| |||||
| |||||
Search Irongeek.com: ![]() ![]()
Help Irongeek.com pay for bandwidth and research equipment: |
The Snort team has recently released OpenAppID – the open
source implementation of application identification and control. Using this free software you can now implement these
next gen features for free! This will provide detailed statistics
about what applications are being used in your environment.
And with the Snort rules language adapting to this data you
can easily write rules to block specific applications (or significantly reduce false positives in other rules). I will show you
how to do this, as well as how to write your own application
detectors.
15 most recent posts on Irongeek.com:
|
If you would like to republish one of the articles from this site on your
webpage or print journal please contact IronGeek.
Copyright 2020, IronGeek
Louisville / Kentuckiana Information Security Enthusiast