[Oisf-devel] Deep Packet Inspection

Victor Julien victor at inliniac.net
Fri Apr 19 08:48:35 UTC 2013


On 04/19/2013 10:43 AM, Robert Clove wrote:
> I am all new to Suricata.
> First i would say a very nice project i have listened abut it from many
> people.
> I am keen interested in deep packet inspection of the packet,not in
> headers part,so can here please tell me what files in the source code
> belongs to deep packet analysis and what suricata covers in deep packet
> analysis part.
> As there is not much documentation available.

Please have a look at:

https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Suricata_User_Guide

More specifically at:

https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Payload_keywords
https://redmine.openinfosecfoundation.org/projects/suricata/wiki/HTTP-keywords
https://redmine.openinfosecfoundation.org/projects/suricata/wiki/File-keywords
https://redmine.openinfosecfoundation.org/projects/suricata/wiki/TLS-keywords

These all deal with inspection of payloads and streams.

-- 
---------------------------------------------
Victor Julien
http://www.inliniac.net/
PGP: http://www.inliniac.net/victorjulien.asc
---------------------------------------------




More information about the Oisf-devel mailing list