Snort mailing list archives
Snort 2.1 Intrusion Detection Book - CD ROM file
From: Ibrahim Ahmed via Snort-users <snort-users () lists snort org>
Date: Fri, 29 Sep 2017 11:59:42 -0700
Hi everyone. I'm going through the book "Snort 2.1 Intrusion Detection" by Baker, Caswell, and Poor. In Chapter 4, 'Inner Workings', the authors guide the user through writing their own detection plugin. To test the plugin, they require use of the book's accompanying CD-ROM, which they state contains ".*.. a pcap file with an urg flag, with the tcp urgent pointer value of 0.*" I've looked in the CD-ROM's "*\Bin\05\libpcap-0.8.3\" *directory and its subdirectories and files and am unable to locate the string "urg" or "tcp_urg" in any of the files named "pcap". Has anyone previously been able to find such a pcap file in the CD? Is there an alternate way to create such a file with the specified 'urg flag'? Many thanks, Ibrahim
_______________________________________________ Snort-users mailing list Snort-users () lists snort org Go to this URL to change user options or unsubscribe: https://lists.snort.org/mailman/listinfo/snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- Snort 2.1 Intrusion Detection Book - CD ROM file Ibrahim Ahmed via Snort-users (Sep 29)
- Re: Snort 2.1 Intrusion Detection Book - CD ROM file Al Lewis (allewi) via Snort-users (Sep 29)