[Snort-users] signature testing (win32)
mkettler at ...4108...
Tue Sep 10 17:37:03 EDT 2002
you can use pings and turn on the icmp_info.rules file (with several ping
detecting rules in it) if you just want to verify you're seeing traffic.
Not a very substantial test, but verifies you see the traffic.
At 12:06 AM 9/11/2002 +0000, netsec novice wrote:
>Have SNORT/ACID set up and would like to verify that I'm detecting traffic
>on required subnets. I have seen reference to a tool called 'sneeze' that
>will generate false alarms but I have not been able to find it. Is there
>another way I can verify my setup by creating alerts that won't be destructive?
More information about the Snort-users