Feature #2713
closed
protocol detection w/o protocol parsing
Added by Victor Julien over 6 years ago.
Updated over 1 year ago.
Description
At the Suricon2018 it was requested to add better support for detection of protocols w/o implementing full parsers.
Pierre, could you fill in more details of what you have in mind?
- Related to Task #2685: SuriCon 2018 brainstorm added
Are there specific protocols in mind ?
What is the use case ?
We have to watch for evasions to use this in a rules context...
- Related to Task #2757: improve protocol detection added
- Status changed from Feedback to Closed
Closing as stale, feel free to reopen if tou have specific protocols in mind Pierre
Also available in: Atom
PDF