Re: basic command

["Warrick FitzGerald" <wfitzgerald () livetechnology com>]

Paul Slinki explained that it is very similar to tcpdump i.e.,

snort -dev -l /root/snortlog2 -h 10.10.52.100/32 port 80

Does exactly what I want. I'm not sure exactly how much you can achieve on
the command line, but this certainly works to my needs.

----- Original Message -----
From: "John Sage" <jsage () finchhaven com>
To: "Warrick FitzGerald" <wfitzgerald () livetechnology com>
Cc: <snort-users () lists sourceforge net>
Sent: Friday, January 18, 2002 9:32 PM
Subject: Re: [Snort-users] basic command


> umm..
>
> This command line has *nothing* to do with logging, alerting or anything
> like that.
>
> No command line does any of that.
>
> I'd suggest you familiarize yourself with:
>
> http://snort.sourcefire.com/docs/writing_rules/chap2.html#tth_chAp2
>
>
>
> - John
>
> --
> The web page you seek
> cannot be found here:
> countless others await
>
>
>
>
> Warrick FitzGerald wrote:
>
> > Can someone please explain how I would modify this command line
statement so
> > that it only logs TCP port 80
> >
> >  snort -dev -l /root/snortlog2 -h 10.10.52.100/32
> >
> >  Thanks
> > Warrick


_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users