[Snort-users] tcp/510 probe

Vitaly McLain twistah at ...93...
Tue Nov 28 21:39:13 EST 2000


Snort itself is a great sniffer. Try running `snort -dv` and try it out.

The _best_ software for "playing with packets" (as in capturing and
analyzing them) is called
Ethereal and it's completely freeware and open-source. Grab a copy from
www.Ethereal.com.

As for books, there a couple good ones that concern various protocols. I
can't remember them off the top of my head; I think one is called "TCP/IP
Illustrated", but I could be confusing titles. Check www.BookPool.com, they
usually have pretty good deals.

Vitaly McLain
twistah at ...93...
twistah @ OPN & EfNet
"If you don't turn on to politics, politics will turn on you."
       - Ralph Nader




More information about the Snort-users mailing list