[Snort-users] Is that ok to use tcpdump 4.0 for snort on Centos 6.5

waldo kitty wkitty42 at ...14940...
Mon Jul 21 16:37:51 EDT 2014


On 7/21/2014 10:33 AM, Jutichai Thongkrachai wrote:
> Hello,
>
> I am newbie for Snort. I set up Snort 2.9.6 as  this guide for CentOS:
> https://www.snort.org/documents/4
>
> In this guide,William said Snort require tcpdump 4.1+ but the latest update of
> tcpdump is 4.0.0.3 for CentOS 6.5.
>
>
> Is that ok to use tcpdump 4.0 for Snort 2.9.6?

you need to be more specific... AFAIK, tcpdump is an external tool used to 
capture and read pcap files... what is your use of tcpdump with snort? i looked 
at the referenced document and see only where they mention that you can use it 
to read the snort.log.xxxxxxxxxxxxxx pcap files... outside of that, it is not 
required...

-- 
  NOTE: No off-list assistance is given without prior approval.
        Please *keep mailing list traffic on the list* unless
        private contact is specifically requested and granted.




More information about the Snort-users mailing list