racount fix for FreeBSD
Richard Bejtlich
taosecurity at gmail.com
Wed Jun 21 16:20:32 EDT 2006
On 6/21/06, Carter Bullard <carter at qosient.com> wrote:
> Hey Richard,
> Documentation is the bane of my existence. It's like you have
> to account for what you've done, and I always see what isn't
> finished, rather that what was completed. But, with the help
> of all, hopefully it will get done.
>
> You had asked about 64-bit machines and argus-3.0 earlier
> in the year, and argus-3.0 is suppose to be 64 all things, so if
> you still have an interest, could you test argus on some of your
> amd hardware?
>
> I suspect that in order to really test this stuff we'll need
> a canonical packet capture file as a data source. Are there
> any big packet capture files out there in the big bad world?
> I found some trace archives in Japan that at least have
> tcpdump() data that we can use.
>
> Does anyone have a favorite source of data that we can
> use as a test set?
>
> Carter
Hi Carter,
If I get a chance I'll put the amd64 port of FreeBSD 6.1 on my Shuttle
and see how Argus 3.0 likes it.
Regarding packet captures, here are some:
http://wiki.ethereal.com/SampleCaptures
If I get some time this summer I still plan to launch OpenPacket.org
as a free public repository of traces for purposes like these.
Sincerely,
Richard
PS: Argus at 83?!? Robbed.
More information about the argus
mailing list