Snort mailing list archives
Counting packets - Flow
From: Gurgen Hakobyan <hakobyan () outlook com>
Date: Thu, 24 Mar 2016 02:56:34 +0000
Hi, Is there a way to save a flow in Snort and count some type of packets within that flow? Let’s say my HTTP server gets contacted by a client, I save that flow and start counting the ACKs (or RST, etc.) that I send back to client? So once the counter reaches threshold, the alert is raised? Thanks, Gurgen ------------------------------------------------------------------------------ Transform Data into Opportunity. Accelerate data analysis in your applications with Intel Data Analytics Acceleration Library. Click to learn more. http://pubads.g.doubleclick.net/gampad/clk?id=278785351&iu=/4140 _______________________________________________ Snort-sigs mailing list Snort-sigs () lists sourceforge net https://lists.sourceforge.net/lists/listinfo/snort-sigs http://www.snort.org Please visit http://blog.snort.org for the latest news about Snort!
Current thread:
- Counting packets - Flow Gurgen Hakobyan (Mar 23)