[Snort-openappid] Analysis of Traffic Mid-stream

sripaduka R padukaietf at ...8...
Thu Jun 4 10:27:39 EDT 2015


Hi all

Is there any experience with the analysis/open appid based detection of
traffic
based on traffic intercepted mid stream [ as in the first few packets of
the stream are dropped prior to reception to snort ] - will the open appid
framework be able to figure out the flow & concerned app.

What is the probability of a false positive or a false negative in such a
scenario

thanks
sr
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-openappid/attachments/20150604/22b47686/attachment.html>


More information about the Snort-openappid mailing list