[Snort-users] Dumping Other.

Scott A. McIntyre scott at ...1050...
Fri Jan 12 03:23:46 EST 2001


Hi.

Is there a way to get snort to dump "other" protocols that it doesn't
quite understand, but can at least get a certain amount of information
about?  For example, from tcpdump I get:

09:21:13.635613 802.1d config 8000.00:xx:xx:xx:09:00.801c root 8000.00:xx:xx:xx:09:00 pathcost 0 age 0 max 20 hello 2 fdelay 15 
09:21:15.638308 802.1d config 8000.00:xx:xx:xx:09:00.801c root 8000.00:xx:xx:xx:09:00 pathcost 0 age 0 max 20 hello 2 fdelay 15 

At regular intervals, however, snort only logs it as "other" without
getting more details.  

Thanks,

Scott







More information about the Snort-users mailing list