[Snort-users] Snort++ Extras
snort at ...15979...
Tue Dec 16 12:51:15 EST 2014
I am getting 404 for the download links :)
Date: Tue, 16 Dec 2014 17:07:13 +0000
Posted: 16 Dec 2014 07:00 AM PST
Snort++ ExtrasSnort++ is all about plugins. It has over 140 by default and makes it easy to add more in C++ or LuaJIT. This post will walk you through building and running a set of extra example plugins. If you haven't installed and verified Snort++, you will need to do that first. We will cover the following topics:
OverviewDownloadBuild ExtrasRun ExtrasNext StepsOVERVIEWThe following things are pluggable in Snort++:
codec - decode and encode support for a given protocoldata - additional configuration for inspectorsinspector - replaces Snort preprocessorsips_option - IPS rule option like content and byte_testips_action - IPS rule action like alert and blocksearch_engine - fast pattern matcherlogger - event handersSO rules - dynamic rulesDOWNLOADThere are two extra tarballs, once for autotools and one for cmake:
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Snort-users