[Oisf-users] libinjection
Seth Hall
seth at icir.org
Wed Jul 3 17:54:17 UTC 2013
On Jul 2, 2013, at 2:18 AM, Peter Manev <petermanev at gmail.com> wrote:
> Yes it is considered -
> https://redmine.openinfosecfoundation.org/issues/547
For the record, I just spent a few minutes and integrated this into Bro and ran it on some real world traffic and this isn't good. There are a lot of false positives. It's probably another one of those things that tends to work fine if you run it on your own server, but when you're watching general internet traffic it starts showing some flaws.
.Seth
--
Seth Hall
International Computer Science Institute
(Bro) because everyone has a network
http://www.bro.org/
More information about the Oisf-users
mailing list