Re: Snort++ Internals website

[Andy Swartzbaugh via Snort-devel <snort-devel () lists snort org>]

Russ,

I really appreciate your positive feedback. Your comments have convinced me
that the time it took me to build the web site was well spent.

Sure, I will keep this up to date and ask questions when I have them.
There are also a few features and topics that I will add that I believe
would be helpful.  The first topic will be events (alerts, logs, etc.),
which seem to be a common source of confusion.  I will also add
functionality to the packet viewer to show generated events.

The URL that I posted (www.os-forum.com/snort3) was blocked by some
security software.  This URL is a simple redirect to -
http://snort3project.eastus.cloudapp.azure.com/ - , which might not be
blocked.

My next project is to create an online lab environment in which people can
use Metasploit and Snort3 together.

Thanks,
Andy




On Tue, Oct 2, 2018 at 9:51 PM Russ via Snort-devel <
snort-devel () lists snort org> wrote:

> Awesome job Andy.  The packet viewer is pretty sweet.  We will
> definitely refer folks to this for a closer look at Snort 3.  Please
> reach out to us with any questions so we can help you keep this up to
> date as things change.  I'll do a close read through when I get a chance
> and respond with any comments.  Keep up the good work!
>
> Russ
>
> On 10/2/18 7:06 PM, Michael Altizer via Snort-devel wrote:
> > On 09/17/2018 10:52 AM, Andy Swartzbaugh via Snort-devel wrote:
> > > Hi,
> > >
> > > Over the last year, I've put together a web site that attempts to
> > > explain how Snort++ works by examining the underlying source code and
> > > supplementing the debugging.
> > < LINK REMOVED >
> > > I will continue to add material to the documentation and add features
> > > to the Packet Viewer tool.  I hope that at least a few people find
> > > the site interesting/useful.
> > >
> > > This website goes into perhaps more detail about the source code than
> > > the typical Snort++ administrator might need but I posted to the
> > > Snort++ general users mailing list as well since there is material
> > > that might interest some Snort++ administrators.
> > >
> > > Thanks,
> > > Andy
> > I originally missed this because our security software really didn't
> > like your original link, but this is great stuff.  Thanks! Maybe try
> > the raw Azure address next time to get a broader audience?
> > _______________________________________________
> > Snort-devel mailing list
> > Snort-devel () lists snort org
> > https://lists.snort.org/mailman/listinfo/snort-devel
> >
> > Please visit http://blog.snort.org for the latest news about Snort!
>
> _______________________________________________
> Snort-devel mailing list
> Snort-devel () lists snort org
> https://lists.snort.org/mailman/listinfo/snort-devel
>
> Please visit http://blog.snort.org for the latest news about Snort!
_______________________________________________
Snort-devel mailing list
Snort-devel () lists snort org
https://lists.snort.org/mailman/listinfo/snort-devel

Please visit http://blog.snort.org for the latest news about Snort!