[Snort-users] unix socket connection with '-A unsock'

서동훈 ssimuru at ...125...
Sun Mar 15 00:41:14 EDT 2009


Hello~ all

 

I am using snort-2.8.3.2.

 

I am trying to open unix socket with '-A unsock' option.

 

so when I typed the command like this 'snort -l /var/log/snort -A fast -c ./etc/snort.conf -D', 

and then i check the state of the port using 'netstat -p | grep snort'.

 

the result is 

 

unix  2   []    DGRAM     3623073    1025/snort

 

if i typed the command like this 'snort -l /var/log/snort -A unsock -c ./etc/snort.conf -D', 

the result is

 

unix  2   []    DGRAM     3623073    1025/snort

unix  2   []    DGRAM     3623059    1025/snort

 

Is is right that the snort opend the unix socket for communicating with other program?

 

If ti's right , then how can i use the socket? 

 

Since there is no path. I have no idea how i use the unix socket...

 

Is there anyone who has some experience like this?

 

Thanks 

 

Seo

_________________________________________________________________
메신저 친구가 돈을 요구 하면, 전화 확인은 필수!
http://im.msn.co.kr/im/main/mainFaqDetail.asp?seq=96&page=1&BbsCode=bbs03&Category=03&ser_k=a&ser_v=
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20090315/dcc8b6c0/attachment.html>


More information about the Snort-users mailing list