[Snort-users] whether wireshark can be integrated with snort??

Nigel Houghton nhoughton at ...1935...
Mon May 25 10:59:37 EDT 2009


On Mon, May 25, 2009 at 7:20 AM, Sadanand Ghagare <sadanandgh at ...11827...> wrote:
> Hi Nigel,
>
> Wireshark box has been used by sys-admin and that directly connected to
> mirrored port. They use that box to monitor traffic.
> I am totally unaware about whether they dump the data or they use it in real
> time.
> But to make snort working I can ask them to do it.

I think you really need to find out what they are doing with wireshark
first. I also think you might find that snort needs to replace that
wireshark instance if they are really monitoring network traffic.

-- 
Nigel Houghton
Head Mentalist
SF VRT
http://vrt-sourcefire.blogspot.com && http://www.snort.org/vrt/




More information about the Snort-users mailing list