[Snort-users] Snort and Unix-Socket

Phil Wood cpw at ...440...
Wed Nov 21 18:03:02 EST 2001


On Thu, Nov 22, 2001 at 06:55:09AM +0700, Fyodor wrote:
> > But after some tests and "googles" I think the plugin never send any data to

I actually got this to work, but to make it work in a general way I modified
snort.  Don't think my changes ever made it in.  The change just allowed
me to specify the file to use rather than the hard coded one in snort source.

But, assuming snort is doing the correct client thing, here is code that
dumped out the alerts (as proof of concept):

-- 
Phil Wood, cpw at ...440...

-------------- next part --------------
A non-text attachment was scrubbed...
Name: unixsockd.c
Type: text/x-csrc
Size: 1915 bytes
Desc: not available
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20011121/5001779a/attachment.c>


More information about the Snort-users mailing list