[Snort-devel] [Snort-users] Interested in developing a preprocessor; want all the documentation I can get.
jesler at ...402...
Tue Aug 13 08:56:23 EDT 2013
On Aug 12, 2013, at 9:52 PM, Tony Robinson <deusexmachina667 at ...2499...> wrote:
> this gives me a good starting point... Do you or anyone else for that matter know if the starter kit is compatible with the latest snort versions? I'm assuming so, since the web page refers to snort 2.9.4.x while the text doc in the tarball refers to snort 2.9.0.x
> also specifically what I'm looking to do is take normalized traffic in either a passive or inline config and pass the cleaned up/reassembled traffic to prads or p0f for more accurate host detection, and in turn prads or p0f could be used to build more accurate stream 5 or frag 3 host policies.. makes sense, no?
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Snort-devel