[Snort-devel] Problems with finding original data packets?
ANDREW TING ZHOU
azhou at ...2084...
Fri Jul 18 05:39:03 EDT 2003
I'm trying to read original data packets in terms of the source/target IP
in the alert file. Original data packets are not always kept in same
place, sometime in source directories and sometime in target directories.
Is there a way that I can find original data packets from the alert file?
What is the naming convention for files in source/target directories?
More information about the Snort-devel