Snort mailing list archives
Re: Including a MAC address
From: Edin Dizdarevic <edin.dizdarevic () interActive-Systems de>
Date: Thu, 21 Aug 2003 17:31:21 +0200
Hi, Do you mean in order to show it in ACID or in the alert file? For the latter case try the "-e" switch. A short look to the mysql tables shows me no link layer infos, so I suppose this is not working (yet with ACID/MySQL). Regards, Edin Jade E. Deane wrote:
Does anyone know a way to include the source and destination MAC address in an alert? Regards, Jade
-- Edin Dizdarevic ------------------------------------------------------- This SF.net email is sponsored by: VM Ware With VMware you can run multiple operating systems on a single machine. WITHOUT REBOOTING! Mix Linux / Windows / Novell virtual machines at the same time. Free trial click here:http://www.vmware.com/wl/offer/358/0 _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Updating snort mysql tables for new signatures JJ (Aug 20)
- RE: Updating snort mysql tables for new signatures Jeff Dell (Aug 20)
- Including a MAC address Jade E. Deane (Aug 21)
- Re: Including a MAC address Edin Dizdarevic (Aug 22)
- Including a MAC address Jade E. Deane (Aug 21)
- <Possible follow-ups>
- RE: Updating snort mysql tables for new signatures JJ (Aug 21)
- RE: Updating snort mysql tables for new signatures Erek Adams (Aug 22)
- RE: Updating snort mysql tables for new signatures Jade E. Deane (Aug 23)
- RE: Updating snort mysql tables for new signatures Jeff Dell (Aug 20)