[Snort-sigs] byte_extract included on last snort v2.9.0.x!

rmkml rmkml at ...174...
Sun Apr 24 17:20:10 EDT 2011


Hi,
First, Thx you snort and SF Team for enhancing ids and ips world.
Second, last snort v2.9.0.x included a "new" byte_extract keyword.
If you are interested, looking a snort manual of course.
This function appears since 2003 on ChangeLog, but enabled only on last snort version...
It's a big help for enhancing detection (and reducing FP) on many protocols like snmp, dns, ldap, netbios...
Happy Detect with Snort/Bro/Suricata/Azwalaro.
Regards
Rmkml




More information about the Snort-sigs mailing list