Burnt Offerings
1.hog-vim.tar.gz, README, size: 31031, version: 1.20
A vim syntax file for snort rules, with instructions on how to set vim up to use it.
May 3, 2007 -updated more syntax. Understands rules from version 2.3.3 (Build 14)
2.libpcap-0.9.8.20080430.tar.gz, README, size: 780697, version: 0.9.8.20080430
A libpcap version which supports MMAP mode on linux kernels 2.[46].x. Comments below are in most recent to much less relevant order.
Apr 30, 2008 -Hello, libpcap is still up in the air. But, I've used it successfully on a 10 gig interface. Also, if you have boucoup shared memory, you might try setting PCAP_MEMORY=max. Example incantation:
# export PCAP_VERBOSE=1 PCAP_STATS=0x1fff PCAP_PERIOD=10000 PCAP_MEMORY=max tcpdump -i eth2 -w/dev/null -s 1536
You probably know to:
sh bootstrap
./configure --prefix=/usr --enable-shared
make clean
make install
ldconfig
You should probably read the .warrantee file.
Phil Wood
Network Operations Center
Los Alamos National Laboratory
Los Alamos, New Mexico 87545
505 667-2598
505 665-7793 (fax)
Key fingerprint = 2BB7 A990 44F5 EF4B 4E35 8635 1205 97D3 F6D8 7F39 PGP Key"Where there's smoke there's fire"