Re: Import data from wireshark to Snort

[waldo kitty <wkitty42 () windstream net>]

On 9/11/2012 04:29, Nhok Maruko wrote:
> Hi, everyone. I have some trouble with Snort. i don't know how to import data
> from wireshark to Snort, so anyone who know please help me?

taking a eWAG (educated Wild Arsed Guess), it would seem that you have captured 
data with wireshark and you want to feed it to snort? if so, you need to save 
that data as a pcap (it may already be such) and then you feed it to snort with 
the "-r pcapfile" option on the command line with the other command line options 
necessary...

this page in the manual might help...

http://manual.snort.org/node8.html


------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and 
threat landscape has changed and how IT managers can respond. Discussions 
will include endpoint security, mobile security and the latest in malware 
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!