[Snort-users] Barnyard2/Base MAC Address from PCAP

Gordon Wallum gordon_wallum at otowfl.com
Wed Jan 3 09:18:15 EST 2018


Looking to pull layer 2 information from Barnyard2/BASE PCAP file

The mac addresses are just showing as fake place holders: de:ad:ca:fe:ba:be and 11:22:33:44:55:66

Anyway to capture this information form base without having to go into the unified2 log?


Thank you,



[cid:image002.png at 01CF8FC6.440C3120]

Gordon Wallum



Network Security Administrator
Information Technology Department



On Top of the World Communities & Related Entities
P 352.873.0848 x.7412   F 352.861.9569
9860 SW 84 Court, Suite D, Ocala, FL 34481
OnTopoftheWorld.com<http://www.ontopoftheworld.com/>




[cid:image003.png at 01CF8FC6.14F91B00]<http://www.facebook.com/pages/Ocala-FL/On-Top-of-the-World-Communities-Ocala-FL/170476803860?v=app_4949752878>[cid:image005.png at 01CF8FC6.440C3120]<http://twitter.com/otowfl>[cid:image007.png at 01CF8FC6.440C3120]<http://www.youtube.com/ontopoftheworld2007> [cid:image009.png at 01CF8FC6.440C3120] <http://ontopoftheworldocala.blogspot.com/>

P Please consider the environment before printing this e-mail or other documents.

The contents of this e-mail message and any attachments are confidential and are intended solely for addressee. The information may also be legally privileged. This transmission is sent in trust, for the sole purpose of delivery to the intended recipient. If you have received this transmission in error, any use, reproduction or dissemination of this transmission is strictly prohibited. If you are not the intended recipient, please immediately notify the sender by reply e-mail or phone and delete this message and its attachments, if any.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20180103/27cac4eb/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.png
Type: image/png
Size: 10549 bytes
Desc: image001.png
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20180103/27cac4eb/attachment-0003.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image002.png
Type: image/png
Size: 308 bytes
Desc: image002.png
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20180103/27cac4eb/attachment-0004.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image003.gif
Type: image/gif
Size: 801 bytes
Desc: image003.gif
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20180103/27cac4eb/attachment-0002.gif>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image004.png
Type: image/png
Size: 1146 bytes
Desc: image004.png
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20180103/27cac4eb/attachment-0005.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image005.gif
Type: image/gif
Size: 814 bytes
Desc: image005.gif
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20180103/27cac4eb/attachment-0003.gif>


More information about the Snort-users mailing list