Snort mailing list archives

Re: Alert messages in packet dumps

From: Edin Dizdarevic <edin.dizdarevic () interActive-Systems de>
Date: Mon, 14 Apr 2003 16:56:31 +0200

Hi,

AFAIK the fastest logging is provided by the unified plugin, not
tcpdump.

Use Barnyard to log to other facilities and relief Snort that way.

Regards,

Edin

Neil Dickey wrote:

I solved my problem, described below in my post to the list last week,
by abandoning the tcpdump format output.  I would have liked to use it
because it is faster and more economical of space, but I never could
get it to do what I wanted it to and thought it should.

Best regards,

Neil Dickey, Ph.D.
Research Associate/Sysop
Geology Department
Northern Illinois University
DeKalb, Illinois
60115



--
Edin Dizdarevic



-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Current thread:

Alert messages in packet dumps Neil Dickey (Apr 09)
- <Possible follow-ups>
- Re: Alert messages in packet dumps Neil Dickey (Apr 14)
  - Re: Alert messages in packet dumps Edin Dizdarevic (Apr 14)