Snort rules Commented

["Asad, Hafiz ul" <Hafiz-ul.Asad () city ac uk>]

Hi Snort users,

I have been using Snort for the last couple of months. I have been trying to do some evasion tests but was not getting 
any alerts. Then I realized that most of the alerts in the "snort.rules" (which I downloaded using pulledpork) were 
commented out. After uncommenting all the rules, I am now getting alerts for different evasion tests. Is this the right 
approach to use snort with registered and community rules?


asad



Hafiz ul Asad

Research Assistant

Center for Software Reliability

School of Mathematics,  Computer Science & Engineering

City University London, EC1V 0HB London

Tel : +44 (0) 20 7040 8422

------------------------------------------------------------------------------
Mobile security can be enabling, not merely restricting. Employees who
bring their own devices (BYOD) to work are irked by the imposition of MDM
restrictions. Mobile Device Manager Plus allows you to control only the
apps on BYO-devices by containerizing them, leaving personal data untouched!
https://ad.doubleclick.net/ddm/clk/304595813;131938128;j

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!