[Snort-devel] TCPDUMP - logging traffic from an attacker
rwagner at ...1225...
Wed Mar 27 09:53:09 EST 2002
It appears that this needs to be done on a per rule basis. Thanks for the
From: Chris Green [mailto:cmg at ...402...]
Sent: Wednesday, March 27, 2002 10:52 AM
To: Robert Wagner
Cc: 'snort-devel at lists.sourceforge.net'
Subject: Re: [Snort-devel] TCPDUMP - logging traffic from an attacker
Robert Wagner <rwagner at ...1225...> writes:
> 1) An "output TCP_DUMP Count# Time#" That would append the log generated
> by snort for the attacker with the next Count# packets or packets to or
> the attacker in Time# seconds
> Please let me know your thoughts
> Thanks in advance for any assistance
You'll be happy to know that already exists.
Check out tag in section 2.3.31 of the manual.
Chris Green <cmg at ...402...>
This is my signature. There are many like it but this one is mine.
More information about the Snort-devel