[Snort-users] Alerts of format TCP:1297-23

Bobby, Paul paul.bobby at ...178...
Tue Aug 1 10:26:20 EDT 2000


How do I generate these alerts such that snortsnarf can work with them?

I managed to do this once accidently, but now can't seem to do it.

my command line is

snort -de -A full -l /vol01/snort/log -h xxx.0/24 -c snort-lib -D

regardless of the -l parameter, snort still creates snort.alert in /var/log,
however the binary log files are put into the -l parameter directory.

But no log files like TCP:1297-23 style

Paul Bobby
-----------------
<dream> Got Root? </dream>






More information about the Snort-users mailing list