[Snort-users] Capturing Packets on Demand
Adam_Migus at ...2706...
Tue Oct 2 11:37:01 EDT 2001
-----BEGIN PGP SIGNED MESSAGE-----
I'm sure this question has probably been asked many times before but
a quick scan of the FAQ revealed nothing so I'll ask again.
What I want to do is this:
For a given rule when the rule is triggered I want to log in tcpdump
format that packet and each subsequent packet until the connection is
terminated. If possible I'd also like it if each time the rule was
triggers it would log the binary data to separate logfiles so that
each file contained only one trace. The second part is icing on the
cake and it not essential.
-----BEGIN PGP SIGNATURE-----
Version: PGP 6.5.1
Comment: Crypto Provided by Network Associates <http://www.nai.com>
-----END PGP SIGNATURE-----
More information about the Snort-users