[Snort-users] Test traffic

Tony Robinson deusexmachina667 at ...11827...
Tue Feb 19 20:26:43 EST 2013


Sorry, meant to reply-all on this.

On Tue, Feb 19, 2013 at 8:26 PM, Tony Robinson
<deusexmachina667 at ...11827...>wrote:

> What I usually do for snort installs I'm testing via autosnort is throw an
> Armitage "Hail Mary" against a set of vulnerable machines. Vulnerable
> virtual machines are a dime a dozen. http://vulnhub.com/ has a list of
> vulnerable virtual machines, but for my testing, I have metasploitable 2
> and OWASP BWA virtual machines. I place a virtual machine running snort in
> the same virtual network, and a backtrack VM on the same virtual
> network/vswitch and just throw Armitage's "Hail Mary" with exploit ranking
> set to "low". Snort will pick up a lot of things, as there is some truly
> nasty traffic going across the wire.
>
>
> On Tue, Feb 19, 2013 at 1:51 PM, Heine Lysemose <lysemose at ...11827...>wrote:
>
>> Hi
>>
>> Here's a list of PCAPs you can replay on your snort monitoring interface.
>>
>> https://code.google.com/p/security-onion/wiki/Pcaps
>>
>> /Lysemose
>> On Feb 19, 2013 6:44 PM, "Josh Bitto" <jbitto at ...16055...> wrote:
>>
>>> I had really good results with this….****
>>>
>>> ** **
>>>
>>> http://www.radmin.com/download/previousversions/portscanner.php****
>>>
>>> ** **
>>>
>>> ** **
>>>
>>> ** **
>>>
>>> *From:* Yonas Abebe [mailto:jonasabebe at ...11827...]
>>> *Sent:* Tuesday, February 19, 2013 9:39 AM
>>> *To:* snort-users at lists.sourceforge.net
>>> *Subject:* [Snort-users] Test traffic****
>>>
>>> ** **
>>>
>>> Hi,****
>>>
>>> ** **
>>>
>>> I tested Snort with ICMP packets and nmap scans and it works. But I want
>>> to test it more.Is there some way that I can find some traffic containing
>>> malicious codes that Snort can detect or block?****
>>>
>>> ** **
>>>
>>> Thanks for the help!****
>>>
>>> ** **
>>>
>>> -jonas****
>>>
>>>
>>> ------------------------------------------------------------------------------
>>> Everyone hates slow websites. So do we.
>>> Make your web apps faster with AppDynamics
>>> Download AppDynamics Lite for free today:
>>> http://p.sf.net/sfu/appdyn_d2d_feb
>>> _______________________________________________
>>> Snort-users mailing list
>>> Snort-users at lists.sourceforge.net
>>> Go to this URL to change user options or unsubscribe:
>>> https://lists.sourceforge.net/lists/listinfo/snort-users
>>> Snort-users list archive:
>>> http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users
>>>
>>> Please visit http://blog.snort.org to stay current on all the latest
>>> Snort news!
>>>
>>
>>
>> ------------------------------------------------------------------------------
>> Everyone hates slow websites. So do we.
>> Make your web apps faster with AppDynamics
>> Download AppDynamics Lite for free today:
>> http://p.sf.net/sfu/appdyn_d2d_feb
>> _______________________________________________
>> Snort-users mailing list
>> Snort-users at lists.sourceforge.net
>> Go to this URL to change user options or unsubscribe:
>> https://lists.sourceforge.net/lists/listinfo/snort-users
>> Snort-users list archive:
>> http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users
>>
>> Please visit http://blog.snort.org to stay current on all the latest
>> Snort news!
>>
>
>
>
> --
> when does reality end? when does fantasy begin?




-- 
when does reality end? when does fantasy begin?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20130219/8d3b5713/attachment.html>


More information about the Snort-users mailing list