[Snort-devel] TCPDUMP - logging traffic from an attacker

Chris Green cmg at ...402...
Wed Mar 27 08:52:03 EST 2002


Robert Wagner <rwagner at ...1225...> writes:

> 1)  An "output TCP_DUMP Count# Time#"  That would append the log generated
> by snort for the attacker with the next Count# packets or packets to or from
> the attacker in Time# seconds

> Please let me know your thoughts
> Thanks in advance for any assistance

You'll be happy to know that already exists.

Check out tag in section 2.3.31 of the manual.
-- 
Chris Green <cmg at ...402...>
This is my signature. There are many like it but this one is mine.





More information about the Snort-devel mailing list