Snort mailing list archives
Re: Rules question
From: neil ramsarran <neilramsarran () hotmail com>
Date: Sun, 4 Dec 2016 23:47:19 +0000
is anyone figured out how to run win practice file on snort as I' m having difficulty with windows 10 and is looking for some guidance on this assignment. Thanks Neil ________________________________ From: lists () packetmail net <lists () packetmail net> Sent: Thursday, December 1, 2016 9:06 PM To: snort-sigs () lists sourceforge net Subject: Re: [Snort-sigs] Rules question On 12/01/16 20:03, lists () packetmail net wrote:
On 12/01/16 19:43, neil ramsarran wrote:I'm having the same problem , I cannot seem to get the assignment done with running winpractice txt file on the snort. any help will be highly appreciatedI'm dealing with this as well, if you look on page #203 there is a diagram that shows how to correctly implement it. So in paragraph 3, sentence 5, on page #215 it demonstrates this a bit BUT I would assert the problem is running into RFC 1918. If you look down, Diagram #6, they've scoped HOME_NET and EXTERNAL_NET on the same /16 and defined it as that. *clears throat while drawing on the chalkboard* as we all know *puts monocle on* 192.168.1.5 and 192.168.10.2 sit on that same broadcast domain so it's probably not crossing a Layer 3 boundary and capturing on the local interface doesn't show IDS traversal. This seems to be a book editing issue.
Sorry for the back to back post, if you guys want to meet up tomorrow around 09:00 I'll be in front of the library. I'm the guy wearing a backpack with a textbook ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, SlashDot.org! http://sdm.link/slashdot Slashdot: News for nerds, stuff that matters<http://sdm.link/slashdot> sdm.link Slashdot: News for nerds, stuff that matters. Timely news source for technology related news with a heavy slant towards Linux and Open Source issues. _______________________________________________ Snort-sigs mailing list Snort-sigs () lists sourceforge net https://lists.sourceforge.net/lists/listinfo/snort-sigs Snort-sigs Info Page - SourceForge<https://lists.sourceforge.net/lists/listinfo/snort-sigs> lists.sourceforge.net Snort-sigs -- This is the place to talk about Snort rules/signatures About Snort-sigs http://www.snort.org Snort - Network Intrusion Detection & Prevention System <http://www.snort.org/> www.snort.org Snort is an open-source, free and lightweight network intrusion detection system (NIDS) software for Linux and Windows to detect emerging threats. Please visit http://blog.snort.org for the latest news about Snort! Snort Blog<http://blog.snort.org/> blog.snort.org Recently on Snort's Twitter account, we posted a picture of an infographic that one of our talented graphic artists Wendy created, and the response was fantastic. Visit the Snort.org to subscribe to the official Snort ruleset, make sure to stay up to date to catch the most <a href=" https://snort.org/downloads/#rule-downloads">emerging threats</a>!
------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, SlashDot.org! http://sdm.link/slashdot
_______________________________________________ Snort-sigs mailing list Snort-sigs () lists sourceforge net https://lists.sourceforge.net/lists/listinfo/snort-sigs http://www.snort.org Please visit http://blog.snort.org for the latest news about Snort! Visit the Snort.org to subscribe to the official Snort ruleset, make sure to stay up to date to catch the most <a href=" https://snort.org/downloads/#rule-downloads">emerging threats</a>!
Current thread:
- Rules question Atanas Hambardzhiev (Dec 01)
- Re: Rules question Alex McDonnell (Dec 01)
- Re: Rules question neil ramsarran (Dec 01)
- Re: Rules question neil ramsarran (Dec 01)
- Re: Rules question Chris Pyles (Dec 01)
- Re: Rules question lists (Dec 01)
- Re: Rules question lists (Dec 01)
- Re: Rules question neil ramsarran (Dec 04)
- Re: Rules question Joel Esler (jesler) (Dec 04)
- Re: Rules question neil ramsarran (Dec 01)
- Re: Rules question Wei Chea Ang (Dec 02)
- Re: Rules question neil ramsarran (Dec 01)
- Re: Rules question lists (Dec 01)