[Snort-users] RE: how to convert tcpdump file back to its binary form

Richard Bejtlich richard_bejtlich at ...131...
Thu Nov 20 04:56:01 EST 2003


Jennifer,

Take a look at text2pcap, part of the Ethereal
distribution:

http://www.ethereal.com/text2pcap.1.html

You can read pcap files into Snort using the -r
switch.

Sincerely,

Richard Bejtlich
http://taosecurity.com

===

A file was supplied to me in tcpdump in ASCII format
and I would like to convert it back to its original
binary form.
 
Is it possible if so HOW?
 
After this file is converted to binary form can I run
it on snort and then snortsnarf??


__________________________________
Do you Yahoo!?
Free Pop-Up Blocker - Get it now
http://companion.yahoo.com/




More information about the Snort-users mailing list