[Snort-devel] Build a packet from mysql
elof at ...969...
Tue May 6 05:54:04 EDT 2003
Is it possible to rebuild a complete packet from the contents logged to
sql? I'm not satisfied with the decode made by ACID, so I want to rebuild
the packet and pass it through an network analyzer like ethereal.
Is this possible and easily done?
A quick look at the database design tell me that the packet is split into
different pieces and placed in different tables.
More information about the Snort-devel