[Snort-sigs] Rules test utility

erlacher at campus.uni-paderborn.de erlacher at campus.uni-paderborn.de
Wed Jul 11 08:01:11 EDT 2018


I generated a network trace containing thousands of attack patterns,
available here
www.ccs-labs.org/~erlacher/resources/genesids/genesidsAttackTrace.pcapng
Might be an overkill in your case but will definitely do the job, with
an up-to-date rule set you will get MANY alerts.
Labels and more info on how this trace is created can be found here:
www.ccs-labs.org/~erlacher/resources/, look for the GENESIDS entry.

regards

felix

On 10/07/18 19:50, Al Lewis (allewi) via Snort-sigs wrote:
> Any security scanner will do. ☺
> 
>  
> 
>  
> 
> *Albert Lewis*
> 
> ENGINEER.SOFTWARE ENGINEERING
> 
> Cisco Systems Inc.
> 
> Email: allewi at cisco.com <mailto:allewi at cisco.com> 
>  
> 
>  
> 
> *From: *Snort-sigs <snort-sigs-bounces at lists.snort.org> on behalf of
> PERRON André <aperron at alouette.qc.ca>
> *Date: *Tuesday, July 10, 2018 at 1:41 PM
> *To: *"'snort-sigs at lists.snort.org'" <snort-sigs at lists.snort.org>
> *Subject: *[Snort-sigs] Rules test utility
> 
>  
> 
> Hello,
> 
>  
> 
> I have installed and configured Snort (in alert mode) on my pfSense HA
> system.
> 
> Now I would like to verify that Snort is working properly.
> 
> Is there a utility that I could use that simulates attacks that would be
> trapped by Snort and prove my setup is working ?
> 
>  
> 
> Thank you,
> 
>  
> 
>  
> 
> *André Perron*
> Administrateur de réseau
> Aluminerie Alouette Inc.
> 400 Chemin de la Pointe Noire
> Sept-Iles, Québec
> Canada
> G4R 5M9
> (418) 964-7000 ext. 7232
> 
>  
> 
> 
> 
> _______________________________________________
> Snort-sigs mailing list
> Snort-sigs at lists.snort.org
> https://lists.snort.org/mailman/listinfo/snort-sigs
> 
> Please visit http://blog.snort.org for the latest news about Snort!
> 
> Please follow these rules: https://snort.org/faq/what-is-the-mailing-list-etiquette
> 
> Visit the Snort.org to subscribe to the official Snort ruleset, make sure to stay up to date to catch the most <a href=" https://snort.org/downloads/#rule-downloads">emerging threats</a>!
> 

-- 
Felix Erlacher

ccs-labs.org/~erlacher
Key-ID:4EAC0959

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: <https://lists.snort.org/pipermail/snort-sigs/attachments/20180711/395eef93/attachment.sig>


More information about the Snort-sigs mailing list