[Snort-users] [YOUTUBE] Teo En Ming's Snort IDS Sensor in Action
jlay at ...13475...
Tue Apr 8 14:08:25 EDT 2014
On 2014-04-08 11:41, Teo En Ming wrote:
> Dear List,
> Please go to Youtube and watch my video of Snort IDS sensor in
> The Youtube link is as follows:
> http://www.youtube.com/watch?v=NVqlxBJYUj4 
> Watch how I added a ICMP packet detection rule in icmp.rules, went to
> http://grc.com  to port scan my public IP address, and the ICMP
> packet snort rule firing off.
> Dear Joel,
> Could you publish my Youtube video on http://www.snort.org/docs ?
> Dear James Lay,
> Since my ICMP packet snort rule fired off when I initiate a port scan
> against my public IP from http://grc.com , do you consider my
> IDS sensor to be fully operational?
> Teo En Ming
I would consider that the core functionality of snort is working. I
would now go into the tuning phase...verify all private/public IP's that
you own/manage are in HOME_NET...identify server ports in use and start
adding them in (SMTP, HTTP, MSSQL, etc...).
More information about the Snort-users