[Snort-users] ethereal 0.9.8 can't read tcpdump.log.XXXX

Christian Bock Christian.Bock at ...7944...
Thu Jan 9 04:03:04 EST 2003


ethereal says that the tcpdump.file is in no format it can understand,
but tcpdump can read it. When "converting" the file with tcpdump,
( read it and write to another file ) ethereal can understand that file.
Are there known troubles concerning this?
Another question is how to safe the dumpfile, because for some 
reason the file is deleted when snort is stopped. ( is that the "normal"
behaviour ? ) ... I would like to keep and analyze that file even when
snort is stopped for some reason




More information about the Snort-users mailing list