[Snort-devel] resolve dns/ netbios names

Martin Roesch roesch at ...402...
Mon Jan 24 07:39:14 EST 2005


Hi John,

No there isn't, implementing name resolution would impact Snort's 
performance nagatively so we've always left it as a post-process 
function for the user.

      -Marty

On Jan 23, 2005, at 9:12 AM, John Beaudoin wrote:

> Is there an option I can invoke that when writing to the log 
> directory, it will write the directory names as the FQDN and/or 
> netbios name instead of the ipaddress. This would be handy for both 
> LAN and WAN traffic analysis.
>
>  
>
> This is the option I use now snort.exe –X –l c:\snort\log
>
>  
>
> John
>
-- 
Martin Roesch - Founder/CTO, Sourcefire Inc. - +1-410-290-1616
Sourcefire - Discover.  Determine.  Defend.
roesch at ...402... - http://www.sourcefire.com
Snort: Open Source Network IDS - http://www.snort.org





More information about the Snort-devel mailing list