Hi,
i use fingerprintls to listen on an interface or pcap file.
In this cases the tcp and udp stream is examined.
When i write it to a json file and convert it with
fingerprintout.py to an IDS pattern there is only an
"alert tcp" left. What happened with UDP in the IDS case?
Something missing?
Or have i myself to double the IDS pattern to match also UDP?
Regards Torsten
Hi, i use fingerprintls to listen on an interface or pcap file. In this cases the tcp and udp stream is examined. When i write it to a json file and convert it with fingerprintout.py to an IDS pattern there is only an "alert tcp" left. What happened with UDP in the IDS case? Something missing? Or have i myself to double the IDS pattern to match also UDP? Regards Torsten