[Snort-users] tcp reassembled segments

jorbru30 at ...5068... jorbru30 at ...5068...
Wed Dec 19 16:55:19 EST 2012


I appreciate if any one can guide me how to configure snort inline to inspect tcp reassembled segments. 
I want to be able to block malicious traffic that spans across segments when snort is deployed inline and traffic matches a rule with action "drop". 


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20121219/b039c03e/attachment.html>

More information about the Snort-users mailing list