![]() ![]() Snort's network monitoring architecture is based on the PCAP library. The libpcap interface within Snort supports a filtering mechanism called BPF (described in detail in Chapter 5). There are multiple applications within the PCAP library, including network statistics collection, security monitoring, and network debugging. ![]() The Packet Capture Library (PCAP) is defined as a portable framework for low‐level network monitoring that uses the standard PCAP format. Brian Caswell, in Snort Intrusion Detection 2.0, 2003 PCAP Logging
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |