[Snort-devel] example of decoder and preprocessor rules

M. Ridwan Zalbina zalbinaridwan at ...2499...
Fri Aug 21 00:47:47 EDT 2015


Hello everyone,
I do a research about detection system based on snort for detecting
web attack(http protocol) like xss and injection(sqli)
which combine preprocessor and detection engine in snort.

In detection engine i already made it and use some approach using
regular expression
I want to make some rule or decision about packet anomaly in http_inspect
preprocessor.


I've already read about the example of DECODER AND PREPROCESSOR rules, and
it's just show one example...


For that reason, is anybody have a suggestion about this or anyone made
this before.. ?



Sorry for my bad words..
M. Ridwan Zalbina
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-devel/attachments/20150821/af154817/attachment.html>


More information about the Snort-devel mailing list