tcpdump script
brad
brad at ispn.net
Thu May 29 20:02:49 CDT 2003
On Thu, 2003-05-29 at 14:51, numa at thenuma.com wrote:
> Actually my tool preference is not tcpdump but snort, it is easier to deal
> with. Now, as far as doing this. two words sed and awk. Yeah, the docs
> are a PAIN IN THE ASS, but they are super powerful tools. The cool thing
> is, is that you can straight dump tcpdump INTO sed, so that it will create
> a new file as it goes. Cool. then in say a month or whatever, switch
> over. Also, it would be nice to switch the users to the new setup as they
> go, so you may look into adding a flag to the pop3 chat for those on the
> new system such that once they are migrated it no longer tries to keep
> adding their passworkd. KRis
Yeah, I was in the process of learning sed and awk and you are right
about the docs, but I can see you are also right about the power of
them. Snort seems almost TOO powerful to use....overkill just for pop3
passes.
Thanks again,
Brad
More information about the Kclug
mailing list