[Snort-users] Snort++ Extras

Y M snort at ...15979...
Tue Dec 16 12:59:10 EST 2014


From: rucombs at ...589...
To: snort at ...15979...; snort-users at lists.sourceforge.net
Subject: RE: [Snort-users] Snort++ Extras
Date: Tue, 16 Dec 2014 17:56:35 +0000







Oops - try now.
-- Works perfectly. Thanks RussYM 




From: Y M [snort at ...15979...]

Sent: Tuesday, December 16, 2014 12:51 PM

To: snort-users

Subject: Re: [Snort-users] Snort++ Extras






I am getting 404 for the download links :)



YM





Date: Tue, 16 Dec 2014 17:07:13 +0000

Subject: Snort













Snort++ Extras


Posted: 16 Dec 2014 07:00 AM PST

Snort++ Extras
Snort++ is all about plugins. It has over 140 by default and makes it easy to add more in C++ or LuaJIT. This post will walk you through building and running a set of extra example plugins. If you haven't installed and verified Snort++, you will need to do
 that first. We will cover the following topics: 


OverviewDownloadBuild ExtrasRun ExtrasNext Steps
OVERVIEW
The following things are pluggable in Snort++: 


codec - decode and encode support for a given protocoldata - additional configuration for inspectorsinspector - replaces Snort preprocessorsips_option - IPS rule option like content and byte_testips_action - IPS rule action like alert and blocksearch_engine - fast pattern matcherlogger - event handersSO rules - dynamic rules
DOWNLOAD
There are two extra tarballs, once for autotools and one for cmake: 

    snort_extra-1.0.0-a1-130-auto.tar.gz
    snort_extra-1.0.0-a1-130-cmake.tar.gz
















 		 	   		  
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20141216/08267b47/attachment.html>


More information about the Snort-users mailing list