[Dshield] Q: Packet Analyzer for windump, etc?
dr at kyx.net
Thu Aug 2 19:51:48 GMT 2001
On Thu, 02 Aug 2001, you wrote:
> Ive tried using IRIS but couldn't get the full dump outpt to text. Now using
> windump, but having trouble analyzing the outpt. Any suggestions would be
> much appreciated.
For more stripped down decoding but more rules oriented automation try snort.
For more detail in the decodes try ethereal. www.snort.org, and
www.ethereal.com respectively. Both speak tcpdump/windump files.
More information about the list