Hosting Provided By

Re: [Snort-devel] snort_inline-1.9.1-2 release

From: pieter claassen <pieter(at)openauth.co.uk>
Date: Mon Mar 31 2003 - 05:02:22 EST

Hello Rob,

Sterling work on Snort_inline. Just a few questions if I may: 1. Are there any plans to support Snort 2.x and if so, when will that come?
2. Whenever I activate Snort_inling in bridging mode, then portscans slow down to a trickle. Can you think of a reason for this other than latency in the kernel vs. user space copying of packets? 3. Will the portscan preprocessor be integrated into snort_inline?( I guess that is a bit of an oxymoron because you can only identify a portscan by the number of packets that you have already let through in a time period)

Lastly, I am interested in understanding the snort_inline code a bit better. Is there any information or advice as to how I can do that?

Thanks in advanced.
Pieter

On Sun, 2003-03-30 at 19:29, Rob McMillen wrote:
> The Honeynet Project has updated snort_inline to include preprocessor support.

-- 
-----------------------------
Pieter Claassen
pieter@openauth.co.uk
http://www.openauth.co.uk

OpenAuth
Tel: 01344 390530
DDI: 01344 390630/390631
Fax number: 01344 390700
Mobile:  0776 665 6924

Highview House
Charles Square
Bracknell
Berkshire
RG12 1DF

TERMS AND CONDITIONS
(i)The information contained in this email and attachments is only
intended for the addressed recipient(s) and may not be distributed or
viewed by any other party without the explicit consent of the sender. If
you have received this message by accident, please contact Pieter
Claassen (pieter@openauth.co.uk) and destroy any electronic or physical
copies of the information contained in it, immediately.
(ii)This email is not certified to be virus free and OpenAuth accepts no
liability for losses arising from you receiving this email.
(iii)Any digital signatures (if present) used to authenticate this
email, only serves to allow you to verify the originating email address
of the sender and should not be relied upon to prove identity or base
financial transactions on, unless the Certificate Practice Statement
that the signature references, explicitly states differently.
(iv)This email may be subjected to further terms and conditions as
published on the company website at 
http://www.openauth.co.uk. If you
need to rely on the information contained in this email in any way, then
you should read those terms and conditions to understand how much you
can trust the information in this email.
(v)OpenAuth retains the copyright on any relevant material that is
included in this email.



-------------------------------------------------------
This SF.net email is sponsored by: ValueWeb: 
Dedicated Hosting for just $79/mo with 500 GB of bandwidth! 
No other company gives more support or power for your dedicated server
http://click.atdmt.com/AFF/go/sdnxxaff00300020aff/direct/01/
_______________________________________________
Do you need help? 
In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software:Learn more about Pantek's Technical Support offerings
Place an order for 24/7/365 Technical Support here
Learn more about Pantek, who we are, and what we do
Chat with a Live Operator
Related snort.org Links
snort-announce
snort-cvsinfo
snort-devel
snort-sigs
snort-users
Request more information about Pantek
Snort-devel mailing list
Snort-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/snort-devel

Received on Mon Mar 31 05:14:10 2003

This message: [ Message body ]
Next message: Rob McMillen: "Re: [Snort-devel] snort_inline-1.9.1-2 release"
In reply to Rob McMillen: "[Snort-devel] snort_inline-1.9.1-2 release"
Next in thread: Rob McMillen: "Re: [Snort-devel] snort_inline-1.9.1-2 release"
Reply: Rob McMillen: "Re: [Snort-devel] snort_inline-1.9.1-2 release"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:08:04 EDT