HomePage > Engine
【页面双击滚屏】

snort2.9.9.0包回放的基本命令行示例

JIWO Safe Platform[jiwo.org]  2017-07-03  ecawen  

/snort/2990/bin/snort -c /snort/2990/etc/jiwo.conf -k none -r /cap/test.pcap


主要注意 -k none 关掉checksum检测。

-k参数如下:

-k <mode>  Checksum mode (all,noip,notcp,noudp,noicmp,none)

v1.4 by jiwo@jiwo.org   Copyright © 2016-2046 JIWO Technology Co., Ltd   
miitbeian_NUM:16002041num-2