[Oisf-devel] Suricata extension for layer 2 attacks
Awais Ali
awaisali901 at gmail.com
Fri Mar 6 15:36:59 UTC 2020
Hello all,
I am master student working in intrusion detection domain, now a days I am
working on possible extension of Suricata for layer 2 attacks.
I want to detect attacks in special layer 2 protocols like Goose, CDP etc.
If I want to detect the attacks in the payload of the Goose protocol then
there is no such solution since Suricata detects payload of layer 3 and
above.
There are many such special protocols in in layer 2 where if you want to
detect regular expressions/content in the payload then there is no such
solution.
I want to extend suricata in this domain by writing decoders of that
particular protocol the way we have for other protocols like tcp/udp above
layer 3.
I need to know how i can extend Suricata for layer 2?
I hope you will cooperate in this regard. I am looking forward to hearing
from you.
Thanks,
Awais Ali
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-devel/attachments/20200306/52f27e70/attachment.html>
More information about the Oisf-devel
mailing list