Re: Snort reports strange port scans
From: Sax&Violins@salmahayeksknockers.eduDate: 08/13/02
- Next message: Hale: "Heads Up: SSL defeated in IE and Konqueror"
- Previous message: Khayman: "Re: I like SNORT but I need a Firewall as well (GUI for IPChains/Tables))"
- In reply to: Ian Jones: "Re: Snort reports strange port scans"
- Next in thread: Daniel: "Re: Snort reports strange port scans"
- Reply: Daniel: "Re: Snort reports strange port scans"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: Sax&Violins@salmahayeksknockers.edu Date: Tue, 13 Aug 2002 06:44:30 GMT
Ian Jones <roux@attbi.com> wrote:
> Why would you use tcpdump to explain a snort alert? You realize that
> snort is a packet sniffer and you could just grab the data there.
You're right, however, from a troubleshooting standpoint, it would be useful
to gather the same data using a different tool.
-- ............................................................................."Woe to him who builds his house by unrighteousness...who makes his neighbour serve him for nothing, and does not give him wages" -Jeremiah 22:13 ............................................................................. http://www.memeticcandiru.com daniel@swan.com
- Next message: Hale: "Heads Up: SSL defeated in IE and Konqueror"
- Previous message: Khayman: "Re: I like SNORT but I need a Firewall as well (GUI for IPChains/Tables))"
- In reply to: Ian Jones: "Re: Snort reports strange port scans"
- Next in thread: Daniel: "Re: Snort reports strange port scans"
- Reply: Daniel: "Re: Snort reports strange port scans"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
