a clear picture of how application performance affects their revenue. With AppDynamics, you get 100% visibility into your Java,.NET, & PHP application. Start your 15-day FREE TRIAL of AppDynamics Pro! http://pubads.g.doubleclick.net/gampad/clk?id=84349831&iu=/4140/ostg.clktrk _______________________________________________ Snort-sigs mailing list Snort-sigs () lists sourceforge net https://lists.sourceforge.net/lists/listinfo/snort-sigs http://www.snort.org Please visit http://blog.snort.org for the latest news about Snort!
-- Kyle Creyts Information Assurance Professional Founder BSidesDetroit
------------------------------------------------------------------------------ Rapidly troubleshoot problems before they affect your business. Most IT organizations don't have a clear picture of how application performance affects their revenue. With AppDynamics, you get 100% visibility into your Java,.NET, & PHP application. Start your 15-day FREE TRIAL of AppDynamics Pro! http://pubads.g.doubleclick.net/gampad/clk?id=84349831&iu=/4140/ostg.clktrk
_______________________________________________ Snort-sigs mailing list Snort-sigs () lists sourceforge net https://lists.sourceforge.net/lists/listinfo/snort-sigs http://www.snort.org Please visit http://blog.snort.org for the latest news about Snort!
Current thread:
- Help with a rule Tyler MacPherson (Dec 10)
- Re: Help with a rule lists () packetmail net (Dec 10)
- Re: Help with a rule Kyle Creyts (Dec 10)
- Re: Help with a rule Y M (Dec 10)
- Re: Help with a rule Joel Esler (jesler) (Dec 10)
- Re: Help with a rule lists () packetmail net (Dec 10)