Snort mailing list archives
Re: basic command
From: "Warrick FitzGerald" <wfitzgerald () livetechnology com>
Date: Sat, 19 Jan 2002 14:21:12 -0500
Paul Slinki explained that it is very similar to tcpdump i.e., snort -dev -l /root/snortlog2 -h 10.10.52.100/32 port 80 Does exactly what I want. I'm not sure exactly how much you can achieve on the command line, but this certainly works to my needs. ----- Original Message ----- From: "John Sage" <jsage () finchhaven com> To: "Warrick FitzGerald" <wfitzgerald () livetechnology com> Cc: <snort-users () lists sourceforge net> Sent: Friday, January 18, 2002 9:32 PM Subject: Re: [Snort-users] basic command
umm.. This command line has *nothing* to do with logging, alerting or anything like that. No command line does any of that. I'd suggest you familiarize yourself with: http://snort.sourcefire.com/docs/writing_rules/chap2.html#tth_chAp2 - John -- The web page you seek cannot be found here: countless others await Warrick FitzGerald wrote:Can someone please explain how I would modify this command line
statement so
that it only logs TCP port 80 snort -dev -l /root/snortlog2 -h 10.10.52.100/32 Thanks Warrick
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- basic command Warrick FitzGerald (Jan 18)
- Re: basic command John Sage (Jan 18)
- Re: basic command Warrick FitzGerald (Jan 19)
- Re: basic command John Sage (Jan 19)
- Re: basic command Warrick FitzGerald (Jan 19)
- Re: basic command Warrick FitzGerald (Jan 19)
- Re: basic command John Sage (Jan 18)
- Re: basic command Guillaume (Jan 19)