Re: Rules question

[neil ramsarran <neilramsarran () hotmail com>]

is anyone figured out how to run win practice file on snort as I' m having difficulty with windows 10 and is looking 
for some guidance on this assignment.


Thanks

Neil


________________________________
From: lists () packetmail net <lists () packetmail net>
Sent: Thursday, December 1, 2016 9:06 PM
To: snort-sigs () lists sourceforge net
Subject: Re: [Snort-sigs] Rules question

On 12/01/16 20:03, lists () packetmail net wrote:
> On 12/01/16 19:43, neil ramsarran wrote:
> > I'm having the same problem , I cannot seem to get the assignment done with
> > running winpractice txt file on the snort. any help will be highly appreciated
> I'm dealing with this as well, if you look on page #203 there is a diagram that
> shows how to correctly implement it.  So in paragraph 3, sentence 5, on page
> #215 it demonstrates this a bit BUT I would assert the problem is running into
> RFC 1918.  If you look down, Diagram #6, they've scoped HOME_NET and
> EXTERNAL_NET on the same /16 and defined it as that.  *clears throat while
> drawing on the chalkboard* as we all know *puts monocle on* 192.168.1.5 and
> 192.168.10.2 sit on that same broadcast domain so it's probably not crossing a
> Layer 3 boundary and capturing on the local interface doesn't show IDS
> traversal.  This seems to be a book editing issue.

Sorry for the back to back post, if you guys want to meet up tomorrow around
09:00 I'll be in front of the library.  I'm the guy wearing a backpack with a
textbook



------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, SlashDot.org! http://sdm.link/slashdot

Slashdot: News for nerds, stuff that matters<http://sdm.link/slashdot>
sdm.link
Slashdot: News for nerds, stuff that matters. Timely news source for technology related news with a heavy slant towards 
Linux and Open Source issues.



_______________________________________________
Snort-sigs mailing list
Snort-sigs () lists sourceforge net
https://lists.sourceforge.net/lists/listinfo/snort-sigs

Snort-sigs Info Page - SourceForge<https://lists.sourceforge.net/lists/listinfo/snort-sigs>
lists.sourceforge.net
Snort-sigs -- This is the place to talk about Snort rules/signatures About Snort-sigs




http://www.snort.org

Snort - Network Intrusion Detection & Prevention System <http://www.snort.org/>
www.snort.org
Snort is an open-source, free and lightweight network intrusion detection system (NIDS) software for Linux and Windows 
to detect emerging threats.




Please visit http://blog.snort.org for the latest news about Snort!

Snort Blog<http://blog.snort.org/>
blog.snort.org
Recently on Snort's Twitter account, we posted a picture of an infographic that one of our talented graphic artists 
Wendy created, and the response was fantastic.




Visit the Snort.org to subscribe to the official Snort ruleset, make sure to stay up to date to catch the most <a 
href=" https://snort.org/downloads/#rule-downloads";>emerging threats</a>!

------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most 
engaging tech sites, SlashDot.org! http://sdm.link/slashdot

_______________________________________________
Snort-sigs mailing list
Snort-sigs () lists sourceforge net
https://lists.sourceforge.net/lists/listinfo/snort-sigs

http://www.snort.org

Please visit http://blog.snort.org for the latest news about Snort!

Visit the Snort.org to subscribe to the official Snort ruleset, make sure to stay up to date to catch the most <a 
href=" https://snort.org/downloads/#rule-downloads";>emerging threats</a>!