Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Just Analyzing tcpdump files according to defined rules.

From: waldo kitty <wkitty42 () windstream net>
Date: Thu, 07 Oct 2010 11:11:38 -0400
On 10/6/2010 23:12, alexandre suzuki wrote:

I do not want snort running as a daemon,I just want it to analyze tcpdump files
of my Internet connections,detecting intrusions etc. according to the
established ruleset.My first attempts were not OK.
Can someone show here the right command line options,and eventually
any change to snort.conf? -I use snort 2.8.5.1-.


daemon mode is initiated via the command line option '-D'... if you're not using 
it, you're not in daemon mode ;)

sounds like you need to use something like the '-r' option to read pcap files...

------------------------------------------------------------------------------
Beautiful is writing same markup. Internet Explorer 9 supports
standards for HTML5, CSS3, SVG 1.1,  ECMAScript5, and DOM L2 & L3.
Spend less time writing and  rewriting code and more time creating great
experiences on the web. Be a part of the beta today.
http://p.sf.net/sfu/beautyoftheweb
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: