Snort mailing list archives
byte_extract included on last snort v2.9.0.x!
From: rmkml <rmkml () yahoo fr>
Date: Sun, 24 Apr 2011 23:20:10 +0200 (CEST)
Hi, First, Thx you snort and SF Team for enhancing ids and ips world. Second, last snort v2.9.0.x included a "new" byte_extract keyword. If you are interested, looking a snort manual of course. This function appears since 2003 on ChangeLog, but enabled only on last snort version... It's a big help for enhancing detection (and reducing FP) on many protocols like snmp, dns, ldap, netbios... Happy Detect with Snort/Bro/Suricata/Azwalaro. Regards Rmkml ------------------------------------------------------------------------------ Fulfilling the Lean Software Promise Lean software platforms are now widely adopted and the benefits have been demonstrated beyond question. Learn why your peers are replacing JEE containers with lightweight application servers - and what you can gain from the move. http://p.sf.net/sfu/vmware-sfemails _______________________________________________ Snort-sigs mailing list Snort-sigs () lists sourceforge net https://lists.sourceforge.net/lists/listinfo/snort-sigs http://www.snort.org
Current thread:
- byte_extract included on last snort v2.9.0.x! rmkml (Apr 24)
- Re: byte_extract included on last snort v2.9.0.x! Patrick Mullen (Apr 25)