[Snort-users] IP- and Portvar buffer limit?

William Sandin william at ...15738...
Sun Aug 5 22:53:53 EDT 2012


OK! Thanks guys!

--
William Sandin
Security Researcher
http://www.e-cq.net/

On 08/05/2012 11:40 PM, Will Metcalf wrote:
> You are limited by a max line length of 32768 bytes...
> 
> On Sun, Aug 5, 2012 at 11:12 AM, Jeremy Hoel <jthoel at ...11827...> wrote:
>> Well I can tell you I've got about 80 or 80 different IPs for a number
>> of the variables.. no problems yet.  I haven't come across a limit
>> yet.
>>
>>
>>
>> On Sun, Aug 5, 2012 at 4:35 AM, William Sandin <william at ...15738...> wrote:
>>> Hi all,
>>>
>>> I've been snooping on the list now for a while. I'm very pleased to see
>>> there's such a strong and helpful Network Securty Monitoring community.
>>> Reading users answers and questions here have been a great help for me.
>>>
>>> My last few months of work have been involving NIDS - mainly SNORT. I
>>> have one question to you developers / more experienced users.
>>>
>>> Is there any limits off how much data you can put in the 'ip' and 'port'
>>> variables such as HOME_NET's - or can i basically add endless amounts of
>>> subnets, or 65,5536 ports one by one if I would be stubborn enough?
>>>
>>> Thanks!
>>>
>>> --
>>> William Sandin
>>> Security Researcher
>>> http://www.e-cq.net/
>>>
>>> ------------------------------------------------------------------------------
>>> Live Security Virtual Conference
>>> Exclusive live event will cover all the ways today's security and
>>> threat landscape has changed and how IT managers can respond. Discussions
>>> will include endpoint security, mobile security and the latest in malware
>>> threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
>>> _______________________________________________
>>> Snort-users mailing list
>>> Snort-users at lists.sourceforge.net
>>> Go to this URL to change user options or unsubscribe:
>>> https://lists.sourceforge.net/lists/listinfo/snort-users
>>> Snort-users list archive:
>>> http://www.geocrawler.com/redir-sf.php3?list=snort-users
>>>
>>> Please visit http://blog.snort.org to stay current on all the latest Snort news!
>>
>> ------------------------------------------------------------------------------
>> Live Security Virtual Conference
>> Exclusive live event will cover all the ways today's security and
>> threat landscape has changed and how IT managers can respond. Discussions
>> will include endpoint security, mobile security and the latest in malware
>> threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
>> _______________________________________________
>> Snort-users mailing list
>> Snort-users at lists.sourceforge.net
>> Go to this URL to change user options or unsubscribe:
>> https://lists.sourceforge.net/lists/listinfo/snort-users
>> Snort-users list archive:
>> http://www.geocrawler.com/redir-sf.php3?list=snort-users
>>
>> Please visit http://blog.snort.org to stay current on all the latest Snort news!
> 





More information about the Snort-users mailing list