There are probably others out there that can read the snort logs as they are merely tcpdumps of the offending packets but I have found that Ethereal is very handy and convient to examing them... So that's my personal choice... If you find another app that views and interprets the packet logs like Ethereal mention it and I'll take a look at it... Respectfully, Jeremy T. Bouse dude was said to been seen saying: > > On Tue, 10 Jul 2001, Jeremy T. Bouse wrote: > > > > > Snort actually dumps the raw packet details into log files in the > > /var/log/snort directory... These can be open'd using Ethereal and you are > > able to take a closer look at the packets themselves with relative ease... > > > > So i should use etheral to look at way dumps? > > G > -- ,-----------------------------------------------------------------------------, |Jeremy T. Bouse, CCNA - UnderGrid Network Services, LLC - www.UnderGrid.net | | Public PGP/GPG fingerprint and location in headers of message | | If received unsigned (without requesting as such) DO NOT trust it! | | jbouse@Debian.org - NIC Whois: JB5713 - Jeremy.Bouse@UnderGrid.net | `-----------------------------------------------------------------------------'
Attachment:
pgpgvV_TvU884.pgp
Description: PGP signature