Snort mailing list archives
Re: plz help
From: shashank.joshi () tcs com
Date: Wed, 14 Jul 2004 21:02:51 +0530
u can get hold of nessus and scan ur snort host or any other box on the intranet (the traffic should be visible to snort though) this can raise thousands of alerts . or if you are interested in only seeing some alerts in ACID, write a small rule to catch all tcp traffic in "local.rules" file and restart snort. (be sure to remove this rule once u r satisfied :) ) good luck! shashank "it's difficult to improve perfection !" "Chandana Bandara" <chandana () dialogsl net> Sent by: snort-users-admin () lists sourceforge net 07/14/2004 04:49 PM Please respond to "Chandana Bandara" <chandana () dialogsl net> To <snort-users () lists sourceforge net> cc Subject [Snort-users] plz help hi , I have installed snort perfectly in Red Hat Linux 9 box.ACID url runs on the browser. i used ping command with huge paccket sizes to that snort server. But there was no any alerts in the ACID. So tell me , how do i check this from other clients ? plz help thanx in advance chandana ForwardSourceID:NT00005406
Attachment:
InterScan_Disclaimer.txt
Description:
Current thread:
- plz help Chandana Bandara (Jul 14)
- Re: plz help shashank . joshi (Jul 14)
- <Possible follow-ups>
- RE: plz help Harper, Patrick (Jul 14)
- RE: plz help Nick Duda (Jul 14)
- Re: plz help Chandana Bandara (Jul 15)
- RE: plz help Nick Duda (Jul 15)