Snort mailing list archives
Re: Snort and encapsulation
From: Russ <rucombs () cisco com>
Date: Tue, 7 Feb 2017 08:47:40 -0500
If it winds up in Snort 2.X, it will also be in Snort 3.0, possibly sooner. On 2/7/17 8:39 AM, Cynthia Leonard (cyleonar) wrote:
Hi Ana, It’s not in the current plan for Snort 3.0. I am not aware of any tool for this , I have not really looked for one.It shouldn’t be too hard to parse the packet , look for VXLAN header based on the VXLAN port and then pass the inner packet to Snort for detection.Regards Cynthia *From:*Ana Serrano Mamolar [mailto:B00315494 () studentmail uws ac uk] *Sent:* Monday, February 6, 2017 11:27 PM*To:* Cynthia Leonard (cyleonar) <cyleonar () cisco com>; snort-users () lists sourceforge net*Subject:* Re: Snort and encapsulation *Importance:* High Thanks Cynthia,Do you know if it will be in short feature, like final version of Snort 3.0 ?If not, do you know if there any other external module that I could use? I would need for my research.Thanks. ------------------------------------------------------------------------*From:*Cynthia Leonard (cyleonar) <cyleonar () cisco com <mailto:cyleonar () cisco com>>*Sent:* 06 February 2017 17:55:06*To:* Ana Serrano Mamolar; snort-users () lists sourceforge net <mailto:snort-users () lists sourceforge net>*Subject:* RE: Snort and encapsulation Hi Ana, Today Snort does not support VXLAN encapsulation. In future, yes, there is plan to support . Regards Cynthia *From:*Ana Serrano Mamolar [mailto:B00315494 () studentmail uws ac uk] *Sent:* Monday, February 6, 2017 11:05 PM*To:* snort-users () lists sourceforge net <mailto:snort-users () lists sourceforge net>*Subject:* [Snort-users] Snort and encapsulation Hi,Does anybody knows if Snort support ( or plan to support) VXLAN encapsulation?Thanks ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, SlashDot.org! http://sdm.link/slashdot _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, SlashDot.org! http://sdm.link/slashdot
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- Snort and encapsulation Ana Serrano Mamolar (Feb 06)
- Re: Snort and encapsulation Cynthia Leonard (cyleonar) (Feb 06)
- Re: Snort and encapsulation Ana Serrano Mamolar (Feb 06)
- Re: Snort and encapsulation Cynthia Leonard (cyleonar) (Feb 07)
- Re: Snort and encapsulation Russ (Feb 07)
- Re: Snort and encapsulation Ana Serrano Mamolar (Feb 06)
- Re: Snort and encapsulation Cynthia Leonard (cyleonar) (Feb 06)