Snort mailing list archives

Snort 1.7 MySQL Question

From: <bthaler () webstream net>
Date: Fri, 10 Aug 2001 16:39:38 -0400

In the "iphdr" table of the Snort MySQL DB, Snort logs the source and
destination IP addresses as "ip_src" and "ip_dst" respectively.

Can someone please explain to me how this is encoded?  I know that the
individual octets are also recorded in separate fields, but it's much more
convenient to have the IP in a single field.

My machine knows how to decode these.  For instance, I can ping "1064298128"
from a command line.  But I'm not as smart as my machine, LOL.

Appreciate any help,
Brad T.


_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
http://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Current thread:

Snort 1.7 MySQL Question bthaler (Aug 10)
- Re: Snort 1.7 MySQL Question Jason (Aug 10)
- <Possible follow-ups>
- RE: Snort 1.7 MySQL Question swilcoxon (Aug 10)
- RE: Snort 1.7 MySQL Question Johnson, David (Aug 10)
  - Re: Snort 1.7 MySQL Question Mark Rowlands (Aug 10)