[Snort-users] Capturing Packets on Demand

Migus, Adam Adam_Migus at ...2706...
Tue Oct 2 11:37:01 EDT 2001


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Folks,
I'm sure this question has probably been asked many times before but
a quick scan of the FAQ revealed nothing so I'll ask again.
What I want to do is this:
For a given rule when the rule is triggered I want to log in tcpdump
format that packet and each subsequent packet until the connection is
terminated.  If possible I'd also like it if each time the rule was
triggers it would log the binary data to separate logfiles so that
each file contained only one trace.  The second part is icing on the
cake and it not essential.

Thanks,
Adam

-----BEGIN PGP SIGNATURE-----
Version: PGP 6.5.1
Comment: Crypto Provided by Network Associates <http://www.nai.com>

iQA/AwUBO7oJChnuLsFhS6x5EQIqrACg9k8WUow6B787RJI64rT4nbGabEsAnRQz
b4v/XoI61k8vZI7mW4sM70K8
=PSV+
-----END PGP SIGNATURE-----




More information about the Snort-users mailing list