[Snort-devel] Testing my own rules/signatures on pcap file
beenish.raza at ...445...
Sun Dec 22 12:50:29 EST 2013
I have a set of rules in a text file and I want to check if the given pcap file contains any signatures/rules from those text file of rules.
I have run this command to use pcap file
snort -r trace.pcap
but how do I specifiy the rules file which I want to use?
Secondly, is there any way that I can generate a pcap file from a given ruleset?
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Snort-devel