Re: difficulties in alert generation

["Nick Oliver" <nwoliver () internetsecurityguru com>]

The answer is, yes, the simplest way to generate alerts is to attack your own sensor.Try installing Nessus 
http://www.nessus.org/ . You  can use it to attack your network for alerts only or you can enable the "dangerous" 
plugins and really get some action.
nwo
  ----- Original Message ----- 
  From: santosh reddy 
  To: snort-ml () faceit com ; snort-users () lists sourceforge net 
  Sent: Tuesday, October 07, 2003 6:49 PM
  Subject: [Snort-users] difficulties in alert generation


Hello all...i am new to snort...in three weeks..i was able to install snortsuccessfully and i tested snort using some 
basic rulesfor which i got alerts in the ACID page...now...i set the rule files in the snort.conf file (icommented out 
the rule files) but i am not getting
 anyreal alerts....i am able to log the packets into a file but until andunless we have the alerts (i.e alert packets) 
we cantdifferenciate between the bad data and good data...sohow can i generate alerts using the existing rulesets...do 
we have to work on the internet for a longtime(like opening websites or pornsites) when snort isrunning.suggest me some 
method to generate data with theabnormalities...do we hav to attack our own network...and if yes howdo we do that?the 
final thing is ...i want to generate real timealerts and i want to log data and analyze that data...please mail me as 
soon as possible...thanking youregardsSantosh Bethi 

  Yahoo! India Matrimony: Find your partner online. Post your profile.