[Snort-users] Testing Snort

Amit B amn0p at ...14399...
Sun Mar 4 13:59:50 EST 2012


Thanks everyone. 


On Mar 4, 2012, at 12:57, Martin Holste <mcholste at ...11827...> wrote:

> I have a short how-to in a previous blog post of mine here:
> http://ossectools.blogspot.com/2011/04/network-intrusion-detection-systems.html
> under the section "Detecting Packet Drops."
> 
> On Sun, Mar 4, 2012 at 12:43 PM, Heine Lysemose <lysemose at ...11827...> wrote:
>> Hi
>> 
>> Try adding this to your local.rules
>> 
>> alert tcp any any <> any 80 (msg: "Test rule"; sid: 1000001;)
>> 
>> And start browsing a webpage.
>> 
>> Or try browsing to, http://testmyids.com
>> 
>> /Lysemose
>> 
>> On Mar 4, 2012 7:19 PM, "Amit B" <amn0p at ...14399...> wrote:
>>> 
>>> I have a few sensors that are sending alerts and a few not alerting at
>>> all. Is there a way of running certain tests to make sure Snort is running
>>> properly. I am aware of command line switch option to check on configuration
>>> but I want to tip off a few rules, so rules deliberately. Can you please
>>> suggest.
>>> 
>>> Thanks,
>>> Ams
>>> 
>>> 
>>> 
>>> ------------------------------------------------------------------------------
>>> Virtualization & Cloud Management Using Capacity Planning
>>> Cloud computing makes use of virtualization - but cloud computing
>>> also focuses on allowing computing to be delivered as a service.
>>> http://www.accelacomm.com/jaw/sfnl/114/51521223/
>>> _______________________________________________
>>> Snort-users mailing list
>>> Snort-users at lists.sourceforge.net
>>> Go to this URL to change user options or unsubscribe:
>>> https://lists.sourceforge.net/lists/listinfo/snort-users
>>> Snort-users list archive:
>>> http://www.geocrawler.com/redir-sf.php3?list=snort-users
>>> 
>>> Please visit http://blog.snort.org to stay current on all the latest Snort
>>> news!
>> 
>> 
>> ------------------------------------------------------------------------------
>> Virtualization & Cloud Management Using Capacity Planning
>> Cloud computing makes use of virtualization - but cloud computing
>> also focuses on allowing computing to be delivered as a service.
>> http://www.accelacomm.com/jaw/sfnl/114/51521223/
>> _______________________________________________
>> Snort-users mailing list
>> Snort-users at lists.sourceforge.net
>> Go to this URL to change user options or unsubscribe:
>> https://lists.sourceforge.net/lists/listinfo/snort-users
>> Snort-users list archive:
>> http://www.geocrawler.com/redir-sf.php3?list=snort-users
>> 
>> Please visit http://blog.snort.org to stay current on all the latest Snort
>> news!




More information about the Snort-users mailing list