[Snort-users] Secure - NSLOOKUP

Dave Ryan dave at ...1192...
Mon Jan 29 10:08:07 EST 2001


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

> <advocate mode="Devil">
> 
> It would be nice, at times, during a snort replay (-r) to have DNS
> enabled for the sake of visual/mental convenience.
> 
> </advocate>

*cough* tcpdump -r <some_file_that_snort_logged_in_binary_format_too_using_the_output_tcpdump_processor> *cough*

hey presto, hostnames are resolved.


Dave.

- -- 
Dave Ryan 				Default Security
http://www.default.org.uk/~dave		dave at ...1192...

GnuPG Key:      http://www.default.org.uk/~dave/gpgkey.asc
Fingerprint:    F418 C882 FF03 82A0 A99A  2720 669C E8C3 44B8 2A0F

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.4 (OpenBSD)
Comment: For info see http://www.gnupg.org

iD8DBQE6dYdVZpzow0S4Kg8RAiCVAJ9Eu5h30264MPwAaYEShfTKILVQcgCfQ8N4
VnZoXCpQHX633eWzn/o0q6U=
=Qx7s
-----END PGP SIGNATURE-----




More information about the Snort-users mailing list