Ravi Chunduru wrote: > perspective to change parameters in existing .so rules. There should > be some solution like web application firewalls do - deep packet > inspection and protocol parsing.
Please, don't bash snort for the point of bashing it. "Deep packet inspection" and "protocol parsing" are things that snort and its plugins already do. Point out specific flaws or suspected flaws (as Damiano did), and not marketing labels. SZ
