16Ara
How to detect a malware which is fragmented across multiple packets
How can we detect a malware which is fragmented across many packets , do we have to do some prefix /suffix matching kind of approach? Does tools like snort,Suricata support this ?