Snort mailing list archives
Using snort to monitor traffic
From: Frank <frank () korcett com>
Date: Mon, 30 Apr 2007 17:34:28 -0500
i have snort inline (freebsd, ipfw, postgres logging) set up on my router to watch HTTP traffic. i would like to log in such a way that i can determine the last time any IP sent HTTP. i don't want to log any content, i just need the timestamps. i would prefer not to have to inspect the content or to log every HTTP packet. does snort seem like the proper tool for this job? i was going to use squid, but that seemed like overkill as just a transparent, non-caching proxy that logs to a flat file. thanks, frank ------------------------------------------------------------------------- This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/ _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Using snort to monitor traffic Frank (Apr 30)
- Re: Using snort to monitor traffic Will Metcalf (Apr 30)
- Re: Using snort to monitor traffic CS Lee (May 01)
- Re: Using snort to monitor traffic Will Metcalf (Apr 30)