Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Snort rule policy

From: "Jeff Feng" <jianhua () us ibm com>
Date: Wed, 19 Oct 2016 12:51:34 -0500

Hi,

Do anyone have experience on using OWSAP ZAP tool test against target with
Snort installed ?

I'm using ZAP tool (
https://www.owasp.org/index.php/OWASP_Zed_Attack_Proxy_Project) to test the
target which I have snort installed.
The goal is to find same or similar alerts in Snort with the alerts
reported by ZAP.
I'm using snort rules generated by pulledpork with "ips_policy=security"
setting in pulledpork.conf

I'm not able to catch all attacks ZAP sending out.  I'm wondering if the
snort rules I'm using are good enough with level of 'ips_policy=security'

Any feedback/recommendations are appreciated.

-Jeff


------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most 
engaging tech sites, SlashDot.org! http://sdm.link/slashdot
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!
Previous By Date Next
Previous By Thread Next

Current thread: