Snort mailing list archives

Previous By Date Next
Previous By Thread Next

snort-replay 0.2

From: Andreas Östling <andreaso () it su se>
Date: Tue, 24 Jun 2003 13:00:20 +0200

Hello,

For the interested, snort-replay 0.2 is now available from
http://nitzer.dhs.org/snort-replay/

It's a simple output system for Snort that reads a tcpdump file and
prints (not sends!) the payloads using the same delay between the packets
as was seen on the wire. I've put up a couple of examples as animated gifs
(poor quality) on the homepage if you want a demo.
It's still just a quick test just for fun, so don't take it too seriously...

Changes since 0.1:

o Updated to work with Snort 2.0.0
o Requires curses to compile
o Included installation script for easier installation
o Handle telnet escape command, i.e. some colors etc will now be printed,
  but it may also mess up your terminal if it can't handle the codes
  correctly... Use at your own risk
o The source address of the first packet is regarded as the client host
  for the rest of the conversation, and all packets from this host will be
  printed in white so it's much easier to see which packet is from the
  client and which is from the server. You can switch client host by
  pressing 's' during playback
o You can now adjust the speed during playback with '+' and '-', and also
  pause with 'p'. To reset to the original speed, press 'r'
o Only ascii chars 0x20-0x7E will be printed by default
  (i.e. less useless junk on screen)
o Updated telnet.bin example to include a pine session
o Updated the README file
o A few other general improvments

/Andreas



-------------------------------------------------------
This SF.Net email is sponsored by: INetU
Attention Web Developers & Consultants: Become An INetU Hosting Partner.
Refer Dedicated Servers. We Manage Them. You Get 10% Monthly Commission!
INetU Dedicated Managed Hosting http://www.inetu.net/partner/index.php
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: