conma293 at ...11827...
Wed May 21 00:07:21 EDT 2014
Im beginning to muddle around with tagging, can seemingly get the rules to
fire off quite easily and tag 'full' packets for x amount of time, bytes
But then this gets lumped into the U2 files and processed by Barnyard2 -->
what im wondering is how the packets in addition to the alerting packet get
processed by BY2 output so that it would come up as the whole payload in a
snorby or tripwire interface...
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Snort-users