Snort mailing list archives

RE: how to convert tcpdump file back to its binary form

From: Richard Bejtlich <richard_bejtlich () yahoo com>
Date: Thu, 20 Nov 2003 04:54:16 -0800 (PST)

Jennifer,

Take a look at text2pcap, part of the Ethereal
distribution:

http://www.ethereal.com/text2pcap.1.html

You can read pcap files into Snort using the -r
switch.

Sincerely,

Richard Bejtlich
http://taosecurity.com

===

A file was supplied to me in tcpdump in ASCII format
and I would like to convert it back to its original
binary form.
 
Is it possible if so HOW?
 
After this file is converted to binary form can I run
it on snort and then snortsnarf??


__________________________________
Do you Yahoo!?
Free Pop-Up Blocker - Get it now
http://companion.yahoo.com/


-------------------------------------------------------
This SF.net email is sponsored by: SF.net Giveback Program.
Does SourceForge.net help you be more productive?  Does it
help you create better code?  SHARE THE LOVE, and help us help
YOU!  Click Here: http://sourceforge.net/donate/
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Current thread:

how to convert tcpdump file back to its binary form Sarah Bassram (Nov 19)
- <Possible follow-ups>
- RE: how to convert tcpdump file back to its binary form Richard Bejtlich (Nov 20)