Question

What command do I use to run my pcap file through SNORT?

What command do I use to run my pcap file through SNORT?

Engineering   Computer-Science   
0 0
Add a commentTranscribed image text
Next >

Homework Answers

Answer #1

To read pcap files from command line

$ snort --pcap-list="foo1.pcap foo2.pcap foo3.pcap"

This command will read three pcap files foo1.pcap , foo2.pcap , foo3.pcap. You can be specific with the no.of pcap files.

To read pcap files from a file :

    $ cat foo.txt
    foo1.pcap
    /home/foo/pcaps

$ snort --pcap-file=foo.txt

This will read foo1.pcap and all files under home/foo/pcaps.

To read multiple pcaps, reset snort to post configuration state to read next pcap. To do this use this command :

-pcap-reset

To print a line saying what pcap is currently being read, use this command :

-pcap-show

Hope this answer helps you.

0 0
Know the answer?
Your Answer:

Post as a guest

Your Name:

What's your source?

Earn Coins

Coins can be redeemed for fabulous gifts.

Log In

Sign Up

Not the answer you're looking for?
Ask your own homework help question
Similar Questions
Linux Operation SECTION 2 – File and Directory Permissions: FILE PERMISSIONS: What is the command used...
Linux Operation SECTION 2 – File and Directory Permissions: FILE PERMISSIONS: What is the command used to find out which user account you are logged into?      . This command may come in handy in the following exercises. Ensure you are in your home directory of the student1 account. Use the echo command with output redirection to create a file called labfile4 and put the following text in this file: “This is the first line of labfile4”. Using the symbolic notation...
5. Write a bash command that will display the name of every file on the Linux...
5. Write a bash command that will display the name of every file on the Linux system whose file contaent contains the string "doug.jones". The command must run in the background, must redirect standard error to /dev/null, and must redirect standard output to ~/out. 6. Write a bash command that will kill all of the even-numbered processes associated with your userid, and no other processes. 7. Write a bash command that will start the program /home/courses/140u-doug.jones/zombie_maker as a background process,...
What does it mean to run command as an elevated user? How do you accomplish this?...
What does it mean to run command as an elevated user? How do you accomplish this? List four types of information that the ipconfig command with the /all parameter provides that the ipconfig command without the parameter does not. What type of server resolves a domain name to an IP address?
Write an awk (nawk) or sed command file that converts a textfile to a html file...
Write an awk (nawk) or sed command file that converts a textfile to a html file (by inserting tags <HTML><BODY><PRE> at the beginning of your existing file: file1.txt and inserting tags </PRE> ></BODY></HTML> at the end of file1.txt) Sample Run: awk -f awkfile.txt file1.txt > file1.html or use sed –f sedfile.txt file1.txt > file1.html Sample Output: Use a browser to show your file1.html
Hello, I'm new to UNIX and I am asked to use the ls –ali / command...
Hello, I'm new to UNIX and I am asked to use the ls –ali / command to review the contents of the / directory. I did that, but then I am asked to review the Linux Filesystem Standard (FSSTD) and document the following directories’ contents, e.g. |--home |--lib    |--mnt My question is, what command can I use to document the contents of these directories? Could you please show me a screenshot of the results I am supposed to get...
how do I zip two files to create one zipped file on a Mac. I want...
how do I zip two files to create one zipped file on a Mac. I want to be able to unzip my file and my programs or txt files appear and not a folder containing the text file
linux Using dpkg or apt, what would be the full command you would use to find...
linux Using dpkg or apt, what would be the full command you would use to find out if the python package was installed? This is tricky because Python’s actual package name is python3. $ If it is installed, what version is installed according to the dpkg or apt output? If it wasn’t installed, can you install it? What command would you use to do this? $ 2. Using dpkg, what would be the full command you would use to determine...
What command discards the IP address? What command do you use to determine whether you can...
What command discards the IP address? What command do you use to determine whether you can reach another computer on the local network? Would this command work if the default gateway were down? When troubleshooting problems with resolving domain names to IP addresses, flushing the DNS cache can sometimes help so that the local computer must build the cache again. What is the command to flush the DNS cache? What command would you use to display information about name resolutions...
If you want to redirect output of a bash command into a file what operator will...
If you want to redirect output of a bash command into a file what operator will you use? What does operator | mean in bash? What variable $0 contains in gawk? What variable $0 contains in bash script? What the statement esac means in bash script?
linux operating system 1) Give a command to search the file /etc/passwd for the string “sarwar”...
linux operating system 1) Give a command to search the file /etc/passwd for the string “sarwar” 2) Give the command for deleting the memos directory. How do you know that the directory has been deleted? 3) Give the command for searching a file named fruits for the string “apple”, sending the output of the command to a file called applefreq
ADVERTISEMENT
Need Online Homework Help?

Get Answers For Free
Most questions answered within 1 hours.

Ask a Question
ADVERTISEMENT