Snort mailing list archives
Re: (no subject)
From: Alberto Gonzalez <albertg () wwjh net>
Date: Tue, 18 Mar 2003 03:39:58 -0500 (EST)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Tue, 18 Mar 2003, ryan stangl wrote:
Hello
{ yawn... } Morning.
I am currently working on a side project at work, which includes learning all there is to know about snort and snot. I am curious if anyone has directions, or could explain in basic english how to use snort. It seems to me that while I am sure it is very easy, like you say, it is very convoluted with rules and computer jargon, which makes if difficult for me to grasp the basics of snort. If someone could just get me started maybe give me a few really common simple rules that you use often and fill me in that would be great. I have it loaded already and understand what it is and how it works, I just need help getting it started and functional, and then able to read the results. Anyhelp on this would be much appreciated, but please make it simple, as I have read numerous sites about it already and still don't understand a lot.
Well, you have alot of reading to do if the basics of snort seem difficult. May i suggest heading here[1] and reading the "studying Normal Traffic" series Evaulating IDS signatures series and the others.. use this site to your advantage. Cheers!
Thanks Ryan
Cheers, Alberto Gonzalez [1] - http://www.securityfocus.com/cgi-bin/sfonline/ids_topics.pl PS: there are also a few books on IDS'es.. Cheers - -- "Success comes to the person who does today, what you are thinking of doing tomorrow." -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQE+dttia3vAB/3yp/IRAssvAJ9C9FlqkUa1w9CiEsp3oFM+RODuCgCg0a5T Cbf4ZrgtDRpfWkznBDLzMnE= =POJt -----END PGP SIGNATURE----- ------------------------------------------------------- This SF.net email is sponsored by: Does your code think in ink? You could win a Tablet PC. Get a free Tablet PC hat just for playing. What are you waiting for? http://ads.sourceforge.net/cgi-bin/redirect.pl?micr5043en _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- (no subject), (continued)
- (no subject) abhi naik (Feb 14)
- Re: (no subject) Charles Darwin (Feb 16)
- RE: (no subject) Michael Steele (Feb 16)
- (no subject) jcosta (Feb 27)
- Re: (no subject) Erek Adams (Feb 27)
- Re: (no subject) Erick Mechler (Feb 27)
- (no subject) Comcast (Mar 02)
- Re: (no subject) Erek Adams (Mar 03)
- (no subject) Motif (Mar 07)
- (no subject) ryan stangl (Mar 17)
- Re: (no subject) Alberto Gonzalez (Mar 18)
- (no subject) aalbert (Mar 25)
- (no subject) Ken Bell (Mar 27)
- Adobe's Ducky Adam Shephard (Mar 27)
- (no subject) abhi naik (Feb 14)