[Snort-openappid] Analysis of Traffic Mid-stream
padukaietf at ...8...
Fri Jun 5 05:10:18 EDT 2015
Since I did not receive any reply ... wanted to know whether I ought to be
checking on some other snort mailing list.
The question of course is for midstream analysis specific to open appid ...
On Thu, Jun 4, 2015 at 7:57 PM, sripaduka R <padukaietf at ...8...> wrote:
> Hi all
> Is there any experience with the analysis/open appid based detection of
> based on traffic intercepted mid stream [ as in the first few packets of
> the stream are dropped prior to reception to snort ] - will the open appid
> framework be able to figure out the flow & concerned app.
> What is the probability of a false positive or a false negative in such a
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Snort-openappid