[Snort-users] Libpcap

Joanne Treurniet joanne_treurniet at ...125...
Thu Oct 19 13:09:15 EDT 2000

As another FYI, if you are stuck with logs that you collected on RedHat and 
wish to convert them to a useable format, ethereal (http://www.ethereal.org) 
contains a program called editcap which will do the trick.


>From: "A.L.Lambert" <alambert at ...387...>
>To: Snort-users at lists.sourceforge.net
>Subject: [Snort-users] Libpcap
>Date: Thu, 19 Oct 2000 05:30:48 -0500 (CDT)
>	Just an FYI; at some point when you're out of your "newbie stage",
>and find yourself becoming a packet-sniffing junkie, I would recommend you
>go to www.tcpdump.org, and snag and compile the latest libpcap.  The 0.4
>version for RedHat has a reputation for being quite broken.  I've never
>had any trouble with Snort+RedHat's libpcap, so you probably have no
>pressing need to upgrade at the moment, but some of the other cool tools
>you'll probably be getting into once you discover the joy's of watching
>traffic on the wire (like dsniff for instance) won't function properly
>with the stock RedHat libpcap.
>	--A.L.Lambert
> > > Hi,
> > >
> > > Can anyone provide resources that will help with the installation of 
> > > on Redhat 6.1 to a Linux newbie?
> >
> > Sure!
> >
> > First, you need libpcap installed.  You can find it at
> > 
>Snort-users mailing list
>Snort-users at lists.sourceforge.net

Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.

Share information about yourself, create your own public profile at 

More information about the Snort-users mailing list