[Dshield] Perhaps someone on this list can help me out.
crunch at shopip.com
Mon Oct 7 18:26:11 GMT 2002
>John Draper wrote:
>>"Snort" has this Unified Binary output mode. But what I want to know,
>is what program reads this format?
>I am not sure if _Unified_ Binary output is the same as binary output, if
>not please ignore this/flame me, whichever you consider most appropriate.
>but binary output (obtained by "snort -l <log_directory> -b"), logs
>everything to a single file (maybe this is where the "unified" comes from?)
>in a format that tcpdump understands...
Right - I got that part, but nobody can tell me if this Unified Binary is the same as regular binary, or what the differences are.
More information about the list