[Snort-users] Import data from wireshark to Snort

PR oly562 at ...11827...
Tue Sep 11 16:06:03 EDT 2012


nifty, that works. :)

On Tue, 2012-09-11 at 13:21 -0600, Lay, James wrote:
> Not sure what you mean by import Nhok, but if you have a packet
> capture you want to read, you can try, for example:
> 
>  
> 
> snort –c /etc/snort/snort.conf –r mycapturefile.pcap
> 
>  
> 
> That will read the packet capture file just like it was on the wire.
> Hope that helps.
> 
>  
> 
> James
> 
>  
> 
> From: Nhok Maruko [mailto:lieuctk32 at ...11827...] 
> Sent: Tuesday, September 11, 2012 2:29 AM
> To: snort-users at lists.sourceforge.net
> Subject: [Snort-users] Import data from wireshark to Snort
> 
>  
> 
> Hi, everyone. I have some trouble with Snort. i don't know how to
> import data from wireshark to Snort, so anyone who know please help
> me?
> 
> Thanks
> 
> 
>  
> 
> 
> -- 
> Đường tuy ngắn, không đi, không đến
> Việc tuy nhỏ, không làm, không xong.
> 
> 
> 
> 
> ------------------------------------------------------------------------------
> Live Security Virtual Conference
> Exclusive live event will cover all the ways today's security and 
> threat landscape has changed and how IT managers can respond. Discussions 
> will include endpoint security, mobile security and the latest in malware 
> threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
> _______________________________________________ Snort-users mailing list Snort-users at lists.sourceforge.net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!





More information about the Snort-users mailing list