[Snort-users] Tcpdump full conversation capture

Patrick Harper patrick at ...4250...
Wed Sep 28 14:00:30 EDT 2005


-s0




 
-----Original Message-----
From: snort-users-admin at lists.sourceforge.net
[mailto:snort-users-admin at lists.sourceforge.net] On Behalf Of Court Graham
Sent: Wednesday, September 28, 2005 3:46 PM
To: snort-users at lists.sourceforge.net
Subject: [Snort-users] Tcpdump full conversation capture

All,
 
  I have been performing binary packet captures with tcpdump for use in a
snort signature!
 
(  tcpdump -w "file" host x.x.x.x  )
 
This string does not capture the full conversation. Does anyone know the
switch that will enable this functionality! 






More information about the Snort-users mailing list