[Snort-openappid] 4th year student trying to use snort in their project

Shane Corridon shane.corridon at mycit.ie
Fri Mar 9 05:09:02 EST 2018

Hi All,

I am a 4th year I.T Management student in Cork Institute of Technology. I
am currently working on my Final year project. I am building an automated
open source software analyser and vulnerability detector. I wish to use
snort to analysis open source software that is downloaded from the web by
users. I am unsure how to use snort to analysis software downloads without
installing them on the machine.

The flow of my application is firstly a user downloads any free online
software, this will then be analysed using snort and lastly the download
will either be blocked or marked safe to use.

I need to use snort to examine the software source code and give a result
on whether or not the software is safe for the user to use.

Can you tell me:

   1. Is it possible to use snort to examine software downloads which have
   not yet been installed on the machine?
   2. what file paths is snort monitoring for executable software
   3. how does snort know what to analysis. is it looking for the file
   extension such as .exe?
   4. If the software downloads need to be installed before snort can scan
   them, then can I use a script to move the downloads into the appropriate
   paths so snort can analyse the download without it being installed?

Any help is greatly appreciated!

Best Regards
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-openappid/attachments/20180309/163315a2/attachment.html>

More information about the Snort-openappid mailing list