Snort mailing list archives

Re: (no subject)

From: Alberto Gonzalez <albertg () wwjh net>
Date: Tue, 18 Mar 2003 03:39:58 -0500 (EST)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


On Tue, 18 Mar 2003, ryan stangl wrote:


Hello


{ yawn... } Morning.


     I am currently working on a side project at work, which includes learning all there is to know about snort and
snot.  I am curious if anyone has directions, or could explain in basic english how to use snort.  It seems to me that
while I am sure it is very easy, like you say, it is very convoluted with rules and computer jargon, which makes if
difficult for me to grasp the basics of snort.  If someone could just get me started maybe give me a few really common
simple rules that you use often and fill me in that would be great.  I have it loaded already and  understand what it 
is
and how it works, I just need help getting it started and functional, and then able to read the results.  Anyhelp on 
this
would be much appreciated, but please make it simple, as I have read numerous sites about it already and still don't
understand a lot.


Well, you have alot of reading to do if the basics of snort seem 
difficult. May i suggest heading here[1] and reading the "studying Normal 
Traffic" series Evaulating IDS signatures series and the others.. use this 
site to your advantage. Cheers!

Thanks

Ryan


 Cheers,
 Alberto Gonzalez

[1] - http://www.securityfocus.com/cgi-bin/sfonline/ids_topics.pl

PS: there are also a few books on IDS'es.. Cheers

- -- 
"Success comes to the person who does today, what you are thinking of doing tomorrow." 

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iD8DBQE+dttia3vAB/3yp/IRAssvAJ9C9FlqkUa1w9CiEsp3oFM+RODuCgCg0a5T
Cbf4ZrgtDRpfWkznBDLzMnE=
=POJt
-----END PGP SIGNATURE-----



-------------------------------------------------------
This SF.net email is sponsored by: Does your code think in ink?
You could win a Tablet PC. Get a free Tablet PC hat just for playing.
What are you waiting for?
http://ads.sourceforge.net/cgi-bin/redirect.pl?micr5043en
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Current thread:

(no subject), (continued)
- (no subject) abhi naik (Feb 14)
  - Re: (no subject) Charles Darwin (Feb 16)
  - RE: (no subject) Michael Steele (Feb 16)
- (no subject) jcosta (Feb 27)
  - Re: (no subject) Erek Adams (Feb 27)
  - Re: (no subject) Erick Mechler (Feb 27)
- (no subject) Comcast (Mar 02)
  - Re: (no subject) Erek Adams (Mar 03)
- (no subject) Motif (Mar 07)
- (no subject) ryan stangl (Mar 17)
  - Re: (no subject) Alberto Gonzalez (Mar 18)
- (no subject) aalbert (Mar 25)
- (no subject) Ken Bell (Mar 27)
  - Adobe's Ducky Adam Shephard (Mar 27)