[Snort-users] snort rule byte_test operator problem
babymagic_89 at ...131...
Tue May 15 12:57:32 EDT 2007
Dear Snort users,
I have been trying to figure out the snort rule option
For instance, we have
that will grab 4 bytes which happens to be "00 00 0F
So, in this case, how do I manually calculate to check
if the above 4 bytes are actually > 128 or not?
Problem is I do not know what does the value 128
represent? Is it in decimal?
Sorry, if my question sounds stupid, I really can't
Thanks in advance,
Moody friends. Drama queens. Your life? Nope! - their life, your story. Play Sims Stories at Yahoo! Games.
More information about the Snort-users