Snort mailing list archives

Snort cann't check LOIC

From: 刘强 <liuqiang40 () 163 com>
Date: Sat, 19 Nov 2016 16:45:25 +0800 (CST)



Hi，

We use the LOIC tool to test the snort with the latest rule set (snortrules-snapshot-2983).
However, snort didn't generate the alert.
Could you please help check it?


BR/Barnabas



At 2016-11-19 12:14:40, "Joel Esler (jesler)" <jesler () cisco com> wrote:

Which rules are you trying to trigger?

--
Sent from my iPhone

On Nov 18, 2016, at 10:12 PM, 刘强 <liuqiang40 () 163 com> wrote:


Hi,

We need show a demo to our customer the IDS ability of snort.


Where can I find some pcap samples to trigger the rules?

Thanks a lot.






在 2016-11-18 00:06:43，"Joel Esler (jesler)" <jesler () cisco com> 写道：
It doesn’t.  Suricata cannot load Snort’s Dynamic Ruleset.  




--
Joel Esler | Talos: Manager | jesler () cisco com











On Nov 16, 2016, at 9:58 PM, 刘强 <liuqiang40 () 163 com> wrote:


Hi,

How can I use the latest suricata to load the latest snort dynamic rules (so_rules)?

Thanks a lot.





超大附件列表‍
snortrules-snapshot-2983.tar[205.6MB]‍
进入下载页面



 

------------------------------------------------------------------------------
_______________________________________________
Snort-sigs mailing list
Snort-sigs () lists sourceforge net
https://lists.sourceforge.net/lists/listinfo/snort-sigs

http://www.snort.org

Please visit http://blog.snort.org for the latest news about Snort!

Visit the Snort.org to subscribe to the official Snort ruleset, make sure to stay up to date to catch the most <a 
href=" https://snort.org/downloads/#rule-downloads";>emerging threats</a>!

Attachment: loic2.pcap
Description:

------------------------------------------------------------------------------

_______________________________________________
Snort-sigs mailing list
Snort-sigs () lists sourceforge net
https://lists.sourceforge.net/lists/listinfo/snort-sigs

http://www.snort.org

Please visit http://blog.snort.org for the latest news about Snort!

Visit the Snort.org to subscribe to the official Snort ruleset, make sure to stay up to date to catch the most <a 
href=" https://snort.org/downloads/#rule-downloads";>emerging threats</a>!

Current thread:

How dose suricata load snort dynamic rules (so_rules)? 刘强 (Nov 17)
- Re: How dose suricata load snort dynamic rules (so_rules)? Joel Esler (jesler) (Nov 17)
  - Re: How dose suricata load snort dynamic rules (so_rules)? 刘强 (Nov 22)
    - Re: How dose suricata load snort dynamic rules (so_rules)? Joel Esler (jesler) (Nov 18)
    - Re: How dose suricata load snort dynamic rules (so_rules)? 刘强 (Nov 22)
    - Re: How dose suricata load snort dynamic rules (so_rules)? Joel Esler (jesler) (Nov 21)
    - Snort cann't check LOIC 刘强 (Nov 22)
    - Re: Snort cann't check LOIC lists (Nov 22)
    - Re: Snort cann't check LOIC lists (Nov 22)
    - Re: Snort cann't check LOIC Joel Esler (jesler) (Nov 22)