Snort mailing list archives
RE: Database plugin question
From: "Dell, Jeffrey" <JDell () seisint com>
Date: Wed, 14 Aug 2002 16:23:52 -0400
gre(IP Protocol 47) and igrp(IP Protocol 9) will be covered by ip. To get arp you can do: log arp any any <> any any -----Original Message----- From: Radu Brumariu [mailto:brumariur () missouri edu] Sent: Wednesday, August 14, 2002 11:14 AM To: Dell, Jeffrey Cc: snort-users () lists sourceforge net Subject: RE: [Snort-users] Database plugin question Thanks, Jeffrey for the input. However, I would like snort to log _all_ the packets that it sees, including arp,igrp,gre, etc. Radu On Wed, 2002-08-14 at 14:42, Dell, Jeffrey wrote:
Use the rule: log ip any any <> any any This will log all ip packets. -----Original Message----- From: Radu Brumariu [mailto:brumariur () missouri edu] Sent: Wednesday, August 14, 2002 10:27 AM To: snort-users () lists sourceforge net Subject: [Snort-users] Database plugin question Hi all, I would like to know if it is possible to trick snort into logging every packet that it sees to the database rather then log|alert? thanks, Radu ------------------------------------------------------- This sf.net email is sponsored by: Dice - The leading online job board for high-tech professionals. Search and apply for tech jobs today! http://seeker.dice.com/seeker.epl?rel_code=31 _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
------------------------------------------------------- This sf.net email is sponsored by: Dice - The leading online job board for high-tech professionals. Search and apply for tech jobs today! http://seeker.dice.com/seeker.epl?rel_code=31 _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Database plugin question Radu Brumariu (Aug 14)
- <Possible follow-ups>
- RE: Database plugin question Kevin Brown (Aug 14)
- RE: Database plugin question Dell, Jeffrey (Aug 14)
- RE: Database plugin question Radu Brumariu (Aug 14)
- Re: Database plugin question hackerwacker (Aug 14)
- Re: Database plugin question Phil Wood (Aug 14)
- Re: Database plugin question Radu Brumariu (Aug 15)
- Re: Database plugin question Phil Wood (Aug 15)
- RE: Database plugin question Radu Brumariu (Aug 14)