Snort mailing list archives
PCAP samples to test Snort rules (community and subscriber)
From: Pat <pkugrinas () gmail com>
Date: Wed, 3 Aug 2016 19:39:17 +0300
Hello, We're working on an automated binary analysis platform which captures traffic and runs Snort/Suricata on the resulting .pcap. With the recently purchased rule subscription I was wondering if there are any recommended ways to test some of the rules functionality. Partly because I'm not completely certain I've got all the configuration bits right.. and it'd be great to see them in action in general. I found some repositories containing malicious traffic PCAP samples, notably the ones from various CTFs and contagio. Is there anything else I can try to really make sure to trigger them? Thanks, -p
------------------------------------------------------------------------------
_______________________________________________ Snort-sigs mailing list Snort-sigs () lists sourceforge net https://lists.sourceforge.net/lists/listinfo/snort-sigs http://www.snort.org Please visit http://blog.snort.org for the latest news about Snort!
Current thread:
- PCAP samples to test Snort rules (community and subscriber) Pat (Aug 03)
- Re: PCAP samples to test Snort rules (community and subscriber) Jason Minto (Aug 04)