[Snort-openappid] Analysis of Traffic Mid-stream

sripaduka R padukaietf at ...8...
Fri Jun 5 05:10:18 EDT 2015


Hi  all

Since I did not receive any reply ... wanted to know whether I ought to be
checking on some other snort mailing list.
The question of course is for midstream analysis specific to open appid ...

thanks
sr

On Thu, Jun 4, 2015 at 7:57 PM, sripaduka R <padukaietf at ...8...> wrote:

> Hi all
>
> Is there any experience with the analysis/open appid based detection of
> traffic
> based on traffic intercepted mid stream [ as in the first few packets of
> the stream are dropped prior to reception to snort ] - will the open appid
> framework be able to figure out the flow & concerned app.
>
> What is the probability of a false positive or a false negative in such a
> scenario
>
> thanks
> sr
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-openappid/attachments/20150605/e1115a55/attachment.html>


More information about the Snort-openappid mailing list