Snort mailing list archives
Re: OpenAppID
From: "Al Lewis (allewi)" <allewi () cisco com>
Date: Thu, 26 Mar 2015 01:24:46 +0000
They should be here https://snort.org/downloads under the openAppID section. Open Detector Package (ODP) ================================================================================ ODP is a package that contains Cisco provided LUA detectors and some application meta data. Specifically, it contains the following artifacts: a. Application detectors in Lua language. b. Port detectors, which are port only application detectors, in meta-data in YAML format. c. appMapping.data file containing application metadata. This file should not be modified. The first column contains application identifier and last column contains application name. Other columns contain internal information. d. Lua library files DetectorCommon.lua, flowTrackerModule.lua and hostServiceTrackerModule.lua Albert Lewis QA Software Engineer SOURCEfire, Inc. now part of Cisco 9780 Patuxent Woods Drive Columbia, MD 21046 Phone: (office) 443.430.7112 Email: allewi () cisco com From: Michael Brown [mailto:mike.a.brown09 () gmail com] Sent: Wednesday, March 25, 2015 9:00 PM To: snort user list Subject: [Snort-users] OpenAppID Where can I download the detectors for OpenAppID? I am using this tutorial and it says about the detectors. http://blog.snort.org/2014/03/openappid-install-video.html. I can not find them. --- Thank you, Michael A. Brown mike.a.brown09 () gmail com<mailto:mike.a.brown09 () gmail com> M.S. Forensic Studies: Computer Forensics B.S. Information Technology: Network Specialist "The only thing necessary for the triumph of evil is for good men to do nothing" -Edmund Burke Confidentiality Note: This electronic message is solely for the intended recipient, and may not be viewed by any other person. Access by anyone else is unauthorized and may be unlawful, except with the express consent of either the sender or the intended recipient. If you are not the intended recipient, you are hereby notified that you may not read this E-Mail or any attachment, and any disclosure, copying distributing, using, printing or taking any action in reliance on the contents of this E-Mail is strictly prohibited. The contents of this E-Mail and/or its attachments may be legally confidential and/or privileged; no unintended disclosure is intended to waive any right of privilege or confidentiality, all of which rights are reserved to the fullest extent possible.
------------------------------------------------------------------------------ Dive into the World of Parallel Programming The Go Parallel Website, sponsored by Intel and developed in partnership with Slashdot Media, is your hub for all things parallel software development, from weekly thought leadership blogs to news, videos, case studies, tutorials and more. Take a look and join the conversation now. http://goparallel.sourceforge.net/
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- OpenAppID Michael Brown (Mar 25)
- Re: OpenAppID Al Lewis (allewi) (Mar 25)