Saturday, April 02, 2005

To-do List

Victor and I decided to create this list, we always think of cool crap we want to do with snort-inline and then forget about it. If anybody wants to contribute code, feel free.

  1. Rewrite InlineReject() to use libdnet, we are doing this because this is what flexresp2 uses.(done)
  2. Rewrite ip_queue to reduce context switching by sending multiple netlink messages in a single buffer to userspace.(NFQUEUE supports this we need to see if we can integrate)
  3. Write stream4inline state table to disk when it receives a kill signal, this we can survive a application restart and our active tcp connections are not severed. (Ummm this is Victors baby maybe he will finish this before he proproses to his girlfriend. Which means it might never happen.)
  4. Write a SSL decryption plugin based on ssldump.(Umm mod_security+mod_proxy+mod_rewrite accomplishes this, don't know if we will look at it again)
  5. Revamp fnord preprocessor to detect NOP sleds.(what were we thinking.... I don't think so)
  6. Add option to snort-inline to send resets in both directions.

posted by Will Metcalf @ 12:13 PM   4 comments

Tuesday, March 22, 2005

Hello World

Oink Oink

posted by Will Metcalf @ 7:28 PM   0 comments