Closed GoogleCodeExporter closed 8 years ago
Hi Leon,
I figured it out. I had not extract the contents of the snort unified perl.tar
to the
Build directory. Instead a had the folder in the Build directory.
Thanks,
Original comment by rob.l.di...@gmail.com
on 15 May 2010 at 1:12
Good to hear it's working for you.
Original comment by leon.j.w...@gmail.com
on 20 May 2010 at 3:55
i need to look at the code for the -s option to see whatyou are doing there. i
am
getting a lot of unknowns. not sure if it is because it appears that the
directions
are being reversed and/or that one side of the event is internal or what. OR,
geolite, well supposedly isnt as accurate.
I am willing to test this on a very large network. not sure if you are
interested in
the results or not. not sure if this is a priority project or not. I see that
you are
working on a pcap extraction tool also. I have some ideas for that also, as
well as a
big network to test it on.
let me know if you want some beta testers. i can get some interns from the local
college to test and document. ;)
ciao
Original comment by rob.l.di...@gmail.com
on 20 May 2010 at 9:41
Thanks for the offer. Ill contact you offline to continue the thread.
As for the unknown location events, the most likely cause is RFC1918 address's.
Thanks
-Leon
Original comment by leon.j.w...@gmail.com
on 21 May 2010 at 8:22
Thanks for the offer. Ill contact you offline to continue the thread.
As for the unknown location events, the most likely cause is RFC1918 address's.
Thanks
-Leon
Original comment by leon.j.w...@gmail.com
on 21 May 2010 at 8:22
Original issue reported on code.google.com by
rob.l.di...@gmail.com
on 14 May 2010 at 11:27