[Snort-users] most usfull snort rules
amir.h.univ at ...11827...
Mon Sep 8 06:44:48 EDT 2014
Hey all ,
I'm trying to program a small sniffer that will be using the structure of
I want it to be very small so I need rally compact code(I will use C
So i wanted to know two things.
A. is there a place the specific which of the snort rules are the most
usefull, meaning what are the most pupullar "packets" that will be detect
for the avrege web user? for the begining somthing about 20 rules will be
B. I need to parse the rules into a data structure .I search in forums but
i havn't found what is the actual structure that snort use and how the
packet is being parse so it "feets" the strcuture of the rule....can somone
recommend on data structure ? about parser?
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Snort-users