Snort mailing list archives

way for test snort ?

From: payothlh <payothlh () club-internet fr>
Date: Thu, 22 May 2003 23:40:03 +0200

Hi gang,

I have installed Snort-Acid-Mysql-etc ....etc..... on Solaris9

All is OK and I am very happy with.

But now, I must test it quickly.
What is the best way for that ?
How do you test  effectively each rules in a quick way ?

I had a look on the prog snot but I haven't very confidence for adopt itquickly without have a look on the source code quickly.

As second query, how do you phohibit the usage of prog as snot by aninternal user ?

He can generate several thousands alert just for fun.
Of course, as it's an internal user, it's possible to go see it directly.

But, is there an protection for this if the type of Denial Of Servicewas made by an external user ( or an external user spoofing an internaluser ) ?


Thanks in advance for your answers and councils.

Guillaume



-------------------------------------------------------
This SF.net email is sponsored by: ObjectStore.
If flattening out C++ or Java code to make your application fit in a
relational database is painful, don't do it! Check out ObjectStore.
Now part of Progress Software. http://www.objectstore.net/sourceforge
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Current thread:

way for test snort ? payothlh (May 22)
- RE: way for test snort ? Matt Nelson (May 22)
- Re: way for test snort ? Nicholas Bachmann (May 22)
  - RE: way for test snort ? Brian Laing (May 27)
- Re: way for test snort ? David Alonso De La Vega Tapage (May 23)
- <Possible follow-ups>
- RE: way for test snort ? Johan Sunnerstig (May 23)
  - Re: way for test snort ? payothlh (May 23)