[prads-users] [Snort-users] HTTP port statistics
Edward Bjarte Fjellskål
edward.fjellskal at redpill-linpro.com
Mon Apr 5 17:45:01 CEST 2010
Jefferson, Shawn wrote:
> Hi,
>
> I downloaded and installed PRADS today and thought I would give it a shot. I noticed a warning during compile time about a comparison being always false due to limited data type. Is that normal, or a problem with my build environment somehow?
I have seen this on x86_32 architecture, but not debugget it yet.
Will make a bug out of it.
> Also, I have two interfaces that are sniffing on this machine, can I run two separate PRADS instances, and will each update their own asset file in the tmp directory, or will both update the same file?
atm. prads has hardcoded where to write prads-asset.log. This was not
intended to be permanent. My next thing on my todo list, is to
implement a commandline switch and a config option to have the
user specify the file they want.
As I see it atm. if you start two prads, they will both write to the
same file... appending. Have not tried that yet though.
Thanks for the feedback, will fix asap!
Regards,
Edward
> Thanks,
> Shawn
>
>
>
> -----Original Message-----
> From: Edward Bjarte Fjellskål [mailto:edward.fjellskal at redpill-linpro.com]
> Sent: Tuesday, March 30, 2010 9:39 PM
> To: ll
> Cc: snort-users at lists.sourceforge.net
> Subject: Re: [Snort-users] HTTP port statistics
>
> ll wrote:
>> hi all
>> I want to know what HTTP port are running in the network. I just think
>> there will 80,8000,8080, but I want to know exact how many port are
>> there . how to achieve this by snort or tcpdump ?
>
> Hi again ll :)
>
> You can also read this:
> http://www.gamelinux.org/?p=86
>
> PRADS will detect most http servers on any ports.
> No need to continusly scan 65535 x 2 x hosts, and repeating
> when you are finished :)
>
> ./ebf0
>
> ------------------------------------------------------------------------------
> Download Intel® Parallel Studio Eval
> Try the new software tools for yourself. Speed compiling, find bugs
> proactively, and fine-tune applications for parallel performance.
> See why Intel Parallel Studio got high marks during beta.
> http://p.sf.net/sfu/intel-sw-dev
> _______________________________________________
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users
More information about the prads-users
mailing list