[Dshield] Perhaps someone on this list can help me out.

John Draper crunch at shopip.com
Mon Oct 7 18:26:11 GMT 2002

>John Draper wrote:
>>"Snort" has this Unified Binary output mode.    But what I want to know,
>is what program reads this format?
>I am not sure if _Unified_ Binary output is the same as binary output, if
>not please ignore this/flame me, whichever you consider most appropriate.
>but binary output (obtained by "snort -l <log_directory> -b"), logs
>everything to a single file (maybe this is where the "unified" comes from?)
>in a format that tcpdump understands...

Right - I got that part,  but nobody can tell me if this Unified Binary is the same as regular binary,  or what the differences are.


More information about the list mailing list