Snort mailing list archives

Re: plz help

From: shashank.joshi () tcs com
Date: Wed, 14 Jul 2004 21:02:51 +0530

u can get hold of nessus and scan ur snort host or any other box on the 
intranet (the traffic should be visible to snort though) this can raise 
thousands of alerts .

or if you are interested in only seeing some alerts in ACID, write a small 
rule to catch all tcp traffic in "local.rules" file and restart snort. (be 
sure to remove this rule once u r satisfied :) )

good luck!


shashank

"it's difficult to improve perfection !"




"Chandana Bandara" <chandana () dialogsl net> 
Sent by: snort-users-admin () lists sourceforge net
07/14/2004 04:49 PM

Please respond to
"Chandana Bandara" <chandana () dialogsl net>


To
<snort-users () lists sourceforge net>
cc

Subject
[Snort-users] plz help






hi , 
 
I have installed snort perfectly in Red Hat Linux 9 box.ACID url runs on 
the browser.
i used ping command with huge paccket sizes to that snort server. But 
there was no any alerts in the ACID. 
 
So tell me , how do i check this from other clients ?
 
plz help
 
thanx in advance
chandana 
ForwardSourceID:NT00005406

Attachment: InterScan_Disclaimer.txt
Description:

Current thread:

plz help Chandana Bandara (Jul 14)
- Re: plz help shashank . joshi (Jul 14)
- <Possible follow-ups>
- RE: plz help Harper, Patrick (Jul 14)
- RE: plz help Nick Duda (Jul 14)
  - Re: plz help Chandana Bandara (Jul 15)
- RE: plz help Nick Duda (Jul 15)