![snort logo](/images/snort-logo.png)
Snort mailing list archives
Re: difficulties in alert generation
From: "Nick Oliver" <nwoliver () internetsecurityguru com>
Date: Tue, 7 Oct 2003 20:24:33 -0500
The answer is, yes, the simplest way to generate alerts is to attack your own sensor.Try installing Nessus http://www.nessus.org/ . You can use it to attack your network for alerts only or you can enable the "dangerous" plugins and really get some action. nwo ----- Original Message ----- From: santosh reddy To: snort-ml () faceit com ; snort-users () lists sourceforge net Sent: Tuesday, October 07, 2003 6:49 PM Subject: [Snort-users] difficulties in alert generation Hello all...i am new to snort...in three weeks..i was able to install snortsuccessfully and i tested snort using some basic rulesfor which i got alerts in the ACID page...now...i set the rule files in the snort.conf file (icommented out the rule files) but i am not getting anyreal alerts....i am able to log the packets into a file but until andunless we have the alerts (i.e alert packets) we cantdifferenciate between the bad data and good data...sohow can i generate alerts using the existing rulesets...do we have to work on the internet for a longtime(like opening websites or pornsites) when snort isrunning.suggest me some method to generate data with theabnormalities...do we hav to attack our own network...and if yes howdo we do that?the final thing is ...i want to generate real timealerts and i want to log data and analyze that data...please mail me as soon as possible...thanking youregardsSantosh Bethi Yahoo! India Matrimony: Find your partner online. Post your profile.
Current thread:
- difficulties in alert generation santosh reddy (Oct 07)
- Re: difficulties in alert generation Nick Oliver (Oct 07)
- Re: difficulties in alert generation risc (Oct 07)
- Re: difficulties in alert generation Nick Oliver (Oct 07)