[Snort-openappid] OpenAppID rules

Carlos Rodriguez Hernandez crodriguezh.ext at ...109...
Wed Nov 4 13:13:32 EST 2015


Hello,

thanks Costas and Mike for your response.

Is it possible to know if in the future there will be rules to act?

So I understand that the purpose of OpenAppID is to detect applications on
the traffic or block traffic based on applications.
But that does not improve performance, I was thinking that if Snort
filtered by applications before going through the detection engine, this
would improve performance by reducing the number of rules to analyze.

Thanks for help,

-- 
Carlos Rodríguez Hernández
*Fellow Developer*
redborder.net | +34 609477932



This email, including attachments, is intended exclusively for its
addressee. It contains information that is CONFIDENTIAL whose disclosure is
prohibited by law and may be covered by legal privilege. If you have
received this email in error, please notify the sender and delete it from
your system.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-openappid/attachments/20151104/ebf82407/attachment.html>


More information about the Snort-openappid mailing list