April 2016
Intermediate to advanced
390 pages
9h 41m
English
Content preview from Windows Networking Tools
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
Start your free trial
314
WindoWs netWorking tools
Running in packet logging mode
— = = Initializing Snort = =—
In the preceding example we will log packets relative to the 192.168.2.0
network, with all incoming packets recorded into the log subdirectory.
8.1.4.4 e -C Switch e uppercase -C switch is used to print out
payloads with character data only, which eliminates hexadecimal char-
acters. You can append the -C switch to the prior example as follows:
c:\Snort\bin>snort -l \snort\log -h 192.168.2.0/16 -C
8.1.4.5 e -d Switch e lowercase -d switch is used to dump the
application layer. Similar to the preceding example, you can simply
add the -d switch to a command line entry.
8.1.4.6 e -E Switch e uppercase -E switch is only applicable to
Win32. is switch resu ...