• Snort is an exceedingly effective sniffer:
• You must be root to use snort
• snort -v logs headers to the screen
• snort -vd shows headers AND packet data
• snort -vde shows above + data link layers
• -l flag specifies LOGDIR
• snort -vde -l ~jeremy/log/
• snort logs to a binary file in specified directory
• -r tells snort to read a file produced by the -b option
NEXT
PREVIOUS
Master Index