[Snort-devel] [ekr at ...168...: Re: format string in ssl dump]
ekr at ...168...
Sat Dec 16 18:49:35 EST 2000
> I am not sure that I quite understand what you are wanting to do, but
> from the messages I've seen, I think that there may be some overlap with
> my work. Let me run it past you and get your feedback.
Probably the first question to ask is what Fyodor had in mind when he
suggested that I "integrate ssldump into snort"?
I had sort of assumed that the idea here would be that I would
modularize ssldump in such a way that snort's packet acquisition
engine could pass packets to ssldump for interpretation/expansion
and then pass the expanded view to the intrusion detection engine.
Fyodor, is this what you had in mind?
[Eric Rescorla ekr at ...168...]
More information about the Snort-devel