Snort mailing list archives
Re: Just Analyzing tcpdump files according to defined rules.
From: Marcos Rodriguez <marcos.e.rodriguez () gmail com>
Date: Thu, 7 Oct 2010 07:21:21 -0400
Just thought I'd throw this into the mix: snort --pcap-filter=*.pcap --pcap-dir=/path/to/pcaps/ - Helpful if you'd like to run an entire directory of pcaps. Also, snort -h will show you other tricks, such as reading a list of pcaps from a file and processing those. And, yes, drink up!!!!! :o) On Thu, Oct 7, 2010 at 1:52 AM, Nerijus Krukauskas <nkrukauskas () gmail com>wrote:
On Thu, October 7, 2010 06:12, alexandre suzuki wrote:I do not want snort running as a daemon,I just want it to analyze tcpdump files of my Internet connections,detecting intrusions etc. according to the established ruleset.My first attempts were not OK.Can someone show here the right command line options,and eventually any change to snort.conf? -I use snort 2.8.5.1-.Aren't people reading the manuals or using search these days anymore? Now go to http://blog.joelesler.net/the-snort-drinking-game and take your penalty. -- http://nk99.org/ ------------------------------------------------------------------------------ Beautiful is writing same markup. Internet Explorer 9 supports standards for HTML5, CSS3, SVG 1.1, ECMAScript5, and DOM L2 & L3. Spend less time writing and rewriting code and more time creating great experiences on the web. Be a part of the beta today. http://p.sf.net/sfu/beautyoftheweb _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
------------------------------------------------------------------------------ Beautiful is writing same markup. Internet Explorer 9 supports standards for HTML5, CSS3, SVG 1.1, ECMAScript5, and DOM L2 & L3. Spend less time writing and rewriting code and more time creating great experiences on the web. Be a part of the beta today. http://p.sf.net/sfu/beautyoftheweb
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Just Analyzing tcpdump files according to defined rules. alexandre suzuki (Oct 06)
- Re: Just Analyzing tcpdump files according to defined rules. Joel Esler (Oct 06)
- Re: Just Analyzing tcpdump files according to defined rules. Nerijus Krukauskas (Oct 06)
- Re: Just Analyzing tcpdump files according to defined rules. Marcos Rodriguez (Oct 07)
- Re: Just Analyzing tcpdump files according to defined rules. waldo kitty (Oct 07)
- Re: Just Analyzing tcpdump files according to defined rules. waldo kitty (Oct 07)