[Snort-devel] the structure of Snort

Yves Boisjoly Yves.Boisjoly at ...37...
Wed Feb 4 03:02:10 EST 2004


I used Snort for more than one year as an Intrusion Detection System, assisted
by a Perl script of mine to collect every Intrusion IP address, block them
into iptable, and generate an HTML report of every source with their own open
ports. The latest part was accomplished with nmap from my Perl script.

If you want my source code, look for Master-Slave at sourceforge.net

Regards,
Yves



On Sun, 1 Feb 2004, Tao Peng wrote:

TP >Dear All,
TP >
TP >I am interested in hacking the source code of Snort, and intend to use
TP >snort as the traffic statistics collector. I was wondering is there any
TP >document introducing the structure of Snort? For example, which source
TP >code file is used to capture the packets, and how to call for the
TP >variables of captured packets? Any tips is highly appreciated!
TP >
TP >Best regards
TP >
TP >Tao
TP >
TP >
TP >-------------------------------
TP >Tao Peng
TP >CUBIN Research Centre,EEE Dept.
TP >Melbourne Uni., Australia
TP >Phone: + 61 3 8344 3822
TP >Fax:   + 61 3 8344 3821
TP >Mobile: 0402 947 026
TP >-------------------------------
TP >
TP >
TP >
TP >
TP >-------------------------------------------------------
TP >The SF.Net email is sponsored by EclipseCon 2004
TP >Premiere Conference on Open Tools Development and Integration
TP >See the breadth of Eclipse activity. February 3-5 in Anaheim, CA.
TP >http://www.eclipsecon.org/osdn
TP >_______________________________________________
TP >Snort-devel mailing list
TP >Snort-devel at lists.sourceforge.net
TP >https://lists.sourceforge.net/lists/listinfo/snort-devel
TP >

-- 

Yves Boisjoly, Administrateur systèmes UNIX
Yves.Boisjoly at ...37...





More information about the Snort-devel mailing list