[Snort-users] way for test snort ?

payothlh payothlh at ...5786...
Thu May 22 14:50:15 EDT 2003


Hi gang,

I have installed Snort-Acid-Mysql-etc ....etc..... on Solaris9

All is OK and I am very happy with.

But now, I must test it quickly.
What is the best way for that ?
How do you test  effectively each rules in a quick way ?

I had a look on the prog snot but I haven't very confidence for adopt it 
quickly without have a look on the source code quickly.

As second query, how do you phohibit the usage of prog as snot by an 
internal user ?
He can generate several thousands alert just for fun.
Of course, as it's an internal user, it's possible to go see it directly.
But, is there an protection for this if the type of Denial Of Service 
was made by an external user ( or an external user spoofing an internal 
user ) ?

Thanks in advance for your answers and councils.

Guillaume





More information about the Snort-users mailing list