Snort mailing list archives
log single packet vs reassmbled stream
From: Thomas Anderson <neo_ait () yahoo com>
Date: Sun, 3 Oct 2004 20:39:10 -0700 (PDT)
Hi all, If in a stream a packet got a alert then will the packet got logged or the stream got logged... or both of them get logged ??? If strem4 preprocessor is enabled..... What i see is that only the alerted packet is logged.... Is there any option to enable the logging of the entire reassembled packet ????? thanks in advance Thomas __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com
Current thread:
- log single packet vs reassmbled stream Thomas Anderson (Oct 03)
- Re: log single packet vs reassmbled stream Alex Butcher, ISC/ISYS (Oct 04)
- Re: log single packet vs reassmbled stream Thomas Anderson (Oct 04)
- Re: log single packet vs reassmbled stream Alex Butcher, ISC/ISYS (Oct 04)
- Re: log single packet vs reassmbled stream Jason Haar (Oct 04)
- Re: log single packet vs reassmbled stream Thomas Anderson (Oct 04)
- Re: log single packet vs reassmbled stream Alex Butcher, ISC/ISYS (Oct 05)
- Re: log single packet vs reassmbled stream Thomas Anderson (Oct 04)
- Re: log single packet vs reassmbled stream Alex Butcher, ISC/ISYS (Oct 04)