[Snort-devel] support for OLSR protocol in Snort

Vic O bugtrack2 at ...2499...
Wed Aug 3 15:28:49 EDT 2011


Hello all, I'm planning to develop a signature-based IDS for OLSR using
Snort as my detection engine. For a very
brief background, OLSR is a wireless ad-hoc routing protocol that is derived
from OSPF. For now, am keeping it simple,
so I do not plan to have router communication during the detection process.
My question is this: how should I approach this?
That is, should I simply make it a snort plugin (OLSR messages are sent
to/from port 698 using UDP), or should I attempt
to directly add OLSR functionality, treating it like protocols like
TCP/ICMP? Any suggestions?

Regards,

Vic
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-devel/attachments/20110803/289b1e61/attachment.html>


More information about the Snort-devel mailing list