[Oisf-users] Suricata parsers

Shirkdog shirkdog at gmail.com
Mon Nov 7 16:11:21 UTC 2011


Can you post the errors to the list as well?

---
Shirkdog
Free your Mind...
http://www.shirkdog.us



On Mon, Nov 7, 2011 at 11:07 AM, Peter Bates <peter.bates at ucl.ac.uk> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
>
> Hello all
>
> I've had my eye on Suricata for a while - but decided to take more of
> a plunge with 1.1rc1 - primarily as a drop-in replacement for a Snort
> 2.9.x/Barnyard2 setup.
>
> All seems well, and I'm still running Suricata foregrounded for now.
>
> As in previous tests, I'm still seeing a lot of 'AppLayerParse'
> errors, particularly in http/tls but also smtp protocols.
>
> The machine (and network) is quite busy - is there some way to dump
> these unusual packets - presumably they are in violation of the
> particular protocol and it might be useful I guess to capture them.
>
> Thanks.
>
> - --
> Peter Bates
> Senior Computer Security Officer    Phone: +44(0)2076792049
> Information Services Division       Internal Ext: 32049
> University College London
> London WC1E 6BT
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v2.0.17 (MingW32)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
>
> iQEcBAEBAgAGBQJOuAJLAAoJELhVoVpEMS6R5qcH/RbJXEglc4s7trtV9RViKnnG
> 44rCYftV+XE4I9MovboLuyAYJgQWnZ6Ook/Yn+TCkN2wW083Otw1xl+GpgIOXqEY
> CORL3wGBdqdI++MCfaCz3KZnypK2RvWxat9jv+w3h1sQ0DqsUUtW+JA3bt+8qTIm
> PB+HWHGJsepM/ZE+msPk9N0VzVLtcjrc9jN1kE+Gs6eRIz8BE37mJutXF7rk1UO0
> vnd4xHY4/92MQEhI1WaeMdLfPAq1B+WZnGtd6b0hMo/2zcv+JnkZ4vpuVLjO8zob
> c/mAbGvPCzbkEqR76vaDG8ZI4H0ii/sdBrjpNk2aP7ljuOo2c6u7xKwljq8CRWo=
> =YyjD
> -----END PGP SIGNATURE-----
>
> _______________________________________________
> Oisf-users mailing list
> Oisf-users at openinfosecfoundation.org
> http://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
>



More information about the Oisf-users mailing list