Snort testing with Snot

["Kelly Mandrake" <atapi103 () hotmail com>]

Hi, I have tested snort in sniffer mode, and packet logging mode, with 
sucess.  I would like to generate some alerts in IDS mode so I can determine 
if it is working corectly.

Upon researching I determined that snot can cause these alerts, however 
useing the FAQ for snort, I also determined that preprocessor stream4 
prevents snot atacks.

- I am running Windows 98 SE, Ver: 4.10.2222
- with snort Ver: 1.8.7 beta5-ODBC-Win32 (build 128) for Windows

I used snot to send 2 random atacks
source: 24.x.x.x/32
dest:   24.x.x.x/32

Snot reported the sending of both atacks, however upon viewing Alert.ids, it 
was empty....

I have two questions:

1) Is my alert.ids file empty because stream4 blocked the snot atacks?
2) Is there some way I can generate alerts for Snot, from my computer?  I 
only have one computer, thus it is not possible for me to use another 
computer to launch my atacks.

_________________________________________________________________
Chat with friends online, try MSN Messenger: http://messenger.msn.com



-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users