Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Help? Broken binary(-b) snort-log (pcap_loop: bogus savefile header)

From: "Chr. v. Stuckrad" <stucki () math fu-berlin de>
Date: Mon, 22 Oct 2001 14:37:18 +0200
Hi!

Does somebody know, what I can do to 'repair' or 'analyse'
a snort-logfile created by logging in binary format, on which
tcpdump and snort complain about an 'pcap_loop: bogus savefile header'.

I can only read the first few packages, then both programs abort.
But I would definitely need to find a few more packages because
of an shellcode-alert last weekend...

Any Ideas how to edit/analyse/error-ignore/... ???


Thanks,     Stucki (new to the list :-)

-- 
Christoph von Stuckrad       * *  | nickname  | <stucki () math fu-berlin de> \
Freie Universitaet Berlin    |/_* | 'stucki'  | Tel(days):+49 30 838-75 459 |
Fachbereich Mathematik, EDV  |\ * | if online | Tel(else):+49 30 77 39 6600 |
Arnimallee 2-6/14195 Berlin  * *  | on IRCnet | Fax(alle):+49 30 838-75454 /

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: