[Oisf-users] libinjection

Brian Rectanus brectanu at gmail.com
Wed Jul 3 18:26:42 UTC 2013


You should report the FPs back to Nick Galbreath via libinjection on
github.  Nick has been very responsive to them in the past and I know is
looking for more feedback like this.

Cheers!
-B


On Wed, Jul 3, 2013 at 12:54 PM, Seth Hall <seth at icir.org> wrote:

>
> On Jul 2, 2013, at 2:18 AM, Peter Manev <petermanev at gmail.com> wrote:
>
> > Yes it is considered -
> > https://redmine.openinfosecfoundation.org/issues/547
>
>
> For the record, I just spent a few minutes and integrated this into Bro
> and ran it on some real world traffic and this isn't good.  There are a lot
> of false positives.  It's probably another one of those things that tends
> to work fine if you run it on your own server, but when you're watching
> general internet traffic it starts showing some flaws.
>
>   .Seth
>
> --
> Seth Hall
> International Computer Science Institute
> (Bro) because everyone has a network
> http://www.bro.org/
>
> _______________________________________________
> Suricata IDS Users mailing list: oisf-users at openinfosecfoundation.org
> Site: http://suricata-ids.org | Support: http://suricata-ids.org/support/
> List: https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
> OISF: http://www.openinfosecfoundation.org/
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20130703/168e4156/attachment-0002.html>


More information about the Oisf-users mailing list