SNIFFER MODE

root@dco:~$ sudo snort -vde {-i} eth#
 * -v Verbose. Display the TCP/IP output in the console.
 * -d display the packet data (payload).
 * -e Display the link-layer (TCP/IP/UDP/ICMP) headers.
 * -i can be specified when there are more than one network interface to listen/sniff traffic
    - if the system has only ONE network interface, usage of the -i is optional 
    
 * Use Case: Investigating suspicious traffic without setting up detailed Snort rules.

root@dco:~$ sudo snort -Xev {-i} eth#
 * -X Display the full packet details in HEX.
    - The -X option implicitly includes -v and -d because it outputs the packet payload in a detailed format, including both hex and ASCII representations.
    - he -e option is not covered by -X, as it specifically adds link-layer headers, which are not part of the payload dump.
    
 * Use Case: Provides the most granular detail for packet inspection, including headers and payload, in both raw and human-readable formats.