[squid-users] Re: [Snort-users] Commercial Advanced Packet Sniffers, how do they do this? Application signatures?

From: Dimitri Syuoul <dsyuoul_at_gmail.com>
Date: Fri, 22 Jan 2010 15:29:54 -0600

On Fri, Jan 22, 2010 at 2:42 PM, Richard Bejtlich <taosecurity_at_gmail.com> wrote:

>
> [1] http://taosecurity.blogspot.com/2006/09/port-independent-protocol.html
> [2] http://bro-ids.org/wiki/index.php/DynamicProtocolDetection
>

Interesting enough the L7-filter and IPP2P projects seem to be dead.

http://bro-ids.org/wiki/index.php/DynamicProtocolDetection is an
interesting concept but it appears to be general.. and doesnt seem to
be ready for production..

Dimitri
Received on Fri Jan 22 2010 - 21:30:05 MST

This archive was generated by hypermail 2.2.0 : Sat Jan 23 2010 - 12:00:05 MST