Snort mailing list archives

Previous By Date Next
Previous By Thread Next

packet crafting detection

From: "skop ganu" <skop () visto com>
Date: Thu, 11 Oct 2001 04:24:01 -0700
hi all
imho - this is where tcpdump command comes handly.
when i run snort to read this tcpdump file - nothing is detected BUT when i do tcpdump -r filename -vv - yet i can see 
that there is a few packet with same IP Id and this is with DF set. 
as far as i know IP Id should be change for each connection with DF set.
can anyone correct me ?
-skop ganu
___________________________________________________________________________
Visit http://www.visto.com.
Find out  how companies are linking mobile users to the 
enterprise with Visto.


_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: