Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Counting packets - Flow

From: Gurgen Hakobyan <hakobyan () outlook com>
Date: Thu, 24 Mar 2016 02:56:34 +0000
Hi,

Is there a way to save a flow in Snort and count some type of packets within that flow?

Let’s say my HTTP server gets contacted by a client, I save that flow and start counting the ACKs (or RST, etc.) that I 
send back to client? So once the counter reaches threshold, the alert is raised?

Thanks,
Gurgen
------------------------------------------------------------------------------
Transform Data into Opportunity.
Accelerate data analysis in your applications with
Intel Data Analytics Acceleration Library.
Click to learn more.
http://pubads.g.doubleclick.net/gampad/clk?id=278785351&iu=/4140
_______________________________________________
Snort-sigs mailing list
Snort-sigs () lists sourceforge net
https://lists.sourceforge.net/lists/listinfo/snort-sigs
http://www.snort.org


Please visit http://blog.snort.org for the latest news about Snort!
Previous By Date Next
Previous By Thread Next

Current thread: