Snort mailing list archives
Re: how to test free Registered rules
From: Ivan Radev <ivan.radev () technoco re>
Date: Tue, 23 Mar 2021 08:22:01 +0200
Hello Lolita, This is not a straightforward question as the set of rules is constantly changing. You can give a try testing your IDS/IPS with a vulnerability assessment tool as OpenVAS, Qualys, or just craft rules for yourself and then craft packets that match. Basic example is to create a simple icmp rule with a content matcher, then ping with a pattern "ping -p" . The pattern uses only hexa. Cheers, Ivan <https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail&utm_term=icon> Virus-free. www.avast.com <https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail&utm_term=link> <#DAB4FAD8-2DD7-40BB-A1B8-4E2AA1F9FDF2> On Mon, Mar 22, 2021 at 3:18 PM Lolita M. via Snort-sigs < snort-sigs () lists snort org> wrote:
Hello. I’m Laurie. I’m new to snort. I configure yet my detector and i think all things is rigth ; I got the message "Snort successfuly validated the configuration ». Now i want to truly test an intrusion detection with my free Registered rules - Downloaded on the site-. Which tests can i make ? How make these tests ? May i get all details possible ? Thank you _______________________________________________ Snort-sigs mailing list Snort-sigs () lists snort org https://lists.snort.org/mailman/listinfo/snort-sigs Please visit http://blog.snort.org for the latest news about Snort! Please follow these rules: https://snort.org/faq/what-is-the-mailing-list-etiquette Visit the Snort.org to subscribe to the official Snort ruleset, make sure to stay up to date to catch the most <a href=" https://snort.org/downloads/#rule-downloads">emerging threats</a>!
-- Ivan Radev TechnoCore
_______________________________________________ Snort-sigs mailing list Snort-sigs () lists snort org https://lists.snort.org/mailman/listinfo/snort-sigs Please visit http://blog.snort.org for the latest news about Snort! Please follow these rules: https://snort.org/faq/what-is-the-mailing-list-etiquette Visit the Snort.org to subscribe to the official Snort ruleset, make sure to stay up to date to catch the most <a href=" https://snort.org/downloads/#rule-downloads">emerging threats</a>!
Current thread:
- how to test free Registered rules lolitajk01--- via Snort-sigs (Mar 19)
- how to test free Registered rules Lolita M. via Snort-sigs (Mar 22)
- Re: how to test free Registered rules Ivan Radev (Mar 23)
- how to test free Registered rules Lolita M. via Snort-sigs (Mar 22)