Snort 2.1 Intrusion Detection Book - CD ROM file

[Ibrahim Ahmed via Snort-users <snort-users () lists snort org>]

Hi everyone.

I'm going through the book "Snort 2.1 Intrusion Detection" by Baker,
Caswell, and Poor.

In Chapter 4, 'Inner Workings', the authors guide the user through writing
their own detection plugin. To test the plugin, they require use of the
book's accompanying CD-ROM, which they state contains ".*.. a pcap file
with an urg flag, with the tcp urgent pointer value of 0.*"

I've looked in the CD-ROM's "*\Bin\05\libpcap-0.8.3\" *directory and its
subdirectories and files and am unable to locate the string "urg" or
"tcp_urg" in any of the files named "pcap".

Has anyone previously been able to find such a pcap file in the CD? Is
there an alternate way to create such a file with the specified 'urg flag'?

Many thanks,
Ibrahim

_______________________________________________
Snort-users mailing list
Snort-users () lists snort org
Go to this URL to change user options or unsubscribe:
https://lists.snort.org/mailman/listinfo/snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!