TO UNSUBSCRIBE: email "unsubscribe issforum" in the body of your message to [EMAIL PROTECTED] Contact [EMAIL PROTECTED] for help with any problems! ----------------------------------------------------------------------------
Hi everybody! I am currently evaluating RealSecure Network Sensor 6.5 and spent some time trying to create custom signatures. Can somebody please give me an example on howto achieve that, e.g. creating a signature that looks for packets with the following specs: IP: DF set TCP: PSH, ACK Set Payload string: "Foo" within offset n bytes from Payload begin and a search depth of m bytes. Another issue: Is there any feature that allows me looking into captured packets from within the RealSecure Console similar to ethereal? I would like to drill down from the event message into more detailed packet data, such as Header Flags, sequence numbers and so forth. I am also missing some functionality within the Console that is similar to ACID. As you might notice, I am a snortuser ;) Thanks for your help! Greetings, D. Liesen -- GMX - Die Kommunikationsplattform im Internet. http://www.gmx.net
