[Snort-users] Just Analyzing tcpdump files according to defined rules.

waldo kitty wkitty42 at ...14940...
Thu Oct 7 11:11:38 EDT 2010


On 10/6/2010 23:12, alexandre suzuki wrote:
> I do not want snort running as a daemon,I just want it to analyze tcpdump files
> of my Internet connections,detecting intrusions etc. according to the
> established ruleset.My first attempts were not OK.
> Can someone show here the right command line options,and eventually
> any change to snort.conf? -I use snort 2.8.5.1-.

daemon mode is initiated via the command line option '-D'... if you're not using 
it, you're not in daemon mode ;)

sounds like you need to use something like the '-r' option to read pcap files...




More information about the Snort-users mailing list