[Bro] Signature framework questions, endianess and bitwise operations
James Feister
openjaf at gmail.com
Thu Jul 24 15:03:51 PDT 2014
On Thu, Jul 24, 2014 at 4:00 PM, Siwek, Jon <jsiwek at illinois.edu> wrote:
> analyzer::Manager::BuildInitialAnalyzerTree() is what that the
documentation should say for newer versions. Another way maybe you can do
what you want without changing source code directly is to make a payload
regex that matches everything and enables the analyzer you are writing.
Thanks for the guidance. Will give that a go.
Jim
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20140724/ccd21c2f/attachment.html
More information about the Bro
mailing list