Firewall Wizards mailing list archives
Re: Recording slow scans
From: Vern Paxson <vern () ee lbl gov>
Date: Fri, 23 Oct 1998 15:11:39 PDT
I did code up the changes I mentioned previously (twiddling libpcap(3) and tcpdump(8) to accept multiple filters and output the results to multiple files). When I have a few more spare cycles, I'll document the changes and submit them to the libpcap/tcpdump maintainers. I have no idea how receptive said maintainers are to unsolicited changes, so I have no idea whether or not the changes are likely to make it into future releases.
We get unsolicited changes fairly often. Whether they're incorporated
depends on how well IOHO they fit into the general design. I've been
meaning to write something similar to what you describe, but as a
separate libpcap tool rather than folding it into tcpdump. Our general
approach is to encourage separate libpcap utilities when possible, and
this one seems to fit into that.
Vern
Current thread:
- Re: Recording slow scans, (continued)
- Re: Recording slow scans Marcus J. Ranum (Oct 07)
- Re: Recording slow scans Stephen P. Berry (Oct 13)
- Re: Recording slow scans Darren Reed (Oct 14)
- Re: Recording slow scans Stephen P. Berry (Oct 23)
- Re: Recording slow scans Darren Reed (Oct 23)
- Re: Recording slow scans Darren Reed (Oct 14)
- Re: Recording slow scans Donald Martin (Oct 14)
- Re: Recording slow scans Darren Reed (Oct 16)
- Re: Recording slow scans Eric Budke (Oct 16)
- Re: Recording slow scans Matt Curtin (Oct 16)
- Re: Recording slow scans Darren Reed (Oct 16)
- Re: Recording slow scans ark (Oct 19)
- Re: Recording slow scans Vern Paxson (Oct 28)