[Snort-users] filters

Hutchinson, Andrew andrew.hutchinson at ...759...
Tue Jul 29 10:43:05 EDT 2003


If you install tcpdump, then type 'man tcpdump', it will give you a good
overview.  Also, if you buy Northcutt's book "Network Intrusion
Detection", it has a nice section reviewing bpf and showing how to do
some useful logical bitmasking operations to find certain traffic types.
 
HTH,
 
Andrew

Andrew Hutchinson - Network Security
Vanderbilt University Medical Center
(615) 936-2856


	-----Original Message-----
	From: Scotts Email [mailto:tech4life2 at ...5068...] 
	Sent: Tuesday, July 29, 2003 12:02 PM
	To: snort-users at lists.sourceforge.net
	Subject: [Snort-users] filters
	
	
	anyone tell me where to find bpf filter options for windows and
linux ?
	 
	i want to get the right ones, and know how to use them
properly...our class
	 
	is starting ids soon using snort..
	 
	 
	thanks,
	 
	scott

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20030729/be546a2d/attachment.html>


More information about the Snort-users mailing list