[Snortsam-discussion] Snortsam plugin compile problems w/Snort 2.8.4
Frank Knobbe
frank at snortsam.net
Fri Apr 24 17:37:10 EDT 2009
On Fri, 2009-04-24 at 15:39 -0400, Matt Jonkman wrote:
> I fully agree. We should concentrate efforts on a barnyard2 patch.
> Possibly even get the original authors to integrate it. I'll try
> reaching out to them.
I already contacted firnsy (<firnsy at securixlive.com>) about that.
He said:
"That would be great. You can obtain the codebase from
www.securixlive.com/barnyard2
"
Go for it. But don't just use the BY1 plugin. You can use it as a
reference, but I would certainly implement the enhancements of
persistent connections. Should be too hard to rip that from the
forwarder plugin and update BY2 with that. It would also be nice to
update the Snort plugin with the newer packet version (15). However, it
takes a bit of work. Use the forwarder plugin as an example.
I'll likely be another month before I can take a look at that, so give
it a shot yourself.
Regards,
Frank
More information about the Snortsam-discussion
mailing list