Re: Snort signautures

[Erick Mechler <emechler () techometer net>]

:: My first question is, where can I find documentation on determining what
:: the signatures I receive mean?

http://www.snort.org/snort-db/ is your friend.  You can lookup by 
sid or just browse through.

:: Secondly are there a number of commands that I should use to tell Snort
:: to start monitoring?  How do I perform a port scan?

The docs above will show you how to startup snort on the CLI.  Next
question, port scanning isn't what snort does, you're going to want a tool 
like nmap which you can get from http://www.insecure.org/nmap/.

:: Thirdly I downloaded a front end for my Snort system.  The file is
:: called idscenter.zip.

http://www.packx.net/ is the main distribution site for IDSCenter.

:: I would really appreciate any kind of feedback.  I am at the moment only
:: a novice but have been reading a lot about Snort and want to find out
:: more.

Great, snort is a fantastic program sure to make you scratch your head once
or twice :)  Just remember to look over the docs at www.snort.org/docs/
(including the list archives at http://marc.theaimsgroup.com/?l=snort-users)
carefully; chances are, if you're asking a configuration question, it's 
been answered before.

Cheers - Erick


-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users