I just got back from Snort training in Atlanta, Georgia.

I am completely impressed with what a beautiful project that is. It is a work of art!

My most favorite features are the byte_test, byte_jump, flowbits. The first two allow you to account for variable sized fields inside of packet payloads, while flowbits allow you to track condition states across multiple packets in a stream.

My instructor, John Gay, was super in presenting the material in a clear and concise manner.

My stay in Atlanta was fun. I enjoyed a free breakfast at Embassy Suites every morning. My favorite dinner was at the Mellow Mushroom Pizza Parlor. Definitely in the top 5 pizza places in my mind. Unfortunately, they only franchise on the east coast.