[Snort-devel] Testing my own rules/signatures on pcap file

Beenish Raza beenish.raza at ...445...
Sun Dec 22 12:50:29 EST 2013


I have a set of rules in a text file and I want to check if the given pcap file contains any signatures/rules from those text file of rules.
I have run this command to use pcap file
snort -r    trace.pcap
but how do I specifiy the rules file which I want to use?
Secondly, is there any way that I can generate a pcap file from a given ruleset?


 		 	   		  
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-devel/attachments/20131222/591abeac/attachment.html>


More information about the Snort-devel mailing list