Snort mailing list archives
RE: signature testing (win32)
From: "Hicks, John" <JHicks () JUSTICE GC CA>
Date: Wed, 11 Sep 2002 11:46:35 -0400
A number of tools can be used to unobtrusively test snort. Off the top of my head here are a few of my favories: Nmap O/S detection as well as various types of port scanning (www.nmap.org); Cerberus Internet Scannet - bannering/testing of various services (http://www.cerberus-infosec.co.uk/cis.shtml) Nikto - web server scanner based on RFP's libWhisker code (http://www.cirt.net/code/nikto.shtml) hth, John -----Original Message----- From: netsec novice [mailto:netsec9 () hotmail com] Sent: Tuesday, September 10, 2002 8:06 PM To: snort-users () lists sourceforge net Subject: [Snort-users] signature testing (win32) Have SNORT/ACID set up and would like to verify that I'm detecting traffic on required subnets. I have seen reference to a tool called 'sneeze' that will generate false alarms but I have not been able to find it. Is there another way I can verify my setup by creating alerts that won't be destructive? thanks _________________________________________________________________ MSN Photos is the easiest way to share and print your photos: http://photos.msn.com/support/worldwide.aspx ------------------------------------------------------- In remembrance www.osdn.com/911/ _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users ------------------------------------------------------- In remembrance www.osdn.com/911/ _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- signature testing (win32) netsec novice (Sep 10)
- Re: signature testing (win32) Matt Kettler (Sep 10)
- Re: signature testing (win32) Erek Adams (Sep 11)
- Re: signature testing (win32) Mark Villanova (Sep 15)
- Re: signature testing (win32) Robby Desmond (Sep 15)
- <Possible follow-ups>
- RE: signature testing (win32) Hicks, John (Sep 11)