[Snort-devel] ide for snortsp 3.0

Nandala, Prashanth prashanth.nandala at ...2998...
Sat Jan 17 00:24:16 EST 2009


Hi Martin,

 

Sorry for replying in late.

I am using KDevelop for understanding the code flow, its threads and for
debugging snort in different modes.

As far I understood that snortsp 3.0 only uses the detection engine from
2.8.x all other modules like packet capture, packet decoding is re-written.
Am I correct? 

 

Could you help me in running snortsp 3.0 in IDS mode?

 

Thanks and Regards

Prashanth

 

  _____  

From: Martin Roesch [mailto:roesch at ...402...] 
Sent: Thursday, January 15, 2009 1:08 AM
To: prashanth.nandala at ...2998...
Cc: Snort-devel at lists.sourceforge.net
Subject: Re: ide for snortsp 3.0

 

Hi Prashanth,

You want an IDE for debugging?  Are you looking to debug data structures and
links or something else?  I used to use ddd pretty heavily back in the old
days of Snort 1.x to visualize the detection engine data structures at
runtime but that's just a GUI around gdb.

As for what I use these days, when I'm on Linux I generally use vim and just
gdb at the command line.  I have used Visual Slickedit in the past and liked
it a lot but it's generally only on my one dev system, vim is everywhere. :)

I do most of my developmemt on a Mac these days.  On the Mac I usually use
Xcode and sometimes use TextMate.  I still use vim for quick stuff when I'm
at the command line but for complex work I use Xcode (which has a gdb GUI
built-in).

Marty



On Wed, Jan 14, 2009 at 9:30 AM, Nandala, Prashanth
<prashanth.nandala at ...2998...> wrote:

Hi Martin and all,

 

Can any one suggest me an IDE (in Linux) to debug snortsp 3.0 beta version?

 

Martin, Can I know which tool or IDE have you used for the development of
snort?

 

 

Thanks and regards

Prashanth

 

_____________________________________________________________________ 

This e-mail message may contain proprietary, confidential or legally
privileged information for the sole use of the person or entity to whom this
message was originally addressed. Any review, e-transmission dissemination
or other use of or taking of any action in reliance upon this information by
persons or entities other than the intended recipient is prohibited. If you
have received this e-mail in error kindly delete this e-mail from your
records. If it appears that this mail has been forwarded to you without
proper authority, please notify us immediately at netadmin at ...2998... and
delete this mail. 
_____________________________________________________________________ 




-- 
Martin Roesch - Founder/CTO, Sourcefire Inc. - +1-410-290-1616
Sourcefire - Security for the Real World - http://www.sourcefire.com
Snort: Open Source IDP - http://www.snort.org


_____________________________________________________________________ 

This e-mail message may contain proprietary, confidential or legally privileged information for the sole use of the person or entity to whom this message was originally addressed. Any review, e-transmission dissemination or other use of or taking of any action in reliance upon this information by persons or entities other than the intended recipient is prohibited. If you have received this e-mail in error kindly delete this e-mail from your records. If it appears that this mail has been forwarded to you without proper authority, please notify us immediately at netadmin at ...2998... and delete this mail.
_____________________________________________________________________
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-devel/attachments/20090117/a4a7b314/attachment.html>


More information about the Snort-devel mailing list