Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Re: ModSecurity CRS Parser

From: "Al Lewis (allewi)" <allewi () cisco com>
Date: Sun, 3 May 2015 18:50:39 +0000
Hello,

                An example for preprocessor development is included with the snort download. The steps are listed here 
http://manual.snort.org/node40.html .


Albert Lewis
QA Software Engineer
SOURCEfire, Inc. now part of Cisco
9780 Patuxent Woods Drive
Columbia, MD 21046
Phone: (office) 443.430.7112
Email: allewi () cisco com

From: Big Whale [mailto:d0lph1n98 () yahoo com]
Sent: Sunday, May 03, 2015 7:18 AM
To: snort-devel () lists sourceforge net
Subject: [Snort-devel] ModSecurity CRS Parser

Hello,

I want to develop a Snort dynamic preprocessor to parse  ModSecurity CRS. Is there any method to get the normalize HTTP 
traffic using HTTP_Inspect preprocessor and where can i find the Snort ruleset parser?

------------------------------------------------------------------------------
One dashboard for servers and applications across Physical-Virtual-Cloud 
Widest out-of-the-box monitoring support with 50+ applications
Performance metrics, stats and reports that give you Actionable Insights
Deep dive visibility with transaction tracing using APM Insight.
http://ad.doubleclick.net/ddm/clk/290420510;117567292;y
_______________________________________________
Snort-devel mailing list
Snort-devel () lists sourceforge net
https://lists.sourceforge.net/lists/listinfo/snort-devel
Archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-devel

Please visit http://blog.snort.org for the latest news about Snort!
Previous By Date Next
Previous By Thread Next

Current thread: