|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: [Snort-users] Using BPF Filters for GRE, OSPF, BGP, IGMP
From: Aaron (snort
microchp.org)
Date: Mon Apr 05 2004 - 00:42:18 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
My bad.
I did not realize that could also be used in the bpf filter snort
uses.
I should have tried it first before asking.
Thanks Frank. :-)
On Sun, 04 Apr 2004 23:28:50 -0500
Frank Knobbe <frankknobbe.us> wrote:
>On Sun, 2004-04-04 at 20:21, Aaron wrote:
>> I know how to specify networks and hosts in my BPF filter file,
>>though
>> am not sure how to prevent snort from ever seeing GRE, OSPF, IGMP,
>> IPSec traffic, etc...
>>
>> Does anyone know how?
>
>
>man tcpdump
>
>Says right there... ip and not proto 47 (for GRE for example). 50
>and
>51 for IPSec. See /etc/services for the rest.
>
>Regards,
>Frank
>
-------------------------------------------------------
This SF.Net email is sponsored by: IBM Linux Tutorials
Free Linux tutorial presented by Daniel Robbins, President and CEO of
GenToo technologies. Learn everything from fundamentals to system
administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click
_______________________________________________
Snort-users mailing list
Snort-userslists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]