[Snort-users] Question about the feature that to store a payload in the mysql

강명훈 mhkang589 at ...11827...
Fri Sep 18 00:01:50 EDT 2015


HI

I use the snort 2.9.0.4(win ver) being.
By the way, sometimes the two packets are stored in one.
Below the sample data_payload.

GET /blog.intro.section.screen HTTP/1.1 Host: blog.moneta.co.kr
Accept-Encoding:
gzip Accept-Language: ko-KR, en-US User-Agent: Mozilla/5.0 (Linux; U;
Android 2.3.3; ko-kr; IM-T100K Build/GINGERBREAD) AppleWebKit/533.1 (KHTML,
like Gecko) Version/4.0 Mobile Safari/533.1 Cookie: C2A=bgT%2C2%2C13;
F2C=tL5552xabzQ!; F2E=truese; F2G=F; GET
/view/intro/blogger_info_iframe.jsp HTTP/1.1 Host: blog.moneta.co.kr
Accept-Encoding:
gzip Referer: http://blog.moneta.co.kr/blog.intro.section.screen
Accept-Language:
ko-KR, en-US User-Agent: Mozilla/5.0 (Linux; U; Android 2.3.3; ko-kr;
IM-T100K Build/GINGERBREAD) AppleWebKit/533.1 (KHTML, like Gecko)
Version/4.0 Mobile Safari/533.1 Cookie:
JSESSIONID=q4MJTSRdnJyq3kf1QL4vvLgJG7LnL1JjdhJv36QgB2WnlmJftxyQ;

Can someone help me?
Thank you.

Best regards

-- 
-----------------------
Kang Myoung-hun
-----------------------
+82-10 6604 6084
kangmyounghun.blogspot.kr
kr.linkedin.com/pub/myounghun-kang/74/238/93a
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20150918/4fb795fd/attachment.html>


More information about the Snort-users mailing list