[Snort-devel] ide for snortsp 3.0

Martin Roesch roesch at ...402...
Tue Jan 20 22:54:31 EST 2009


Hi Prashanth,

You are correct, the 2.8.x engine module is plugged into a new core
framework for packet handling, decode, flow management, etc.  Did you read
README.bridge for getting started instructions?

Marty

On Sat, Jan 17, 2009 at 12:24 AM, Nandala, Prashanth <
prashanth.nandala at ...2998...> wrote:

>  Hi Martin,
>
>
>
> Sorry for replying in late.
>
> I am using KDevelop for understanding the code flow, its threads and for
> debugging snort in different modes.
>
> As far I understood that snortsp 3.0 only uses the detection engine from
> 2.8.x all other modules like packet capture, packet decoding is re-written.
> Am I correct?
>
>
>
> Could you help me in running snortsp 3.0 in IDS mode?
>
>
>
> Thanks and Regards
>
> Prashanth
>
>
>  ------------------------------
>
> *From:* Martin Roesch [mailto:roesch at ...402...]
> *Sent:* Thursday, January 15, 2009 1:08 AM
> *To:* prashanth.nandala at ...2998...
> *Cc:* Snort-devel at lists.sourceforge.net
> *Subject:* Re: ide for snortsp 3.0
>
>
>
> Hi Prashanth,
>
> You want an IDE for debugging?  Are you looking to debug data structures
> and links or something else?  I used to use ddd pretty heavily back in the
> old days of Snort 1.x to visualize the detection engine data structures at
> runtime but that's just a GUI around gdb.
>
> As for what I use these days, when I'm on Linux I generally use vim and
> just gdb at the command line.  I have used Visual Slickedit in the past and
> liked it a lot but it's generally only on my one dev system, vim is
> everywhere. :)
>
> I do most of my developmemt on a Mac these days.  On the Mac I usually use
> Xcode and sometimes use TextMate.  I still use vim for quick stuff when I'm
> at the command line but for complex work I use Xcode (which has a gdb GUI
> built-in).
>
> Marty
>
>  On Wed, Jan 14, 2009 at 9:30 AM, Nandala, Prashanth <
> prashanth.nandala at ...2998...> wrote:
>
> Hi Martin and all,
>
>
>
> Can any one suggest me an IDE (in Linux) to debug snortsp 3.0 beta version?
>
>
>
> Martin, Can I know which tool or IDE have you used for the development of
> snort?
>
>
>
>
>
> Thanks and regards
>
> Prashanth
>
>
>
> _____________________________________________________________________
>
> This e-mail message may contain proprietary, confidential or legally
> privileged information for the sole use of the person or entity to whom this
> message was originally addressed. Any review, e-transmission dissemination
> or other use of or taking of any action in reliance upon this information by
> persons or entities other than the intended recipient is prohibited. If you
> have received this e-mail in error kindly delete this e-mail from your
> records. If it appears that this mail has been forwarded to you without
> proper authority, please notify us immediately at netadmin at ...2998... and
> delete this mail.
> _____________________________________________________________________
>
>
>
>
> --
> Martin Roesch - Founder/CTO, Sourcefire Inc. - +1-410-290-1616
> Sourcefire - Security for the Real World - http://www.sourcefire.com
> Snort: Open Source IDP - http://www.snort.org
>  _____________________________________________________________________
>
> This e-mail message may contain proprietary, confidential or legally
> privileged information for the sole use of the person or entity to whom this
> message was originally addressed. Any review, e-transmission dissemination
> or other use of or taking of any action in reliance upon this information by
> persons or entities other than the intended recipient is prohibited. If you
> have received this e-mail in error kindly delete this e-mail from your
> records. If it appears that this mail has been forwarded to you without
> proper authority, please notify us immediately at netadmin at ...2998... and
> delete this mail.
> _____________________________________________________________________
>



-- 
Martin Roesch - Founder/CTO, Sourcefire Inc. - +1-410-290-1616
Sourcefire - Security for the Real World - http://www.sourcefire.com
Snort: Open Source IDP - http://www.snort.org
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-devel/attachments/20090120/4284457d/attachment.html>


More information about the Snort-devel mailing list