Question

What command do I use to run my pcap file through SNORT?

What command do I use to run my pcap file through SNORT?

Engineering   Computer-Science   
0 0
Add a commentTranscribed image text
Next >

Homework Answers

Answer #1

To read pcap files from command line

$ snort --pcap-list="foo1.pcap foo2.pcap foo3.pcap"

This command will read three pcap files foo1.pcap , foo2.pcap , foo3.pcap. You can be specific with the no.of pcap files.

To read pcap files from a file :

    $ cat foo.txt
    foo1.pcap
    /home/foo/pcaps

$ snort --pcap-file=foo.txt

This will read foo1.pcap and all files under home/foo/pcaps.

To read multiple pcaps, reset snort to post configuration state to read next pcap. To do this use this command :

-pcap-reset

To print a line saying what pcap is currently being read, use this command :

-pcap-show

Hope this answer helps you.

0 0
Know the answer?
Your Answer:

Post as a guest

Your Name:

What's your source?

Earn Coins

Coins can be redeemed for fabulous gifts.

Log In

Sign Up

Not the answer you're looking for?
Ask your own homework help question
Similar Questions
What does it mean to run command as an elevated user? How do you accomplish this?...
What does it mean to run command as an elevated user? How do you accomplish this? List four types of information that the ipconfig command with the /all parameter provides that the ipconfig command without the parameter does not. What type of server resolves a domain name to an IP address?
how do I zip two files to create one zipped file on a Mac. I want...
how do I zip two files to create one zipped file on a Mac. I want to be able to unzip my file and my programs or txt files appear and not a folder containing the text file
linux Using dpkg or apt, what would be the full command you would use to find...
linux Using dpkg or apt, what would be the full command you would use to find out if the python package was installed? This is tricky because Python’s actual package name is python3. $ If it is installed, what version is installed according to the dpkg or apt output? If it wasn’t installed, can you install it? What command would you use to do this? $ 2. Using dpkg, what would be the full command you would use to determine...
What command discards the IP address? What command do you use to determine whether you can...
What command discards the IP address? What command do you use to determine whether you can reach another computer on the local network? Would this command work if the default gateway were down? When troubleshooting problems with resolving domain names to IP addresses, flushing the DNS cache can sometimes help so that the local computer must build the cache again. What is the command to flush the DNS cache? What command would you use to display information about name resolutions...
If you want to redirect output of a bash command into a file what operator will...
If you want to redirect output of a bash command into a file what operator will you use? What does operator | mean in bash? What variable $0 contains in gawk? What variable $0 contains in bash script? What the statement esac means in bash script?
Linux, please avocado is an empty file Q14 – Specify a single line command that gives...
Linux, please avocado is an empty file Q14 – Specify a single line command that gives the owner and group permission to execute the file avocado while giving the owner sole permission to read and write the file. Do not change any other permission, i.e., do not remove permission from others to execute the file, if they already have that permission. Q15 – File/directory permissions are subject to permissions on the parent directories. For example, consider the file /home/dv35/cs265/lab1.txt. If...
What is the location any file with the name "cron"? I need it for centos os...
What is the location any file with the name "cron"? I need it for centos os and it doesn't have locate command installed Where does the "rc" link, in /etc/, link to? I wanted to knonw is there a command to show what it is linked to?
When we type in the name of a batch file in Command Prompt, Command Prompt will...
When we type in the name of a batch file in Command Prompt, Command Prompt will look for variables called: Group of answer choices Preset Variables Replacement Variables Permanent Variables Batch Variables We can use this character to pass the output from one command to the next: Group of answer choices | (Pipe) , (Comma) > (Angled Bracket) & (Ampersand) The following is utility tool we can use that are resided in the directory C:\Windows\System32: Group of answer choices IPCONFIG...
For C++, how do I read through a file called "dictionary.txt" and see if the word...
For C++, how do I read through a file called "dictionary.txt" and see if the word user-inputted is in the file, but using cstring only and NOT string. For example, if the dictionary.txt is like Another ostentatious work extra dog camera hinder the output should look like this, Enter a word to be looked up in dictionary: cats cats is NOT in the dictionary. Enter a word to be looked up in dictionary: ostentatious ostentatious IS in the dictionary.
PLEASE DO QUICK LINUX ASSIGNMENT PLEASE ILL THUMBS UP You need to paste the command and...
PLEASE DO QUICK LINUX ASSIGNMENT PLEASE ILL THUMBS UP You need to paste the command and the output in a word document and submit it. Part1: 1. Log in to Linux using your user account name and password. 2. If you logged in using a graphical login screen, open a terminal window by clicking on the icon in the lower left corner of the desktop to open the main menu, then selecting System Tools, then Terminal. A terminal window opens....
ADVERTISEMENT
Need Online Homework Help?

Get Answers For Free
Most questions answered within 1 hours.

Ask a Question
ADVERTISEMENT