> > looking at snort.
>
> libnids is *perfect*, thank you :)
Does it handle lost segments well? I mean, when
you never get a segment, will NIDS understand that,
give up on the segment, and continue feeding the
user with the rest of the stream?
Similarly, does it track connections without
captu
Bruce M Simpson ([EMAIL PROTECTED]) wrote:
> On Thu, Sep 23, 2004 at 01:29:33PM +0100, Andy Coates wittered thus:
> > I've been trying to read some tcp payloads from a dump file
> > generated by tcpdump. Everything has been going smoothly until
> > I encounter tcp segment losses and tcp retransmis
On Thu, Sep 23, 2004 at 01:29:33PM +0100, Andy Coates wittered thus:
> I've been trying to read some tcp payloads from a dump file
> generated by tcpdump. Everything has been going smoothly until
> I encounter tcp segment losses and tcp retransmissions.
By 'read some tcp payloads' I assume you're
Hello,
I've been trying to read some tcp payloads from a dump file
generated by tcpdump. Everything has been going smoothly until
I encounter tcp segment losses and tcp retransmissions.
Now i'm no coding genius nor do I understand the ins and out of
tcp headers enough to be able to develop a sol
