[Snort-users] Passive OS Detection

Jyri Hovila jyri.hovila at ...2940...
Tue Sep 18 13:40:02 EDT 2001


 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi!

> Has anyone given any thought to adding passive OS detection as a
> reporting option - either through Snort directly, or perhaps as an
> option in ACID?

I think this is an excellent idea, definitely worth doing. IMO ACID
would be the right place to implement it; that way Snort logging
would not become any heavier. Are there any ACID developers on the
list?

- - Jyri



-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 7.0.3 for non-commercial use <http://www.pgp.com>

iQA/AwUBO6ew58nOVLzFbXXeEQIL6gCfXVFsvBed9R4yIfEBbGAvwGALMqIAoKPq
5XLi6+fSRfWknkq2YJNSd8sL
=t14f
-----END PGP SIGNATURE-----





More information about the Snort-users mailing list