Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Tracing packets

From: Patrice.Arnal () alcatel fr
Date: Fri, 8 Mar 2002 16:35:42 +0100
Hello

In order to get he maximum info on the activity on a new machine, I 
configured snort 
with a rule in local.rules :

log tcp any any <> xxx.xxx.xxx.xxx/32 any (logto:survey.log ; )

In the survey.log file I got only the headers, never the payload.
I get the payload in the other logfiles 

/usr/local/bin/SNORT-1.8.3/snort183 -o -i qfe1 -d -l /var/log/snort1.8.3 
-c /usr/local/bin/SNORT-1.8.3/snort.conf -D


Patrice ARNAL
ALCANET France
Site d'ILLKIRCH
1 Route du Dr Albert SCHWEITZER
67408 ILLKIRCH CEDEX

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: