Snort mailing list archives
Re: IP- and Portvar buffer limit?
From: Will Metcalf <william.metcalf () gmail com>
Date: Sun, 5 Aug 2012 11:40:45 -0500
You are limited by a max line length of 32768 bytes... On Sun, Aug 5, 2012 at 11:12 AM, Jeremy Hoel <jthoel () gmail com> wrote:
Well I can tell you I've got about 80 or 80 different IPs for a number of the variables.. no problems yet. I haven't come across a limit yet. On Sun, Aug 5, 2012 at 4:35 AM, William Sandin <william () e-cq net> wrote:Hi all, I've been snooping on the list now for a while. I'm very pleased to see there's such a strong and helpful Network Securty Monitoring community. Reading users answers and questions here have been a great help for me. My last few months of work have been involving NIDS - mainly SNORT. I have one question to you developers / more experienced users. Is there any limits off how much data you can put in the 'ip' and 'port' variables such as HOME_NET's - or can i basically add endless amounts of subnets, or 65,5536 ports one by one if I would be stubborn enough? Thanks! -- William Sandin Security Researcher http://www.e-cq.net/ ------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- Convert pcap file or snort log file to csv file to analysis, Dang Le Nam (Aug 05)
- IP- and Portvar buffer limit? William Sandin (Aug 05)
- Re: IP- and Portvar buffer limit? Jeremy Hoel (Aug 05)
- Re: IP- and Portvar buffer limit? Will Metcalf (Aug 05)
- Re: IP- and Portvar buffer limit? William Sandin (Aug 05)
- Re: IP- and Portvar buffer limit? Jeremy Hoel (Aug 05)
- IP- and Portvar buffer limit? William Sandin (Aug 05)
- Re: Convert pcap file or snort log file to csv file to analysis, Michael Wood (Aug 05)