Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Tagged Packet in the new snort?

From: Yossi <yasayag () gmail com>
Date: Thu, 07 Mar 2013 10:20:03 +0200
Hi guys,
I'd like to know how the new version from snort 2.9.x handles with the situation when the payload is too big and the actually trigger for the alerting is somewhere deep in the payload.
In the older version I found the solution in the so-called "tag: Tagged Packet", but now I can find neither the signature "Tagged Packet" nor the trigger for gettingthe alert (and I searched for it very intensively) 

yoas

------------------------------------------------------------------------------
Symantec Endpoint Protection 12 positioned as A LEADER in The Forrester  
Wave(TM): Endpoint Security, Q1 2013 and "remains a good choice" in the  
endpoint security space. For insight on selecting the right partner to 
tackle endpoint security challenges, access the full report. 
http://p.sf.net/sfu/symantec-dev2dev
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!
Previous By Date Next
Previous By Thread Next

Current thread: