[Snort-devel] [ekr at ...168...: Re: format string in ssl dump]

Todd Lewis tlewis at ...120...
Tue Dec 19 14:16:37 EST 2000


Snort fellas, can we get some answers on this topic?  With just a little
direction, we could get some work done here...

(I hope everyone's not gone for Xmas.)

--
Todd Lewis                                       tlewis at ...120...

  God grant me the courage not to give up what I think is right, even
  though I think it is hopeless.          - Admiral Chester W. Nimitz

On Tue, 19 Dec 2000, Eric Rescorla wrote:

> > Did this discussion die or go private?
> I still haven't heard anything.
> 
> -Ekr
> 
> > --
> > Todd Lewis                                       tlewis at ...120...
> > 
> >   God grant me the courage not to give up what I think is right, even
> >   though I think it is hopeless.          - Admiral Chester W. Nimitz
> > 
> > On Sat, 16 Dec 2000, Eric Rescorla wrote:
> > 
> > > > I am not sure that I quite understand what you are wanting to do, but
> > > > from the messages I've seen, I think that there may be some overlap with
> > > > my work.  Let me run it past you and get your feedback.
> > > Probably the first question to ask is what Fyodor had in mind when he
> > > suggested that I "integrate ssldump into snort"?
> > > 
> > > I had sort of assumed that the idea here would be that I would
> > > modularize ssldump in such a way that snort's packet acquisition
> > > engine could pass packets to ssldump for interpretation/expansion
> > > and then pass the expanded view to the intrusion detection engine.
> > > 
> > > Fyodor, is this what you had in mind?
> > > 
> > > -Ekr
> > > 
> > > [Eric Rescorla                                   ekr at ...168...]
> > > 
> > 
> 
> 
> _______________________________________________
> Snort-devel mailing list
> Snort-devel at lists.sourceforge.net
> http://lists.sourceforge.net/mailman/listinfo/snort-devel
> 





More information about the Snort-devel mailing list