Table of Contents
Advertisement
Network Sensor Signature Fields
Network Sensor Signature Fields
Network Sensor Signatures have been modified to utilize XML configuration. The concept of
Fields are mapped to XML attributes in
Table A-2 Signature Attributes
XML Element/Attribute
Signature Element
Protocol
service-direction
traffic-direction
port
name
dynamic-collection
follow-on-sig
Pattern
offset
cutoff
pattern
alt-pattern
module
overflow
matchtype
type
Negative
pattern
A-60 Keywords/XML Attributes
Table
A-2.
Pre-7.0 #/Name
Field 1: Protocol
Field 2: Direction
Field 3: Protected Networks
Field 7: Port
Field 8: Name
Field 5: Dynamic-logic
Field 3: Protected Networks (D Value, only)
Field 6: Compare Bytes
Field 6: Compare Bytes
Field 9: Search String
Field 9: Search String
Field 9: Search String
Field 9: Search String
Field 4: Binary or String
Listed in dragon.sigs file.
Standard: abcd
Combo: abcd, efg
Negative: abcd ! (xyz, 123)
Overflow: abcd > 200
Plugin: abcd | plugin
Field 9: Search String
Advertisement
Table of Contents
Need help?
Do you have a question about the Intrusion Prevention System and is the answer not in the manual?