Snort mailing list archives
Technically speaking
From: G DINESH <mail2dinesh2001 () yahoo co in>
Date: Wed, 31 Mar 2004 13:10:01 +0100 (BST)
hi i m dinesh, I am student doing BE in Computers Science (India) and I m currently working on a project on Signature Based IDS. I m using snort as reference.Offcourse cannot make a better tool than heavy weight (!light weight IDS) snort.haha!!.Its a great tool !!!!well it goes without saying. I read the FAQ in snort, it gave me info about the OTN and RTN .Could u pleaze explain me more about the Tree and some tips that could help me . So far i've done with protocol decoding (IP,TCP,UDP using libpcap).Its quite difficult for me to follow the code of snort.I m not able to make up which file takes up the rules and constructs the tree, and checks the validation of the rules. are separate trees constructed for TCP,UDP,ICMP? how is the matching done ? Do u have any simple solution for me. One more thing i would like to ask is abt the LOGO of snort.Why the name "snort" and logo=pig ????????????????!!!! eager for yur reply thank u ________________________________________________________________________ Yahoo! India Insurance Special: Be informed on the best policies, services, tools and more. Go to: http://in.insurance.yahoo.com/licspecial/index.html ------------------------------------------------------- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Technically speaking G DINESH (Mar 31)
- Re: Technically speaking Matt Kettler (Mar 31)