[Oisf-devel] Deep Packet Inspection

Robert Clove cloverobert at gmail.com
Fri Apr 19 09:19:18 UTC 2013


Thanks for the reply but your links only tell the keywords that are being
used
i actually want to know the exact code files that come in action while
scanning payload


On Fri, Apr 19, 2013 at 2:18 PM, Victor Julien <victor at inliniac.net> wrote:

> On 04/19/2013 10:43 AM, Robert Clove wrote:
> > I am all new to Suricata.
> > First i would say a very nice project i have listened abut it from many
> > people.
> > I am keen interested in deep packet inspection of the packet,not in
> > headers part,so can here please tell me what files in the source code
> > belongs to deep packet analysis and what suricata covers in deep packet
> > analysis part.
> > As there is not much documentation available.
>
> Please have a look at:
>
>
> https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Suricata_User_Guide
>
> More specifically at:
>
>
> https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Payload_keywords
>
> https://redmine.openinfosecfoundation.org/projects/suricata/wiki/HTTP-keywords
>
> https://redmine.openinfosecfoundation.org/projects/suricata/wiki/File-keywords
>
> https://redmine.openinfosecfoundation.org/projects/suricata/wiki/TLS-keywords
>
> These all deal with inspection of payloads and streams.
>
> --
> ---------------------------------------------
> Victor Julien
> http://www.inliniac.net/
> PGP: http://www.inliniac.net/victorjulien.asc
> ---------------------------------------------
>
> _______________________________________________
> Suricata IDS Devel mailing list: oisf-devel at openinfosecfoundation.org
> Site: http://suricata-ids.org | Participate:
> http://suricata-ids.org/participate/
> List: https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-devel
> Redmine: https://redmine.openinfosecfoundation.org/
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-devel/attachments/20130419/2003136c/attachment-0002.html>


More information about the Oisf-devel mailing list