Snort mailing list archives

Re: Regarding snort3 application detection

From: "Costas Kleopa \(ckleopa\) via Snort-devel" <snort-devel () lists snort org>
Date: Thu, 30 Jan 2025 17:04:43 +0000

Can you provide some logs on the output of the applications running during that version with Chrome so we can compare? 
I am assuming this has something to do with QUIC traffic.

From: Snort-devel <snort-devel-bounces () lists snort org> on behalf of Dinesh via Snort-devel <snort-devel () lists 
snort org>
Date: Thursday, January 30, 2025 at 9:13 AM
To: snort-devel () lists snort org <snort-devel () lists snort org>
Subject: [Snort-devel] Regarding snort3 application detection
Hi,

     I am running snort-3.1.81 version for application detection. When i
am browsing the internet traffic with older version of chrome it is
detecting the applications correctly and with newer version of chrome
browser i am not able to detect  the applications the way it is
detecting with older versions.

     Is there anything to do with newer version of chrome browser ?

     I am using the command as below

     snort -c /etc/snort/snort.lua -i eth0 -l /var/log/snort -s 65535 -D
-k none -q --create-pidfile

     Can someone help me on this to identify the issue.


Thanks,
Dinesh

_______________________________________________
Snort-devel mailing list
Snort-devel () lists snort org
https://lists.snort.org/mailman/listinfo/snort-devel

Please visit http://blog.snort.org for the latest news about Snort!

_______________________________________________
Snort-devel mailing list
Snort-devel () lists snort org
https://lists.snort.org/mailman/listinfo/snort-devel

Please visit http://blog.snort.org for the latest news about Snort!

Current thread:

Regarding snort3 application detection Dinesh via Snort-devel (Jan 30)
- Re: Regarding snort3 application detection Costas Kleopa (ckleopa) via Snort-devel (Jan 30)