[Snort-users] Log all traffic?

Mark.Schutzmann at ...10438... Mark.Schutzmann at ...10438...
Wed Nov 5 15:53:03 EST 2003


"log tcp any any -> any any" and "log udp any any -> any any" are the most
basic... (pg. 157 of Syngress, Snort 2.0 Intrusion Detection) I would be
interested in the front end/query that you're using.

Regards,
Mark


                                                                                                                                                  
                      nick travis                                                                                                                 
                      <linuxnews at ...7917...>          To:       snort-users at lists.sourceforge.net                                             
                      Sent by:                            cc:                                                                                     
                      snort-users-admin at ...4626...        Subject:  [Snort-users] Log all traffic?                                                
                      ceforge.net                                                                                                                 
                                                                                                                                                  
                                                                                                                                                  
                      11/05/2003 02:47 PM                                                                                                         
                                                                                                                                                  
                                                                                                                                                  






Is there a rule for snort to log all network traffic.  I need to dump it
all into a database and query it for bandwidth usage by certain hosts.

Nick



--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
If you have any questions please contact nick at ...10489...
Mailscanner thanks transtec Computers for their support.



-------------------------------------------------------
This SF.net email is sponsored by: SF.net Giveback Program.
Does SourceForge.net help you be more productive?  Does it
help you create better code?   SHARE THE LOVE, and help us help
YOU!  Click Here: http://sourceforge.net/donate/
_______________________________________________
Snort-users mailing list
Snort-users at lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users









More information about the Snort-users mailing list