Snort mailing list archives
Re: How to debugging on Snort?
From: "Joel Esler \(jesler\) via Snort-devel" <snort-devel () lists snort org>
Date: Fri, 18 May 2018 15:13:19 +0000
Thank you for writing in. Go to this URL to change user options or unsubscribe: https://lists.snort.org/mailman/listinfo/snort-devel Thanks! On May 18, 2018, at 1:38 AM, James via Snort-devel <snort-devel () lists snort org<mailto:snort-devel () lists snort org>> wrote: Please unsubscribe On Fri, 18 May 2018 at 05:17 Al Lewis (allewi) via Snort-devel <snort-devel () lists snort org<mailto:snort-devel () lists snort org>> wrote: Hello, To debug… use GDB. https://www.gnu.org/software/gdb/ Albert Lewis ENGINEER.SOFTWARE ENGINEERING Cisco Systems Inc. Email: allewi () cisco com<mailto:allewi () cisco com> From: Snort-devel <snort-devel-bounces () lists snort org<mailto:snort-devel-bounces () lists snort org>> on behalf of İzzettin Erdem via Snort-devel <snort-devel () lists snort org<mailto:snort-devel () lists snort org>> Reply-To: İzzettin Erdem <root.mch () gmail com<mailto:root.mch () gmail com>> Date: Thursday, May 17, 2018 at 10:11 PM To: "snort-devel () lists snort org<mailto:snort-devel () lists snort org>" <snort-devel () lists snort org<mailto:snort-devel () lists snort org>> Subject: [Snort-devel] How to debugging on Snort? Hello Everyone , I want to debug Snort but I didn't find something help me. Actually I want to learn that: Packets come in to network and Snort catches them. After that, Snort checks packets by rules. How can I see what Snort checks at a time and output of this check process? Example check process for packet P1; Searching for : content:"sa" offset:5 depth:10 output -> found or 1 continue to check packet p1: content: "|02|" offset: 33 depth: 45 . . . output -> not found or 0 _______________________________________________ Snort-devel mailing list Snort-devel () lists snort org<mailto:Snort-devel () lists snort org> https://lists.snort.org/mailman/listinfo/snort-devel Please visit http://blog.snort.org<http://blog.snort.org/> for the latest news about Snort! _______________________________________________ Snort-devel mailing list Snort-devel () lists snort org<mailto:Snort-devel () lists snort org> https://lists.snort.org/mailman/listinfo/snort-devel Please visit http://blog.snort.org for the latest news about Snort!
_______________________________________________ Snort-devel mailing list Snort-devel () lists snort org https://lists.snort.org/mailman/listinfo/snort-devel Please visit http://blog.snort.org for the latest news about Snort!
Current thread:
- How to debugging on Snort? İzzettin Erdem via Snort-devel (May 17)
- Re: How to debugging on Snort? Al Lewis (allewi) via Snort-devel (May 17)
- Re: How to debugging on Snort? James via Snort-devel (May 17)
- Re: How to debugging on Snort? Joel Esler (jesler) via Snort-devel (May 18)
- Re: How to debugging on Snort? James via Snort-devel (May 17)
- Re: How to debugging on Snort? Russ via Snort-devel (May 17)
- Re: How to debugging on Snort? Al Lewis (allewi) via Snort-devel (May 17)