Security Basics mailing list archives
Slickest way to capture all packets inbound and outbound for a specific IP address, or range?
From: "Mark G. Spencer" <mspencer () evidentdata com>
Date: Fri, 5 Sep 2003 08:51:35 -0700
I'm curious what the best way would be to capture all packets inbound or outbound for a specific IP address or range of IP addresses would be? The scenario would be this .. I suspect an IP address of being involved in an intrusion into an application on my network. The relevant system has been patched, but I would still like to capture the full packets for any inbound and outbound activity for that IP address on a machine outside of my firewall. Would Snort be a good way to do this, or is there a quicker/slimmer solution? Thanks! Mark --------------------------------------------------------------------------- Attend Black Hat Briefings & Training Federal, September 29-30 (Training), October 1-2 (Briefings) in Tysons Corner, VA; the world's premier technical IT security event. Modeled after the famous Black Hat event in Las Vegas! 6 tracks, 12 training sessions, top speakers and sponsors. Symantec is the Diamond sponsor. Early-bird registration ends September 6.Visit us: www.blackhat.com ----------------------------------------------------------------------------
Current thread:
- Slickest way to capture all packets inbound and outbound for a specific IP address, or range? Mark G. Spencer (Sep 05)
- Re: Slickest way to capture all packets inbound and outbound for a specific IP address, or range? B (Sep 05)
- Re: Slickest way to capture all packets inbound and outbound for a specific IP address, or range? Jude Naidoo (Sep 05)
- Re: Slickest way to capture all packets inbound and outbound for a specific IP address, or range? Christos Gioran (Sep 08)
- RE: Slickest way to capture all packets inbound and outbound for a specific IP address, or range? Michael LaSalvia (Sep 08)