<html><head><meta http-equiv="Content-Type" content="text/html charset=us-ascii"></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class=""><br class=""><div><blockquote type="cite" class=""><div class="">On 27 Oct 2016, at 20:38, Vishal Kotalwar <<a href="mailto:vishalkv@altencalsoftlabs.com" class="">vishalkv@altencalsoftlabs.com</a>> wrote:</div><br class="Apple-interchange-newline"><div class="">
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" class="">
<div bgcolor="#FFFFFF" text="#3333FF" class=""><p class="">Hi All,</p><p class=""> HTTP is a stateless protocol, so I would like to know why
does suricata have stateful parsing and how does it help suricata
in better detection?<br class=""></p></div></div></blockquote><div>This is not true in practice. Cookies are one means of allowing state to be preserved between request.</div><div><br class=""></div><br class=""><blockquote type="cite" class=""><div class=""><div bgcolor="#FFFFFF" text="#3333FF" class=""><p class="">
</p>
<br class="">
<div class="moz-signature">-- <br class="">
Thanks & Regards, <br class="">
Vishal V. Kotalwar</div>
</div>
_______________________________________________<br class="">Suricata IDS Users mailing list: <a href="mailto:oisf-users@openinfosecfoundation.org" class="">oisf-users@openinfosecfoundation.org</a><br class="">Site: <a href="http://suricata-ids.org" class="">http://suricata-ids.org</a> | Support: <a href="http://suricata-ids.org/support/" class="">http://suricata-ids.org/support/</a><br class="">List: <a href="https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users" class="">https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users</a><br class="">Suricata User Conference November 9-11 in Washington, DC: <a href="http://suricon.net" class="">http://suricon.net</a></div></blockquote></div><br class=""></body></html>