Re: [logs] Tcpdump log analysis

• Previous message: Bennett Todd: "Re: [logs] state machines and (automated) log analysis -- any tools?"
• In reply to: Yann Berthier: "Re: [logs] Tcpdump log analysis"
• Next in thread: Holstein, Michael: "RE: [logs] Tcpdump log analysis"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Yann Berthier wrote:
>> I collected many binary logs with tcpdump. I would like to study them
>> and to do so, I planned to export these files into a mysql database. 

Check out Ethereal and EtherApe.

I have been looking at Ethereal's packet coloring rules stuff and
thinking you could _almost_ build a decent IDS out of a good set
of filtering and colorizing rules. ;)

mjr. 

_______________________________________________
LogAnalysis mailing list
LogAnalysisat_private
http://lists.shmoo.com/mailman/listinfo/loganalysis

• Next message: Dan Barahona: "RE: [logs] Fwd: Firewall logs"
• Previous message: Bennett Todd: "Re: [logs] state machines and (automated) log analysis -- any tools?"
• In reply to: Yann Berthier: "Re: [logs] Tcpdump log analysis"
• Next in thread: Holstein, Michael: "RE: [logs] Tcpdump log analysis"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Thu Feb 20 2003 - 09:09:39 PST