[Dshield] Perhaps someone on this list can help me out.

John Draper crunch at shopip.com
Mon Oct 7 18:26:11 GMT 2002


>John Draper wrote:
>>"Snort" has this Unified Binary output mode.    But what I want to know,
>is what program reads this format?
>
>I am not sure if _Unified_ Binary output is the same as binary output, if
>not please ignore this/flame me, whichever you consider most appropriate.
>
>but binary output (obtained by "snort -l <log_directory> -b"), logs
>everything to a single file (maybe this is where the "unified" comes from?)
>in a format that tcpdump understands...

Right - I got that part,  but nobody can tell me if this Unified Binary is the same as regular binary,  or what the differences are.

John





More information about the list mailing list