Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Request for Anonymized Unified2 samples

From: beenph <beenph () gmail com>
Date: Tue, 31 Jan 2012 08:11:56 -0500
Greetings everyone,

since we have limited number of sample unified2 files we would like,
if possible; to get submission of
anonymized unified2 file containg  a wide range of events and packets
and hopefully EXTRA DATA
so we can stress test the new spooler design and the new schema.

If you end up submitting a anonymized unified2 file, it would be
greatly appreciated to also have the following elements:
- snort version and
- sid-msg.map  <file>
- gid-msg.map <file>
- classification.config <file>

You can anonymize your unified2 file by using u2_anon found @
https://github.com/binf/u2_anon

Note that plain original submission would also be appreciated.
All the file we receive will exclusively be used for testing and
debugging purpos and no information will be shared without permission
(for example if an issue in the structure of the unified2 is found and
the file need to be sended to SourceFire or OISF for details).

You can allways verify that your anonymized unified2 file does not
contain any data by using u2spewfoo (found in /tools/u2spewfoo in the
snort tarball).

This would be really appreciated.

Note that If your unified2 file is to big to get attached to a e-mail
do not hesitate to send us a link where we could download it.

Thanks you in advance,

Barnyard2 Team.

Ian Firns <firnsy , , gmail.com>
Eric Lauzon <beenph , , gmail.com

------------------------------------------------------------------------------
Keep Your Developer Skills Current with LearnDevNow!
The most comprehensive online learning library for Microsoft developers
is just $99.99! Visual Studio, SharePoint, SQL - plus HTML5, CSS3, MVC3,
Metro Style Apps, more. Free future releases when you subscribe now!
http://p.sf.net/sfu/learndevnow-d2d
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!
Previous By Date Next
Previous By Thread Next

Current thread: