Snort Sniffer mode

Like tcpdump, Snort has various flags capable of viewing various data about the packet it is ingesting.

Sniffer mode parameters are explained below;

-v

Verbose. Display the TCP/IP output in the console.

-d

Display the packet data (payload).

-e

Display the link-layer (TCP/IP/UDP/ICMP) headers.

-X

Display the full packet details in HEX.

-i

This parameter helps to define a specific network interface to listen/sniff. Once you have multiple interfaces, you can choose a specific interface to sniff.

Starts snort in verbose mode
Ctrl + C stops snort sniffing and summarises sniffed packets

PreviousChecking SnortNextPacket Logger mode

Last updated