[Snort-users] Snort++ Extras

Y M snort at ...15979...
Tue Dec 16 12:51:15 EST 2014


I am getting 404 for the download links :)
YM

Date: Tue, 16 Dec 2014 17:07:13 +0000
Subject: Snort








Snort++ Extras


Posted: 16 Dec 2014 07:00 AM PST
Snort++ ExtrasSnort++ is all about plugins.  It has over 140 by default and makes it easy to add more in C++ or LuaJIT.  This post will walk you through building and running a set of extra example plugins.  If you haven't installed and verified Snort++, you will need to do that first.  We will cover the following topics: 
OverviewDownloadBuild ExtrasRun ExtrasNext StepsOVERVIEWThe following things are pluggable in Snort++: 
codec - decode and encode support for a given protocoldata - additional configuration for inspectorsinspector - replaces Snort preprocessorsips_option - IPS rule option like content and byte_testips_action - IPS rule action like alert and blocksearch_engine - fast pattern matcherlogger - event handersSO rules - dynamic rulesDOWNLOADThere are two extra tarballs, once for autotools and one for cmake: 
    snort_extra-1.0.0-a1-130-auto.tar.gz
    snort_extra-1.0.0-a1-130-cmake.tar.gz


 		 	   		  
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20141216/720746e0/attachment.html>


More information about the Snort-users mailing list