[Oisf-users] Correlating Suricata Flows to Form HTTP Sessions
Cooper F. Nelson
cnelson at ucsd.edu
Wed Sep 2 23:20:28 UTC 2015
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Such a thing does not exist, HTTP is a stateless protocol:
> https://en.wikipedia.org/wiki/Hypertext_Transfer_Protocol#HTTP_session_state
- -Coop
On 9/1/2015 7:50 PM, Vipul Hari wrote:
> Hi,
>
> I am using suricata(2.1beta4) to develop an IDP/IPS solution based on
> insights derived from a user's browsing activity.
>
> The key metrics I am looking for are:
> 1. top websites being visited
> 2. amount of time spend on each website**
- --
Cooper Nelson
Network Security Analyst
UCSD ACT Security Team
cnelson at ucsd.edu x41042
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.17 (MingW32)
iQEcBAEBAgAGBQJV54Q8AAoJEKIFRYQsa8FWHn4H/1pjxqTFCQgX5PJjuqmXxG4L
boAJHYgN7zYobsmpJWQwDqijyQwHjIbdhvuYrgKnlLZ50jq+JZ5R9lYatc2uRH/A
yDIerS/4xhOqwTDX4AevmCGXWCuM3S3beE/3agYCg1ag88HW8WC+7sz/gyC8dFAd
IbOIFDFlpiIYasTCW+4cZDhixfOI2w1XZ9cHLNuD7q7/8pc2Mxp7Gh0COdww8UTN
qcmnwy4T5Uve7gJo5GnBTu28NMZJJUfjE3X0sdX0DFw+Ar8Oxc5Uiy2VahceWEHq
ifDmkPgjtTDk/IH8sN3KcAVbZC+m0r5LLqLvLMQaWcLKKU6PgzzfM/dEB4IQIWw=
=BU13
-----END PGP SIGNATURE-----
More information about the Oisf-users
mailing list