[Snort-users] newbie: tcpdump primer

Ryan Hill rhill at ...2446...
Thu Oct 18 09:22:19 EDT 2001


all,

apologies if I've missed this somewhere, but I'm trying to view a packet
dump created by snort in /var/log/snort and I've tried several options with
tcpdump but am getting the message 'bad dump format' when I try to view the
packet.  I've taken a look at the man page and tried several different
switches to no avail.

am I even looking in the right area?

thanks,

snort + linux newbie who just got snort & mysql working on rh 7.1 :)

p.s. ACID looks very interesting - and complicated.  are there any good
guides for getting the pre-requisites in place?  I've got apache installed
and working - and I think I've got PHP installed and working (not sure how
to test or configure this yet).  tips or pointers would be much appreciated.

regards,
ryan




More information about the Snort-users mailing list