Alert_SMB

["Scott Elgram" <SElgram () verifpoint com>]

    I have been trying to get SMB alerts to work with my snort.  I have it running on RH9 and for testing purposes I 
have 1 rule file active;

output alert_smb: workstation.list (which contains only my workstation)
alert icmp any any -> 192.168.0.8 any (msg: "Ping!";)

I can't get it to work, I feel as though I am missing something but I don't know what.  help!

-Scott Elgram
IT/Systems Support