列表 3. 用于隐蔽日志记录器的 /etc/snort/snort.conf

var EXTERNAL_NET any

config dump_payload
config dump_chars_only
config logdir: /var/log/snort

preprocessor frag2

log udp 192.168.1.20/32 any -> 192.168.1.111/32 514
(logto:"logged-packets";)
© . All rights reserved.