[Snort-users] Testing snort
dr at ...381...
Thu Sep 6 13:27:02 EDT 2001
4.18 --faq-- --snort-- --faq-- --snort-- --faq-- --snort-- --faq--
Q: How do I test snort alerts and logging?
A: Try a rule that will fire off all the time like:
alert tcp any any -> any any (msg:"TCP traffic";)
On Thu, 06 Sep 2001, Travis Farmer wrote:
> What is the best (and easiest) way to test snort?
> I am using the ruleset from the snort downloads page (with the addition of a
> ftp check for root login).
> i wan't to check the alert recording. (viewable via snortreport)
> I have tried a few things (from a remote winblows machine) but i can't seem
> to cause an alert.
> Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> Snort-users list archive:
Dragos Ruiu <dr at ...50...> dursec.com ltd. / kyx.net - we're from the future
gpg/pgp key on file at wwwkeys.pgp.net or at http://dursec.com/drkey.asc
More information about the Snort-users