[Snort-users] plz help

shashank.joshi at ...12070... shashank.joshi at ...12070...
Wed Jul 14 08:36:25 EDT 2004


u can get hold of nessus and scan ur snort host or any other box on the 
intranet (the traffic should be visible to snort though) this can raise 
thousands of alerts .

or if you are interested in only seeing some alerts in ACID, write a small 
rule to catch all tcp traffic in "local.rules" file and restart snort. (be 
sure to remove this rule once u r satisfied :) )

good luck!


shashank

"it's difficult to improve perfection !"




"Chandana Bandara" <chandana at ...12108...> 
Sent by: snort-users-admin at lists.sourceforge.net
07/14/2004 04:49 PM

Please respond to
"Chandana Bandara" <chandana at ...12108...>


To
<snort-users at lists.sourceforge.net>
cc

Subject
[Snort-users] plz help






hi , 
 
I have installed snort perfectly in Red Hat Linux 9 box.ACID url runs on 
the browser.
i used ping command with huge paccket sizes to that snort server. But 
there was no any alerts in the ACID. 
 
So tell me , how do i check this from other clients ?
 
plz help
 
thanx in advance
chandana 
ForwardSourceID:NT00005406 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20040714/85ab4e49/attachment.html>
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: InterScan_Disclaimer.txt
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20040714/85ab4e49/attachment.txt>


More information about the Snort-users mailing list