Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Barnyard2 output to postgreSQL

From: Avery Rozar <Avery.Rozar () i-techsupport com>
Date: Sat, 24 May 2014 01:25:02 +0000
Is something wrong with my ip info from barnyard2? The ip address are not showing up as standard IPv4 as I’d thought.

csdashboard=# select * from iphdr ;
 sid | cid |   ip_src   |   ip_dst   | ip_ver | ip_hlen | ip_tos | ip_len | ip_id | ip_flags | ip_off | ip_ttl | 
ip_proto | ip_csum
-----+-----+------------+------------+--------+---------+--------+--------+-------+----------+--------+--------+----------+---------
   1 |   1 | 2886730039 | 2887777037 |      4 |       5 |      0 |    663 |  4063 |        0 |      0 |     64 |        
6 |   54285
   1 |   2 | 2886730039 | 2887777037 |      4 |       5 |      0 |    663 | 28735 |        0 |      0 |     64 |        
6 |   29613
   1 |   3 | 1815870597 | 2887777037 |      4 |       5 |      0 |    419 | 51507 |        0 |      0 |     60 |        
6 |   25651

------------------------------------------------------------------------------
"Accelerate Dev Cycles with Automated Cross-Browser Testing - For FREE
Instantly run your Selenium tests across 300+ browser/OS combos.
Get unparalleled scalability from the best Selenium testing platform available
Simple to use. Nothing to install. Get started now for free."
http://p.sf.net/sfu/SauceLabs
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!
Previous By Date Next
Previous By Thread Next

Current thread: