[Bro] Extraction of IP identification field from tcpdump file

Rishi Sahay basusahay at gmail.com
Tue Feb 21 04:40:45 PST 2012


 I want to extract the IP identification field from the tcpdump file. I
have extracted header information from the packet in the tcpdump file using
conn.bro script. But IP identification field has not been extracted. Is
there any script available to extract the IP identification field. I am
using BRO IDS 1.5.3. Please, help me in this regard. Thanks in advance.

Best regards
  Rishikesh Sahay
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20120221/d37a7534/attachment.html 

More information about the Bro mailing list