[Snort-openappid] Analysis of Traffic Mid-stream

sripaduka R padukaietf at ...8...
Fri Jun 5 05:10:18 EDT 2015

Hi  all

Since I did not receive any reply ... wanted to know whether I ought to be
checking on some other snort mailing list.
The question of course is for midstream analysis specific to open appid ...


On Thu, Jun 4, 2015 at 7:57 PM, sripaduka R <padukaietf at ...8...> wrote:

> Hi all
> Is there any experience with the analysis/open appid based detection of
> traffic
> based on traffic intercepted mid stream [ as in the first few packets of
> the stream are dropped prior to reception to snort ] - will the open appid
> framework be able to figure out the flow & concerned app.
> What is the probability of a false positive or a false negative in such a
> scenario
> thanks
> sr
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-openappid/attachments/20150605/e1115a55/attachment.html>

More information about the Snort-openappid mailing list