[Snort-openappid] OpenAppID custom detector
snort at outlook.com
Mon Apr 23 14:47:35 EDT 2018
I mistakenly stated that the tool exists under the bin folder. That’s wrong. Costas’s comment is the correct one.
From: Snort-openappid <snort-openappid-bounces at lists.snort.org> on behalf of Costas Kleopa (ckleopa) via Snort-openappid <snort-openappid at lists.snort.org>
Sent: Monday, April 23, 2018 9:40:12 PM
To: Deivison Xavier; snort-openappid at lists.snort.org
Subject: Re: [Snort-openappid] OpenAppID custom detector
For simple custom detectors, have you looked into using the appid_detector_builder.sh script under the tools/ folder? That should give you a good start.
From: Snort-openappid <snort-openappid-bounces at lists.snort.org> on behalf of Deivison Xavier via Snort-openappid <snort-openappid at lists.snort.org>
Reply-To: Deivison Xavier <deivisonvx at gmail.com>
Date: Monday, April 23, 2018 at 2:37 PM
To: "snort-openappid at lists.snort.org" <snort-openappid at lists.snort.org>
Subject: [Snort-openappid] OpenAppID custom detector
I am doing a college work on OpenAppID (Snort 22.214.171.124/Ubuntu16<http://126.96.36.199/Ubuntu16>). I'm having trouble creating a detector for a third-party application. I read OpenDetectorDeveloperGuide3.0n (https://www.snort.org/downloads/openappid/6328), but it was not clear how to customize a detector. Someone with knowledge about the subject?
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Snort-openappid