Snort mailing list archives
Re: disable spp_portscan2
From: Demetri Mouratis <dmourati () cm math uiuc edu>
Date: Tue, 18 Mar 2003 11:04:44 -0600 (CST)
On Tue, 18 Mar 2003, Xue Wu wrote:
I was trying to run with tcpdump data snort -A fast -l /log -c /etc/snort/snort.conf -r tcpdump isn't this right?
Uhh, no. You are trying to use two mutually exclusive modes. The -r option is tripping you up, remove it and do this instead: snort -A fast -l /log -c /etc/snort/snort.conf The -r option is for replaying a log file. # snort -r /var/log/snort.log.1234 You may also want to use the -b option in your first command to log in tcpdump format. --------------------------------------------------------------------- Demetri Mouratis dmourati () linfactory com ------------------------------------------------------- This SF.net email is sponsored by: Does your code think in ink? You could win a Tablet PC. Get a free Tablet PC hat just for playing. What are you waiting for? http://ads.sourceforge.net/cgi-bin/redirect.pl?micr5043en _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- disable spp_portscan2 Xue Wu (Mar 17)
- Re: disable spp_portscan2 Erek Adams (Mar 17)
- Re: disable spp_portscan2 John Sage (Mar 18)
- Re: disable spp_portscan2 Xue Wu (Mar 18)
- Re: disable spp_portscan2 Erek Adams (Mar 18)
- Re: disable spp_portscan2 Xue Wu (Mar 18)
- Re: disable spp_portscan2 Erek Adams (Mar 18)
- Re: disable spp_portscan2 Xue Wu (Mar 18)
- Re: disable spp_portscan2 Erek Adams (Mar 18)
- Re: disable spp_portscan2 Xue Wu (Mar 18)
- Re: disable spp_portscan2 Demetri Mouratis (Mar 18)
- Re: disable spp_portscan2 Erek Adams (Mar 18)
- Re: disable spp_portscan2 John Sage (Mar 18)
- Re: disable spp_portscan2 Erek Adams (Mar 18)
- <Possible follow-ups>
- RE: disable spp_portscan2 L. Christopher Luther (Mar 18)