[Dshield] Perhaps someone on this list can help me out.

van Niekerk Niel nielvanniekerk at oldmutual.com
Mon Oct 7 14:22:10 GMT 2002


John Draper wrote:
>"Snort" has this Unified Binary output mode.    But what I want to know,
is what program reads this format?

I am not sure if _Unified_ Binary output is the same as binary output, if
not please ignore this/flame me, whichever you consider most appropriate.

but binary output (obtained by "snort -l <log_directory> -b"), logs
everything to a single file (maybe this is where the "unified" comes from?)
in a format that tcpdump understands...

Hope this helps
Niel


///
*******************************************************************

The contents of this message and any attachments are 
intended solely for the addressee's use and may be legally 
privileged and/or confidential. If you are not the 
addressee indicated in this message, any retention,
distribution, copying or use of this message is strictly
prohibited. If you received this message in error, kindly
notify the sender immediately by reply e-mail and then
destroy the message and any copies thereof.

Opinions, conclusions and other information in this 
message must be understood as neither given nor 
endorsed by Old Mutual Banking Services and may be 
personal to the sender. Since e-mail communication
cannot be guaranteed to be secure, Old Mutual Banking
Services does not make any representation or give any 
guarantee concerning the confidentiality, security,
accuracy or completeness of any e-mail. Any liability for
viruses is excluded to the fullest extent permitted by law.

*******************************************************************




More information about the list mailing list