[Snort-users] packet traces to test snort

Eric Arnoth earnoth at ...5068...
Tue May 6 19:30:13 EDT 2003

On Monday 05 May 2003 13:32, snort-users-admin at lists.sourceforge.net wrote:
> Grab the the Capture the Flag traces from Defcon8/9 [0], and then use
> tcpreplay [1] to replay them.

Alternatively, you could use the -r flag on Snort to suck in the tcpdump file
and process it that way.  A very convenient option, actually.

Eric I. Arnoth    CISSP (http://www.isc2.org)        
earnoth at ...5068...                

More information about the Snort-users mailing list