Snort mailing list archives
Re: Snort signautures
From: Erick Mechler <emechler () techometer net>
Date: Fri, 28 Feb 2003 10:10:30 -0800
:: My first question is, where can I find documentation on determining what :: the signatures I receive mean? http://www.snort.org/snort-db/ is your friend. You can lookup by sid or just browse through. :: Secondly are there a number of commands that I should use to tell Snort :: to start monitoring? How do I perform a port scan? The docs above will show you how to startup snort on the CLI. Next question, port scanning isn't what snort does, you're going to want a tool like nmap which you can get from http://www.insecure.org/nmap/. :: Thirdly I downloaded a front end for my Snort system. The file is :: called idscenter.zip. http://www.packx.net/ is the main distribution site for IDSCenter. :: I would really appreciate any kind of feedback. I am at the moment only :: a novice but have been reading a lot about Snort and want to find out :: more. Great, snort is a fantastic program sure to make you scratch your head once or twice :) Just remember to look over the docs at www.snort.org/docs/ (including the list archives at http://marc.theaimsgroup.com/?l=snort-users) carefully; chances are, if you're asking a configuration question, it's been answered before. Cheers - Erick ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Snort signautures SUDAGER BILKHU (Feb 28)
- Re: Snort signautures Erick Mechler (Feb 28)
- Re: Snort signautures Erek Adams (Feb 28)
- Re: Snort signautures (understanding snort output) Matt Kettler (Feb 28)