Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
From: Ganu Skop (skopganuyahoo.com)
Date: Fri Feb 08 2002 - 01:03:49 CST
got this matter to solve;
anyone got a paper/reference on tcpdump and snort - a
reference need it pretty badly.
as in my opinion, tcpdump by default only capture 60
bytes of data (no payload) and we need to do the
filter based on abnormal packet behaviour - more or
less like shadow ids.
where as snort has all the feature with rules , stream
assembly and etc.
therefore it's better to run snort than capture
tcpdump and load it back to snort ..right ?
need ur feedback
Do You Yahoo!?
Send FREE Valentine eCards with Yahoo! Greetings!
Snort-users mailing list
Go to this URL to change user options or unsubscribe:
Snort-users list archive: