Snort mailing list archives
RE: filters
From: "Hutchinson, Andrew" <andrew.hutchinson () Vanderbilt Edu>
Date: Tue, 29 Jul 2003 12:41:08 -0500
If you install tcpdump, then type 'man tcpdump', it will give you a good overview. Also, if you buy Northcutt's book "Network Intrusion Detection", it has a nice section reviewing bpf and showing how to do some useful logical bitmasking operations to find certain traffic types. HTH, Andrew Andrew Hutchinson - Network Security Vanderbilt University Medical Center (615) 936-2856 -----Original Message----- From: Scotts Email [mailto:tech4life2 () comcast net] Sent: Tuesday, July 29, 2003 12:02 PM To: snort-users () lists sourceforge net Subject: [Snort-users] filters anyone tell me where to find bpf filter options for windows and linux ? i want to get the right ones, and know how to use them properly...our class is starting ids soon using snort.. thanks, scott
Current thread:
- filters Scotts Email (Jul 29)
- Re: filters Jon Baer (Jul 29)
- <Possible follow-ups>
- RE: filters Hutchinson, Andrew (Jul 29)
- RE: filters - FAQ entry? twig les (Jul 29)
- RE: filters Gary Danko (Jul 29)
- Re: filters Phil Wood (Jul 29)