Snort mailing list archives
How to review actual packets?
From: "Sheahan, Paul (PCLN-NW)" <Paul.Sheahan () priceline com>
Date: Mon, 11 Jun 2001 13:02:28 -0400
Hello, I'm new to Snort and just installed my first server on Red Hat Linux 7.0. I am trying to identify why certain machines are setting off alarms. I need to view the actual packets that were sent by the machine so I can see what URL they went to etc. How can I view this info in Snort? I've already looked at our web logs and they don't contain the info I need. I need actual sniffer traces. Any help would be appreciated! Thanks, Paul _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: http://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- How to review actual packets? Sheahan, Paul (PCLN-NW) (Jun 11)
- Re: How to review actual packets? Chris Green (Jun 11)
- Logging Question Jim Kipp (Jun 11)
- Re: Logging Question Phil Wood (Jun 11)
- Re: Logging Question Rich Adamson (Jun 11)
- Logging Question Jim Kipp (Jun 11)
- Re: How to review actual packets? John Sage (Jun 11)
- Re: How to review actual packets? Chris Green (Jun 11)