byte_test 연산 중 AND 연산 용법

byte_test:1,&,2,3

01010101 = “85’

…………^ Not set

byte_test:1,&,1,3

01010101 = ‘85’

………….^ Set and Match!

byte_test:1,&,128,2

01100010 = ‘98’

^ Not set

 

refrence : https://forums.snort.org/forums/rules/topics/byte_test-and-the-operator-2

Advertisements

About this entry