Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: enhanced tcpdump is needed
Special Forums IP Networking enhanced tcpdump is needed Post 302085435 by ahtat99 on Thursday 17th of August 2006 09:34:55 AM
Old 08-17-2006
Personaly I think that since you already had started to use the pcap lib, it would be a whole lot easier to code it and use it yourself, rather than going online to search for some shrink wrap software. Smilie
 

7 More Discussions You Might Find Interesting

1. UNIX for Advanced & Expert Users

C2 or enhanced security

We are using c2 / enhanced security on digital unix. I do not have access to the GUI. I need to get information on login status for users. Specifically I would like to know who has not logged in within the last 6 months. I think I can query the edauth files, but I can't find information on... (4 Replies)
Discussion started by: MizzGail
4 Replies

2. Solaris

Enhanced Password Authentication

Hello; I am moving a customer from Solaris 2.6 to Solaris 2.8. The customer has requested the following two requirements also be implemented: 1. Lock a user account out for X number of days after 3 unsuccessful login attempts. 2. No reuse of the last 5-10 passwords. Also referred to... (1 Reply)
Discussion started by: rambo15
1 Replies

3. UNIX for Advanced & Expert Users

Are there many UNIX server security enhanced products?

for sco, hp, or AIX...... anyway, how can I secure the UNIX system. I knew that CA has it's products for securing the UNIX server system. Please tell me more about other vender, and their products thxs! (0 Replies)
Discussion started by: brookwk
0 Replies

4. Shell Programming and Scripting

enhanced substitution

Dear I have a problem on which I turn araound since hours. Hope you could help me. I have a bash script, which activates with "nohup ./script2 params & " several subscripts. In my main script, I have set lot's of variables, which I would pass into script 2. My idea is now to create a... (3 Replies)
Discussion started by: pramach
3 Replies

5. UNIX for Dummies Questions & Answers

Convergent Enhanced Ethernet

Hi. I guess this my dummy question is for super-gurus. I'm on Red Hat' documentation regarding their RDMA capabilities over "convergent" Ethernet network. I read everything that I could find on inet, wikipedia etc. about the technology itself. I can't figure out, how can I determine if the... (0 Replies)
Discussion started by: newlinuxuser1
0 Replies

6. AIX

Normal VG to Enhanced Concurrent VG

Hi All, I am going to perform some activity in 2Node HA Server(Active/Passive). For that i have to do some pre-requsite (ie., Resource Group VG's should be Enhanced-Concurrent) In my setup, we have two volume groups in one RG. In that one VG is Normal and another is Enhance Concurrent. ... (2 Replies)
Discussion started by: Thala
2 Replies

7. What is on Your Mind?

New Enhanced Forum Features for VIP Members

Dear All, Thank you for your support. As promised I have upgrade features for unix.com forum VIP members as follows: Who's Online Permissions Can View IP Addresses Can View Detailed Location Info for Users Can View Detailed Location Info of Users Who Visit Bad / No Permission... (0 Replies)
Discussion started by: Neo
0 Replies

LEARN ABOUT DEBIAN

suricata

SURICATA(8)						      System Manager's Manual						       SURICATA(8)

NAME

       suricata - Next Generation Intrusion Detection and Prevention Tool

SYNOPSIS

       suricata [options]

DESCRIPTION

       suricata is a network Intrusion Detection System (IDS). It is based on rules (and is fully compatible with snort rules) to detect a variety
       of attacks / probes by searching packet content.

       This new Engine supports Multi-Threading, Automatic Protocol Detection (IP, TCP, UDP, ICMP, HTTP, TLS, FTP and  SMB),  Gzip  Decompression,
       Fast IP Matching and coming soon hardware acceleration on CUDA and OpenCL GPU cards.

       It supports acquiring packets through NFQUEUE, PCAP (live or offline) etc.

OPTIONS

       -c config_file
	      Use configuration file config_file

       -i interface
	      Sniff packets on interface.

       -r file
	      Read  the tcpdump-formatted file tcpdump-file.  This will cause Suricata to read and process the file fed to it.	This is useful for
	      offline analysis.

       -q queue_id
	      Sniff packets sent by the kernel through NFQUEUE. This allows running Suricata in inline mode (IPS) for packets captured by iptables
	      using the NFQUEUE target.

       -s signatures
	      Path to the signatures file.

       -l log_dir
	      Path to the default log directory.

       -D     Run as daemon

       --init-errors-fatal
	      Enable fatal failure on signature init error.

SEE ALSO

       tcpdump(1), pcap(3).

AUTHOR

       suricata was written by the Open Information Security Foundation.

       This manual page was written by Pierre Chifflier <pollux@debian.org>, for the Debian project (and may be used by others).

								   February 2010						       SURICATA(8)
All times are GMT -4. The time now is 02:41 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy