[Snort-devel] Snort's modules

Pratik Narang pratik.cse.bits at ...2499...
Wed Jul 25 08:58:18 EDT 2012


Hi all,

I have been playing around with Snort for a while now. I am beginning to
wonder that apart from its Signatures being its biggest strength, what else
are the things on which Snort relies upon? Prima facie, the preprocessor
modules don't involve signatures- am I right here? Does Snort have an
Anomaly engine?? If not, i would be interested in knowing how all the
network stuff which cannot be detected via signatures (or you may say that
I do not wish to use signatures) can be detected with Snort?

Thanks...
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-devel/attachments/20120725/addac89f/attachment.html>


More information about the Snort-devel mailing list