Snort mailing list archives

Question about the feature that to store a payload in the mysql

From: 강명훈 <mhkang589 () gmail com>
Date: Fri, 18 Sep 2015 13:01:50 +0900

HI

I use the snort 2.9.0.4(win ver) being.
By the way, sometimes the two packets are stored in one.
Below the sample data_payload.

GET /blog.intro.section.screen HTTP/1.1 Host: blog.moneta.co.kr
Accept-Encoding:
gzip Accept-Language: ko-KR, en-US User-Agent: Mozilla/5.0 (Linux; U;
Android 2.3.3; ko-kr; IM-T100K Build/GINGERBREAD) AppleWebKit/533.1 (KHTML,
like Gecko) Version/4.0 Mobile Safari/533.1 Cookie: C2A=bgT%2C2%2C13;
F2C=tL5552xabzQ!; F2E=truese; F2G=F; GET
/view/intro/blogger_info_iframe.jsp HTTP/1.1 Host: blog.moneta.co.kr
Accept-Encoding:
gzip Referer: http://blog.moneta.co.kr/blog.intro.section.screen
Accept-Language:
ko-KR, en-US User-Agent: Mozilla/5.0 (Linux; U; Android 2.3.3; ko-kr;
IM-T100K Build/GINGERBREAD) AppleWebKit/533.1 (KHTML, like Gecko)
Version/4.0 Mobile Safari/533.1 Cookie:
JSESSIONID=q4MJTSRdnJyq3kf1QL4vvLgJG7LnL1JjdhJv36QgB2WnlmJftxyQ;

Can someone help me?
Thank you.

Best regards

-- 
-----------------------
Kang Myoung-hun
-----------------------
+82-10 6604 6084
kangmyounghun.blogspot.kr
kr.linkedin.com/pub/myounghun-kang/74/238/93a

------------------------------------------------------------------------------

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!

Current thread:

Question about the feature that to store a payload in the mysql 강명훈 (Sep 17)