Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Re: BPF-Filter

From: Thomas Bechtold <Thomas () jpberlin de>
Date: Thu, 24 Jun 2004 10:38:35 +0200
On Thursday 24 June 2004 10:22, Maetzky, Steffen Extern wrote:

Hi,

I have read that it is possible to ignore traffic by using bpf-filter.
I have tried to call the manual (man bpf) under RedHat 9 but there is no
entry.


You can find a manual with "man tcpdump".



Means that, that I have no bpf-support?
Which software/ lib is neccesary to get bpf-support?
Where do I get it and how to install (special configure-options?)


You need the libpcap to have bpf-support. So you can use bpf-filters with 
snort, etherreal, tcdump, ngrep,....

Cheers Thomas


-------------------------------------------------------
This SF.Net email sponsored by Black Hat Briefings & Training.
Attend Black Hat Briefings & Training, Las Vegas July 24-29 - 
digital self defense, top technical experts, no vendor pitches, 
unmatched networking opportunities. Visit www.blackhat.com
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: