Snort mailing list archives
Problem to sniff 80, 110, 25 and 21 ports.
From: giochi <giochi () telvia it>
Date: Wed, 29 Oct 2003 22:32:59 +0100
Hi again list,
thank you very much for yours intresting.
The fact is that: my boss wants to see (on his server) the http,pop3,smtp and ftp user/pass of users.
I try many solutions for this:
- tcpdump tcp and port 80 or port 110 or port 21 or port 25 (as you suggest me) It works, but if I grep for USER or
PASS into the output file genereted from tcpdump I can't see nothing.
- snort -i eth0 -l prova (It works, but logs a lot of packets, and in one day of work I can reach over 300Mb of size
file)
- snort -i eth0 -l prova dst port 80 and port 25 and port 21 (It doesn't works) I see this error:
Running in packet logging mode
Log directory = prova
Initializing Network Interface eth0
ERROR: OpenPcap() FSM compilation failed:
PCAP command: %s
Fatal Error, Quitting..
Could we suggest me the right way for solve this things ?
Thank you very much.
Regards,
Fabrizio
--
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1.2.3 (GNU/Linux)
mQGiBD6CJ8QRBACpDkW+4b3/LdE8YsT3FEM/MfH2k0NDxFKhedwYaGi5CzbU7KfM
1sD5KEwBONz2FQM+FIil2wuiVy0aLSnRmQHg6SMCFsGfjAG9Uc41hKpReTI/tG+s
39cX7q21oiE4n22yXpocqLFf0QFXQccHbQ2RzwTCiEPINUjcgXMszQsxXwCgqIDw
IAcSTMx1jdX0gVPMnngMgT8EAJOTRWAoGlb1TfZvLqqPzgWoeQATHV4TQ19QYYv4
McqTRPDVVBKFveRrcVvAF269tDH8PBh3B06KPinMq+yQoQSKWbhg7oT00m9jvkmZ
eU+XpAOpjvi0zFICFTDLag1iVp21NssUPc1XDUxfTpBzxoE+d9sFymCuLq1VhhFZ
jxiPA/0XEyWx1M8RjPxZfS/RRJWKG/ibtViNHpTG9ZGrZow9WWm/5NXdk0AS8bIH
3jHcNpqDJNKHaO4zm5CTkCPBgGkgf9PqeeffKrpUtj1VNXqb+zCSXKF43YwYDVxi
rX/6rNxpby0yQY+OJcJoke+NGCUfMyD2M7znS8bzzm6rWIvkArQ8RmFicml6aW8g
UmVnYWxsaSAoVW5peCBTeXN0ZW0gQWRtaW5pc3RyYXRvcikgPGZhYkB0ZWx2aWEu
aXQ+iFkEExECABkFAj6CJ8UECwcDAgMVAgMDFgIBAh4BAheAAAoJEHjh0f/fOEdn
VbEAn15x05/obw6ipPf4UHZXfu5sX4n3AJ0ZGR8apSUVqj15YuvJf3K+hZNU5A==
=jDBs
-----END PGP PUBLIC KEY BLOCK-----
-------------------------------------------------------
This SF.net email is sponsored by: SF.net Giveback Program.
Does SourceForge.net help you be more productive? Does it
help you create better code? SHARE THE LOVE, and help us help
YOU! Click Here: http://sourceforge.net/donate/
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Problem to sniff 80, 110, 25 and 21 ports. giochi (Oct 29)
- Re: Problem to sniff 80, 110, 25 and 21 ports. Matt Kettler (Oct 29)
- Re: Problem to sniff 80, 110, 25 and 21 ports. giochi (Oct 29)
- Re: Problem to sniff 80, 110, 25 and 21 ports. Mike Cojocea (Oct 29)
- <Possible follow-ups>
- Problem to sniff 80, 110, 25 and 21 ports. giochi (Oct 29)
- RE: Problem to sniff 80, 110, 25 and 21 ports. O'Flynn, Derek (Oct 29)
- Re: Problem to sniff 80, 110, 25 and 21 ports. Matt Kettler (Oct 29)