tcpdump mailing list archives

Re: handling tcp retransmissions with libpcap

From: ury segal <ury_segal () yahoo com>
Date: Thu, 23 Sep 2004 16:02:30 -0400 (EDT)

looking at snort.


libnids is *perfect*, thank you :)


Does it handle lost segments well? I mean, when
you never get a segment, will NIDS understand that,
give up on the segment, and continue feeding the
user with the rest of the stream?

Similarly, does it track connections without
capturing the Connection Establishment packet
sequence? (Let's say I run an app using NIDS while
a connection is already up. Will I get the data
stream of this connection ?)


Andy.

-- 
n: Andy Coates                         e:
andy () bribed net
-
This is the tcpdump-workers list.
Visit https://lists.sandelman.ca/ to unsubscribe.


=====
--ury
-
This is the tcpdump-workers list.
Visit https://lists.sandelman.ca/ to unsubscribe.

Current thread:

handling tcp retransmissions with libpcap Andy Coates (Sep 23)
- Re: handling tcp retransmissions with libpcap Bruce M Simpson (Sep 23)
  - Re: handling tcp retransmissions with libpcap Andy Coates (Sep 23)
    - Re: handling tcp retransmissions with libpcap ury segal (Sep 23)