[Snort-users] Download latest source for barnyard2 (securixlive.com is down)

Russ Combs rcombs at ...1935...
Thu Feb 3 13:12:37 EST 2011


On Thu, Feb 3, 2011 at 1:05 PM, Martin Holste <mcholste at ...11827...> wrote:

> > More advanced?
> > Stay tune in 2011 for BY2.
> >
>
> Advanced, as in, I can trivially code custom tasks like to do a lookup
> to my CMDB as alerts roll in, or <do whatever you want> with alert as
> it rolls in.  Or how about sending an RST?
> Net::RawIP->new({ip => { saddr => '1.1.1.1', daddr => '2.2.2.2' }, tcp
> => { source => 1000, dest => 80, rst => 1 }})->send();
> (Flexresp in Snort has been a nightmare for me.)
>
> Please send in any bugs if you haven't already.
Thanks
Russ

> > Perl is nice, but having perl running for a while can also create
> > surprises, mainly related to memory usage.
> > But if you have enough ram not to care i guess its all kosher.
> >
>
> ^^
> s/perl/any poorly tested program/i
>
> Anyway, the more the merrier--I look forward to your new code.
>
>
> ------------------------------------------------------------------------------
> Special Offer-- Download ArcSight Logger for FREE (a $49 USD value)!
> Finally, a world-class log management solution at an even better
> price-free!
> Download using promo code Free_Logger_4_Dev2Dev. Offer expires
> February 28th, so secure your free ArcSight Logger TODAY!
> http://p.sf.net/sfu/arcsight-sfd2d
> _______________________________________________
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20110203/e9eaa2d9/attachment.html>


More information about the Snort-users mailing list