Snort mailing list archives
Re: need some attacks to test snort
From: "Patrick S. Harper" <patrick () internetsecurityguru com>
Date: Fri, 20 Apr 2007 01:08:29 -0500
Nessus will do that, he just mentioned that if your curently reciving ICMP alerts then you know Snort is runing. You also look might look at metasploit.
-----Original Message----- From: snort-users-bounces () lists sourceforge net [mailto:snort-users- bounces () lists sourceforge net] On Behalf Of Fossil Sent: Friday, April 20, 2007 12:43 AM To: snort-users () lists sourceforge net Subject: Re: [Snort-users] need some attacks to test snort Thank you Joel Sure, I will try BASE. About the ICMP, ya thats true but i want to study more about how this rules get fired and how attacks are made, so i was looking for more attacks for my understanding and learning about the network security. so if you have more info regarding where i can download those codes i will more than helpful. best regards fossil Fossil, #1 -- Don't use ACID, use BASE. http://base.secureideas.net #2 -- You can use something like nessus to make Snort alert to make sure it's generating alerts, however, if you already receiving ICMP alerts, then you know it working properly. Joel +---------------------------------------------------------------------+ Joel Esler Security Consultant gpg key: http://demo.sourcefire.com/jesler.pgp.key +---------------------------------------------------------------------+ On Apr 19, 2007, at 9:43 PM, Fossil wrote:Hello every one i have installed snort and Acid now i need some attacks - code by which i can check snort. i mean some example code, script by running that on other machine, the snort generates alert. is there a site where i can download some attacks for testing purpose. i have the ICMP or ping based attacks but i want other ones. is there a source where i can download that code any help will be appreciated Thanks and regards fossil________________________________ Ahhh...imagining that irresistible "new car" smell? Check out new cars at Yahoo! Autos. <http://us.rd.yahoo.com/evt=48245/*http://autos.yahoo.com/new_cars.html ;_ylc=X3oDMTE1YW1jcXJ2BF9TAzk3MTA3MDc2BHNlYwNtYWlsdGFncwRzbGsDbmV3LWNhc nM->
------------------------------------------------------------------------- This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/ _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- need some attacks to test snort Fossil (Apr 19)
- Re: need some attacks to test snort Joel Esler (Apr 19)
- <Possible follow-ups>
- Re: need some attacks to test snort Fossil (Apr 19)
- Re: need some attacks to test snort Patrick S. Harper (Apr 19)
- Re: need some attacks to test snort Benjamin Small (Apr 22)
- Re: need some attacks to test snort Joel Esler (Apr 22)
- Re: need some attacks to test snort Patrick S. Harper (Apr 19)