Snort mailing list archives
Re: Testing Snort
From: Kiira Triea <kiira-t () mail bsasinc org>
Date: Sun, 22 Jul 2001 08:37:18 -0400 (EDT)
Hi,
One way to test Snort if your using it to watch a webserver is to use www.safeweb.com or www.anonymizer.com and surf to you server and put cmd.exe at the end of the url. This should trigger the cmd.exe exploit rule. www.yourwebserver.com/cmd.exeHello, I am new to snort and am wondering how other people test to see if snort is working on their system. I have seen security auditing systems available on the web for on demand system challenges...is that how you do it? Or enlist a friend with scanning software? -Jonathan
Another way to generate "attacks" of your own is to get the nemesis package from www.packetfactory.net and build frames that trigger alerts. You can put anything in the payload as well. It's convenient (and fun!) to create single tcp,udp or icmp frames and see how they trigger. Kiira _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: http://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Testing Snort sleen (Jul 20)
- Re: Testing Snort Andreas Östling (Jul 20)
- Re: Testing Snort Wynn Fenwick (Jul 20)
- Re: Testing Snort Craig Woods (Jul 20)
- <Possible follow-ups>
- Re: Testing Snort Dr SuSE (Jul 20)
- Re: Testing Snort Kiira Triea (Jul 22)
- RE: Testing Snort Joe Stevensen (Jul 20)
- Re: Testing Snort Ben Johansen (Jul 20)
- Re: Testing Snort Dr SuSE (Jul 20)
- Testing snort Travis Farmer (Sep 06)
- Re: Testing snort Dragos Ruiu (Sep 06)
- Re: Testing snort Nathan Carey (Sep 06)
- Re: Testing snort gary . smith (Sep 07)
- RE: Re: Testing snort ro0tw0rm (Sep 07)