Good day all, I would like to bring up a topic that I have yet to have seen
answered...

For those of us running snort on linux and then archiving data to a Win32
machine, the "proto:port-port" filename that is created for packet capture
files will not work for Windows. In snort 1.8.x this was fairly simple to
change by editing a line in the log.c file then compiling, etc. However in
snort 1.9 this has changed and I can't find out where to change this option.
I've tried posting to this list about a month ago and also to
snort-developers but no one has answered yet or have been able to find the
answer I should say.

If anyone knows the answer please let me know, and if this isn't possible
then I'll have to change the way I'm archiving this data, either way I'd
really like to move to 1.9, but would prefer to continuing archiving to
Windows (not my personal preference, just an environment thing).

Thanks in advance,
Matt

-------------------------------------------------------
This SF.net email is sponsored by: Get the new Palm Tungsten T
handheld. Power & Color in a compact size!
http://ads.sourceforge.net/cgi-bin/redirect.pl?palm0002en
_______________________________________________
Snort-users mailing list
Snort-userslists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]