On Wed, 6 Jun 2001, Daniel Crichton wrote:
> On 6 Jun 2001, at 7:58, Tatsuya Kawasaki wrote:
>
> > Steven,
> >
> > thnx .. it is great but .. a problem.
> > I am not able to figure out how to stop certain packets.
> > ie I do not wish to see all traffic, I would like to limit on
> > only interesting traffic, do you know how to do it?
> > or can it be done?
>
> I use Snort (www.snort.org), it has an easy to use rules syntax and you can
> download a wide range of pre-build rules for detecting known vulnerabilites.
I think this is an answer to a different question not really being asked,
but, perhaps not, since some use snort like tcpdump.
I've not recently used that toy, I do more of my packet sniffing off of
unix based systems, so, I do not recall how much one's able to provide
filters to reduce or specify the the kind of packets one is trying to pay
attention to with the tcpdump ports in the win realm. In the unix realm
the man page for tcpdump is okay for diseminating some of the info, have
you looked at the documantation for windump for particulars? I'm sure
others will pipe in shortly with more info, I just re installed my main
win toy and have not gotten all the apps reinstalled yet to help more
here.
Thanks,
Ron DuFresne
>
> Dan
>
> ---
> D.C. Crichton email: [EMAIL PROTECTED]
> Senior Systems Analyst tel: +44 (0)121 706 6000
> Computer Manuals Ltd. fax: +44 (0)121 606 0477
>
> Computer book info on the web:
> http://computer-manuals.co.uk/
> Want to earn money? Join our affiliate network!
> http://computer-manuals.co.uk/affiliate/
>
>
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
>
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
"Cutting the space budget really restores my faith in humanity. It
eliminates dreams, goals, and ideals and lets us get straight to the
business of hate, debauchery, and self-annihilation." -- Johnny Hart
***testing, only testing, and damn good at it too!***
OK, so you're a Ph.D. Just don't touch anything.
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
