[Snort-devel] example of decoder and preprocessor rules

M. Ridwan Zalbina zalbinaridwan at ...2499...
Fri Aug 21 00:47:47 EDT 2015

Hello everyone,
I do a research about detection system based on snort for detecting
web attack(http protocol) like xss and injection(sqli)
which combine preprocessor and detection engine in snort.

In detection engine i already made it and use some approach using
regular expression
I want to make some rule or decision about packet anomaly in http_inspect

I've already read about the example of DECODER AND PREPROCESSOR rules, and
it's just show one example...

For that reason, is anybody have a suggestion about this or anyone made
this before.. ?

Sorry for my bad words..
M. Ridwan Zalbina
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-devel/attachments/20150821/af154817/attachment.html>

More information about the Snort-devel mailing list