[Oisf-users] Suricata parsers
Peter Bates
peter.bates at ucl.ac.uk
Mon Nov 7 16:07:40 UTC 2011
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hello all
I've had my eye on Suricata for a while - but decided to take more of
a plunge with 1.1rc1 - primarily as a drop-in replacement for a Snort
2.9.x/Barnyard2 setup.
All seems well, and I'm still running Suricata foregrounded for now.
As in previous tests, I'm still seeing a lot of 'AppLayerParse'
errors, particularly in http/tls but also smtp protocols.
The machine (and network) is quite busy - is there some way to dump
these unusual packets - presumably they are in violation of the
particular protocol and it might be useful I guess to capture them.
Thanks.
- --
Peter Bates
Senior Computer Security Officer Phone: +44(0)2076792049
Information Services Division Internal Ext: 32049
University College London
London WC1E 6BT
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.17 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iQEcBAEBAgAGBQJOuAJLAAoJELhVoVpEMS6R5qcH/RbJXEglc4s7trtV9RViKnnG
44rCYftV+XE4I9MovboLuyAYJgQWnZ6Ook/Yn+TCkN2wW083Otw1xl+GpgIOXqEY
CORL3wGBdqdI++MCfaCz3KZnypK2RvWxat9jv+w3h1sQ0DqsUUtW+JA3bt+8qTIm
PB+HWHGJsepM/ZE+msPk9N0VzVLtcjrc9jN1kE+Gs6eRIz8BE37mJutXF7rk1UO0
vnd4xHY4/92MQEhI1WaeMdLfPAq1B+WZnGtd6b0hMo/2zcv+JnkZ4vpuVLjO8zob
c/mAbGvPCzbkEqR76vaDG8ZI4H0ii/sdBrjpNk2aP7ljuOo2c6u7xKwljq8CRWo=
=YyjD
-----END PGP SIGNATURE-----
More information about the Oisf-users
mailing list