Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Re: snort signature simulation tools

From: security () jonbaer net
Date: Mon, 28 Jun 2004 08:01:58 -0400
Maybe the viruses that allowed them to be created in the first place? ;-)

There is a tool "snot" which Im not sure if its still up-to-date w/ the 
latest Snort and you can probably use tcpreplay for simulation.  Nemesis 
is also a great tool.  Google the 3 and you can come up w/ something.  
With some signatures its a matter of just using the payload while others 
you need to adjust per sig.

- Jon

On Mon, Jun 28, 2004 at 12:22:32AM -0700, praveen kundurthi wrote:

Can anyone let me know if there are any tools which
simulate the signatures (Rules with documentation) in
the snort..
Or some code snippets which simulate these signatures

Regards


-- 
pgp key: http://www.jonbaer.net/jonbaer.asc
fingerprint: F438 A47E C45E 8B27 F68C 1F9B 41DB DB8B 9A0C AF47


-------------------------------------------------------
This SF.Net email sponsored by Black Hat Briefings & Training.
Attend Black Hat Briefings & Training, Las Vegas July 24-29 - 
digital self defense, top technical experts, no vendor pitches, 
unmatched networking opportunities. Visit www.blackhat.com
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: