Detection Plugins
- What is a detection plugin and what can it do?
- What detection plugins are currently available
- About each plugin
- What plugins are planned/under development
What is a detection plugin and what can it do?
Detection plugins can be considered the heart and soul of snort. They are
were a lot of the work is done in the detection engine. The detection engine
can be split into two pieces. The first part is the andress/port matching
engine. This compare the source and destination address/port pairs against
those defined for the various rules. This part of the engine
Copyright 2000 Andrew R. Baker