[Snort-users] Just Analyzing tcpdump files according to defined rules.
wkitty42 at ...14940...
Thu Oct 7 11:11:38 EDT 2010
On 10/6/2010 23:12, alexandre suzuki wrote:
> I do not want snort running as a daemon,I just want it to analyze tcpdump files
> of my Internet connections,detecting intrusions etc. according to the
> established ruleset.My first attempts were not OK.
> Can someone show here the right command line options,and eventually
> any change to snort.conf? -I use snort 220.127.116.11-.
daemon mode is initiated via the command line option '-D'... if you're not using
it, you're not in daemon mode ;)
sounds like you need to use something like the '-r' option to read pcap files...
More information about the Snort-users