[Snort-sigs] Snort cann't check LOIC

刘强 liuqiang40 at ...1318...
Sat Nov 19 03:45:25 EST 2016


We use the LOIC tool to test the snort with the latest rule set (snortrules-snapshot-2983).
However, snort didn't generate the alert.
Could you please help check it?


At 2016-11-19 12:14:40, "Joel Esler (jesler)" <jesler at ...3865...> wrote:

Which rules are you trying to trigger?

Sent from my iPhone

On Nov 18, 2016, at 10:12 PM, 刘强 <liuqiang40 at ...1318...> wrote:


We need show a demo to our customer the IDS ability of snort.

Where can I find some pcap samples to trigger the rules?

Thanks a lot.

在 2016-11-18 00:06:43,"Joel Esler (jesler)" <jesler at ...3865...> 写道:
It doesn’t.  Suricata cannot load Snort’s Dynamic Ruleset.  

Joel Esler | Talos: Manager | jesler at ...3865...

On Nov 16, 2016, at 9:58 PM, 刘强 <liuqiang40 at ...1318...> wrote:


How can I use the latest suricata to load the latest snort dynamic rules (so_rules)?

Thanks a lot.



Snort-sigs mailing list
Snort-sigs at lists.sourceforge.net


Please visit http://blog.snort.org for the latest news about Snort!

Visit the Snort.org to subscribe to the official Snort ruleset, make sure to stay up to date to catch the most <a href=" https://snort.org/downloads/#rule-downloads">emerging threats</a>!

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-sigs/attachments/20161119/aadac386/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: loic2.pcap
Type: application/octet-stream
Size: 9841278 bytes
Desc: not available
URL: <https://lists.snort.org/pipermail/snort-sigs/attachments/20161119/aadac386/attachment.obj>

More information about the Snort-sigs mailing list