Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Testing snort

From: gary.smith () ScottishAmicable co uk
Date: Fri, 7 Sep 2001 09:09:07 +0100
What is the best (and easiest) way to test snort?
I am using the ruleset from the snort downloads page (with the addition of

a 

ftp check for root login).
i wan't to check the alert recording. (viewable via snortreport)


You could try running SNOT which generates packets based on SNORT rulesets,
this would allow you to test _all_ of your rules are being triggered.

http://www.sec33.com/sniph/

Its billed as an attack tool but it shoud give your probes a workout as well
;>

--Gary;


**********************************************************************
Information contained herein is the sole responsibility of the Individual
sending the message. No responsibility is admitted by Scottish Amicable
for any loss or damage incurred through use of the email. In addition, no
statement should be construed as giving investment advice within or
outside the United Kingdom.
An email reply to this address may be subject to interception or monitoring
for operational reasons or for lawful business practices.
*********************************************************************

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: