Snort mailing list archives
Getting more information from snort
From: "Francis A. Vidal" <francisv-dated-1060676899.1a550a () irc dagupan com>
Date: Thu, 7 Aug 2003 16:28:18 +0800
Hi all, We're trying to monitor a possible hacking attempt on one of our hosted sites using snort (2.0.1). We're using log_unified and log_tcpdump to log the packets. However, packets captured using log_tcpdump are quite limited (or I just lack the necessary tools to extract the information) and I couldn't find tools that can dig out information from log_unified except barnyard. For this kind of application, what methodologies do you suggest? Any suggestion is appreciated. Thanks! --- francis a. vidal [bitstop network services] | http://www.bnshosting.net streaming media + web hosting | http://www.bitstop.ph v(02)330-2871,(02)330-2872; f(02)330-2873 | http://www.kuro.ph ------------------------------------------------------- This SF.Net email sponsored by: Free pre-built ASP.NET sites including Data Reports, E-commerce, Portals, and Forums are available now. Download today and enter to win an XBOX or Visual Studio .NET. http://aspnet.click-url.com/go/psa00100003ave/direct;at.aspnet_072303_01/01 _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Getting more information from snort Francis A. Vidal (Aug 07)
- <Possible follow-ups>
- Getting more information from snort francisv (Aug 07)
- Getting more information from snort Francis A. Vidal (Aug 07)