Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Re: OpenAppID

From: "Al Lewis (allewi)" <allewi () cisco com>
Date: Thu, 26 Mar 2015 01:24:46 +0000
They should be here https://snort.org/downloads under the openAppID section.


Open Detector Package (ODP)
================================================================================
ODP is a package that contains Cisco provided LUA detectors and some application
meta data. Specifically, it contains the following artifacts:
a. Application detectors in Lua language.

b. Port detectors, which are port only application detectors, in  meta-data in YAML format.

c. appMapping.data file containing application metadata. This file should not
   be modified.  The first column contains application identifier and last column
   contains application name.  Other columns contain internal information.

d. Lua library files DetectorCommon.lua, flowTrackerModule.lua and
   hostServiceTrackerModule.lua




Albert Lewis
QA Software Engineer
SOURCEfire, Inc. now part of Cisco
9780 Patuxent Woods Drive
Columbia, MD 21046
Phone: (office) 443.430.7112
Email: allewi () cisco com

From: Michael Brown [mailto:mike.a.brown09 () gmail com]
Sent: Wednesday, March 25, 2015 9:00 PM
To: snort user list
Subject: [Snort-users] OpenAppID

Where can I download the detectors for OpenAppID? I am using this tutorial and it says about the detectors. 
http://blog.snort.org/2014/03/openappid-install-video.html. I can not find them.
---
Thank you,

Michael A. Brown
mike.a.brown09 () gmail com<mailto:mike.a.brown09 () gmail com>
M.S. Forensic Studies: Computer Forensics
B.S. Information Technology: Network Specialist
"The only thing necessary for the triumph of evil is for good men to do nothing" -Edmund Burke


Confidentiality Note: This electronic message is solely for the intended recipient, and may not be viewed by any other 
person. Access by anyone else is unauthorized and may be unlawful, except with the express consent of either the sender 
or the intended recipient. If you are not the intended recipient, you are hereby notified that you may not read this 
E-Mail or any attachment, and any disclosure, copying distributing, using, printing or taking any action in reliance on 
the contents of this E-Mail is strictly prohibited. The contents of this E-Mail and/or its attachments may be legally 
confidential and/or privileged; no unintended disclosure is intended to waive any right of privilege or 
confidentiality, all of which rights are reserved to the fullest extent possible.



------------------------------------------------------------------------------
Dive into the World of Parallel Programming The Go Parallel Website, sponsored
by Intel and developed in partnership with Slashdot Media, is your hub for all
things parallel software development, from weekly thought leadership blogs to
news, videos, case studies, tutorials and more. Take a look and join the 
conversation now. http://goparallel.sourceforge.net/
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!
Previous By Date Next
Previous By Thread Next

Current thread: