Re: Generating SSHD Alerts

["Scott Taylor" <scottt () soccer com>]

You can do this one:
Add this line to your local.rules file.

alert tcp any any -> any any (msg:"TCP traffic";)




---- Begin Original Message ----

From: kpawloski () juno com
Sent: Tue, 19 Mar 2002 21:06:53 GMT
To: Snort-users () lists sourceforge net
Subject: [Snort-users] Generating SSHD Alerts


OK, so I'll admit this is a newbie related
question.

Right now I have one snort sensor installed
behind a heaving ACL'd network so traffic behind
my firewall is rather quiet alert wise. How can
I generate some alerts on my own to make sure my
rules aren't whacked? I have a bastion box that
I was thinking I can try and set off some false
SSH alerts on my own. Any ideas?

Thanks in advance.

Kevin




_________________________________________________
_______________
GET INTERNET ACCESS FROM JUNO!
Juno offers FREE or PREMIUM Internet access for
less!
Join Juno today!  For your FREE software, visit:
http://dl.www.juno.com/get/web/.

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or
unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snor
t-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?
list=snort-users


---- End Original Message ----



THERE IS ONLY ONE...
SOCCER.COM, The Center of the Soccer Universe
http://www.soccer.com

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users