[Snort-users] Tracing certain file requests ...

Jon Baer security at ...9153...
Mon May 12 06:50:02 EDT 2003


Could some help me here ... im trying to keep tabs on specific binary files
through Snort and would like to log when the cross the network, to write a
rule for this Im attempting to hexdump the contents of the file out but how
would the rule be setup?  Does this stuff work effectively if say I only
took the 1st 100 bytes of all traffic?

Thanks in advance.

- Jon





More information about the Snort-users mailing list