[Snort-devel] Regarding set wise pattern matcher
Hui Cao (huica)
huica at ...3461...
Wed Mar 5 10:13:01 EST 2014
You can find the pattern matcher from this file: snort/src/sfutil/bnfa_search.c
From: sri harsha <sriharsha9992 at ...2499...<mailto:sriharsha9992 at ...2499...>>
Date: Wednesday, March 5, 2014 at 7:40 AM
To: "snort-devel at lists.sourceforge.net<mailto:snort-devel at ...362....net>" <snort-devel at lists.sourceforge.net<mailto:snort-devel at ...2763...rge.net>>
Subject: [Snort-devel] Regarding set wise pattern matcher
I am using SNORT IDS and i am very much interested in its detection process. Snort uses set wise boyer moore horspool algorithm.
I am unable to locate the implementation of the algorithm in its source file. It would be really helpful if you can help me with explanation of this set wise detection engine.
In which source file is the implementation given ??
At what stage and for what purpose are AC and BMH algorithms used ??
Thank you in advance.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Snort-devel