[Snort-devel] Snort's modules
pratik.cse.bits at ...2499...
Wed Jul 25 08:58:18 EDT 2012
I have been playing around with Snort for a while now. I am beginning to
wonder that apart from its Signatures being its biggest strength, what else
are the things on which Snort relies upon? Prima facie, the preprocessor
modules don't involve signatures- am I right here? Does Snort have an
Anomaly engine?? If not, i would be interested in knowing how all the
network stuff which cannot be detected via signatures (or you may say that
I do not wish to use signatures) can be detected with Snort?
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Snort-devel