Snort mailing list archives
Re: [YOUTUBE] Teo En Ming's Snort IDS Sensor in Action
From: James Lay <jlay () slave-tothe-box net>
Date: Tue, 08 Apr 2014 12:08:25 -0600
On 2014-04-08 11:41, Teo En Ming wrote:
Dear List, Please go to Youtube and watch my video of Snort IDS sensor in action! The Youtube link is as follows: http://www.youtube.com/watch?v=NVqlxBJYUj4 [1] Watch how I added a ICMP packet detection rule in icmp.rules, went to http://grc.com [2] to port scan my public IP address, and the ICMP packet snort rule firing off. Dear Joel, Could you publish my Youtube video on http://www.snort.org/docs [3]? Dear James Lay, Since my ICMP packet snort rule fired off when I initiate a port scan against my public IP from http://grc.com [4], do you consider my Snort IDS sensor to be fully operational? Regards, Teo En Ming
Teo, I would consider that the core functionality of snort is working. I would now go into the tuning phase...verify all private/public IP's that you own/manage are in HOME_NET...identify server ports in use and start adding them in (SMTP, HTTP, MSSQL, etc...). James ------------------------------------------------------------------------------ Put Bad Developers to Shame Dominate Development with Jenkins Continuous Integration Continuously Automate Build, Test & Deployment Start a new project now. Try Jenkins in the cloud. http://p.sf.net/sfu/13600_Cloudbees _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- [YOUTUBE] Teo En Ming's Snort IDS Sensor in Action Teo En Ming (Apr 08)
- Re: [YOUTUBE] Teo En Ming's Snort IDS Sensor in Action James Lay (Apr 08)