Snort mailing list archives
How to use the packet logger and NID mode at the same time
From: "Didier CONTIS" <dcontis () bellsouth net>
Date: Mon, 19 Nov 2001 21:34:59 -0500
I am trying to find out if it would be possible using one instance of snort, to simultaneouly record all the traffic in one location and perform the regular NIDS analysis with alerts being logged in a different location (or sent to a database). The idea behind dumping all the traffic is for us to record one or two days of traffic for post-mortem analysis. Has anyone tried something like that before ? Thanks for any suggestions. Didier _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Rules changes 1.8.1 -> 1.8.2 Joshua Thomas (Nov 19)
- Re: Rules changes 1.8.1 -> 1.8.2 Martin Roesch (Nov 19)
- How to use the packet logger and NID mode at the same time Didier CONTIS (Nov 19)
- Re: How to use the packet logger and NID mode at the same time Erek Adams (Nov 19)
- How to use the packet logger and NID mode at the same time Didier CONTIS (Nov 19)
- Re: Rules changes 1.8.1 -> 1.8.2 Martin Roesch (Nov 19)