> able to decompress them by any known means?!..
Snort logs the data in tcpdump-format and can decompresses it in a
better human-readable format with the -r switch (BTW very usefull for
testing your own rulesets :)).
If you're still looking for more logs, Lance Spitzner has recently
captured the complete 'compromise' of a win98-machine with several
worms. The links to the logs are at the end of his new article 'Know
Your Enemy: Worms at War' at http://www.enteract.com/~lspitz/worm.html .
--
----
BYE Andreas
[Solution - The Computer People]
[http://www.solution.de]
[Mannheim/Germany]
--
[Some look to the past and ask, 'Why?'
Others look to the future and ask 'Why not ?']
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
