[Snort-users] How to review actual packets?
Sheahan, Paul (PCLN-NW)
Paul.Sheahan at ...2218...
Mon Jun 11 13:02:28 EDT 2001
I'm new to Snort and just installed my first server on Red Hat Linux 7.0. I
am trying to identify why certain machines are setting off alarms. I need to
view the actual packets that were sent by the machine so I can see what URL
they went to etc. How can I view this info in Snort? I've already looked at
our web logs and they don't contain the info I need. I need actual sniffer
Any help would be appreciated!
More information about the Snort-users