Snort mailing list archives
Re: Rules test utility
From: erlacher--- via Snort-sigs <snort-sigs () lists snort org>
Date: Wed, 11 Jul 2018 14:01:11 +0200
I generated a network trace containing thousands of attack patterns, available here www.ccs-labs.org/~erlacher/resources/genesids/genesidsAttackTrace.pcapng Might be an overkill in your case but will definitely do the job, with an up-to-date rule set you will get MANY alerts. Labels and more info on how this trace is created can be found here: www.ccs-labs.org/~erlacher/resources/, look for the GENESIDS entry. regards felix On 10/07/18 19:50, Al Lewis (allewi) via Snort-sigs wrote:
Any security scanner will do. ☺ *Albert Lewis* ENGINEER.SOFTWARE ENGINEERING Cisco Systems Inc. Email: allewi () cisco com <mailto:allewi () cisco com> *From: *Snort-sigs <snort-sigs-bounces () lists snort org> on behalf of PERRON André <aperron () alouette qc ca> *Date: *Tuesday, July 10, 2018 at 1:41 PM *To: *"'snort-sigs () lists snort org'" <snort-sigs () lists snort org> *Subject: *[Snort-sigs] Rules test utility Hello, I have installed and configured Snort (in alert mode) on my pfSense HA system. Now I would like to verify that Snort is working properly. Is there a utility that I could use that simulates attacks that would be trapped by Snort and prove my setup is working ? Thank you, *André Perron* Administrateur de réseau Aluminerie Alouette Inc. 400 Chemin de la Pointe Noire Sept-Iles, Québec Canada G4R 5M9 (418) 964-7000 ext. 7232 _______________________________________________ Snort-sigs mailing list Snort-sigs () lists snort org https://lists.snort.org/mailman/listinfo/snort-sigs Please visit http://blog.snort.org for the latest news about Snort! Please follow these rules: https://snort.org/faq/what-is-the-mailing-list-etiquette Visit the Snort.org to subscribe to the official Snort ruleset, make sure to stay up to date to catch the most <a href=" https://snort.org/downloads/#rule-downloads">emerging threats</a>!
-- Felix Erlacher ccs-labs.org/~erlacher Key-ID:4EAC0959
Attachment:
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Snort-sigs mailing list Snort-sigs () lists snort org https://lists.snort.org/mailman/listinfo/snort-sigs Please visit http://blog.snort.org for the latest news about Snort! Please follow these rules: https://snort.org/faq/what-is-the-mailing-list-etiquette Visit the Snort.org to subscribe to the official Snort ruleset, make sure to stay up to date to catch the most <a href=" https://snort.org/downloads/#rule-downloads">emerging threats</a>!
Current thread:
- Rules test utility PERRON André (Jul 10)
- <Possible follow-ups>
- Re: Rules test utility Al Lewis (allewi) via Snort-sigs (Jul 10)
- Re: Rules test utility erlacher--- via Snort-sigs (Jul 11)