[Snort-devel] example of decoder and preprocessor rules
Al Lewis (allewi)
allewi at ...3461...
Fri Aug 21 09:04:45 EDT 2015
The snort download has examples included. The example is also here: http://manual.snort.org/node40.html
Also… you should checkout snort++ (Snort3) which has made it easier to make custom plugin modules.
QA Software Engineer
SOURCEfire, Inc. now part of Cisco
9780 Patuxent Woods Drive
Columbia, MD 21046
Phone: (office) 443.430.7112
Email: allewi at ...3461...
From: M. Ridwan Zalbina [mailto:zalbinaridwan at ...2499...]
Sent: Friday, August 21, 2015 12:48 AM
To: snort-devel at lists.sourceforge.net
Subject: [Snort-devel] example of decoder and preprocessor rules
I do a research about detection system based on snort for detecting
web attack(http protocol) like xss and injection(sqli)
which combine preprocessor and detection engine in snort.
In detection engine i already made it and use some approach using
I want to make some rule or decision about packet anomaly in http_inspect preprocessor.
I've already read about the example of DECODER AND PREPROCESSOR rules, and it's just show one example...
For that reason, is anybody have a suggestion about this or anyone made this before.. ?
Sorry for my bad words..
M. Ridwan Zalbina
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Snort-devel