4. Invoking Impost
Main options:
- `-c file'
- `--config=file'
-
Uses `file' instead of `~./.impostrc' as your configuration
settings for this session.
- `-s'
- `--script=file'
-
Uses the perl script, `FILE', when operating as a honey pot.
- `-p port'
- `--port=port'
-
Bind socket to `PORT' when operating as a honey pot, or sniff packets
destined to `PORT' when operating as a packet sniffer.
- `-u size'
- `--unusual=size'
-
Any incoming messages larger than `SIZE' will trigger a detection
- `-r size'
- `--read-size=size'
-
Set `MAX_READ_SIZE' to `SIZE' which controls how much memory is allocated
for the buffer which will contain incoming messages. If a buffer exceeds
this length, everything after byte `SIZE' will be read as a second buffer.
- `-c'
- `--show-checks'
-
Always show `checking messages' -- even when the size of the buffer is smaller
than the `MSG_TRIGGER_SIZE' variable.
Packet sniffing:
- `--sniff'
-
Instead of operating as a honey pot, this option enables the packet
sniffer
- `--device=device'
-
Sniff packets from this device: device
Additional options:
- `--raw-capture'
-
When creating a capture file, log buffers detected as suspicious
"as is"
- `--disable-hex-dump'
-
Disable the printing of hexidecimal tables for buffers containing
non-printable characters.
- `--disable-capture'
-
Disable the `capture' feature.
- `--show-opcodes'
-
Show known operation codes, if any, that are discovered in a
received message.
Other options
- `-d'
- `--display'
-
Output current configuration settings.
- `-v'
- `--version'
-
Display version information
- `-h'
- `--help'
-
Display help message
This document was generated
by ziplock on August, 13 2004
using texi2html