Snort mailing list archives
Re: snort signature simulation tools
From: security () jonbaer net
Date: Mon, 28 Jun 2004 08:01:58 -0400
Maybe the viruses that allowed them to be created in the first place? ;-) There is a tool "snot" which Im not sure if its still up-to-date w/ the latest Snort and you can probably use tcpreplay for simulation. Nemesis is also a great tool. Google the 3 and you can come up w/ something. With some signatures its a matter of just using the payload while others you need to adjust per sig. - Jon On Mon, Jun 28, 2004 at 12:22:32AM -0700, praveen kundurthi wrote:
Can anyone let me know if there are any tools which simulate the signatures (Rules with documentation) in the snort.. Or some code snippets which simulate these signatures Regards
-- pgp key: http://www.jonbaer.net/jonbaer.asc fingerprint: F438 A47E C45E 8B27 F68C 1F9B 41DB DB8B 9A0C AF47 ------------------------------------------------------- This SF.Net email sponsored by Black Hat Briefings & Training. Attend Black Hat Briefings & Training, Las Vegas July 24-29 - digital self defense, top technical experts, no vendor pitches, unmatched networking opportunities. Visit www.blackhat.com _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- snort signature simulation tools praveen kundurthi (Jun 28)
- Re: snort signature simulation tools security (Jun 28)