[Snort-users] Help? Broken binary(-b) snort-log (pcap_loop: bogus savefile header)
Chr. v. Stuckrad
stucki at ...3882...
Mon Oct 22 05:38:02 EDT 2001
Does somebody know, what I can do to 'repair' or 'analyse'
a snort-logfile created by logging in binary format, on which
tcpdump and snort complain about an 'pcap_loop: bogus savefile header'.
I can only read the first few packages, then both programs abort.
But I would definitely need to find a few more packages because
of an shellcode-alert last weekend...
Any Ideas how to edit/analyse/error-ignore/... ???
Thanks, Stucki (new to the list :-)
Christoph von Stuckrad * * | nickname | <stucki at ...3882...> \
Freie Universitaet Berlin |/_* | 'stucki' | Tel(days):+49 30 838-75 459 |
Fachbereich Mathematik, EDV |\ * | if online | Tel(else):+49 30 77 39 6600 |
Arnimallee 2-6/14195 Berlin * * | on IRCnet | Fax(alle):+49 30 838-75454 /
More information about the Snort-users