snort signatures

[praveen kundurthi <praveen_kundurthi () yahoo com>]

Hi
We simulated the snort signatures by creating the TCP
packets, UDP packets, IP and ICMP..We were exactly
simulating the signature rules by using a traffic
generator which generates a particular TCP or UDP or
IP or ICMP packets..Then we are catching those packets
using Ethereal..Then we are modifying the packets
using a Hex editor to exactly simulate a signature
rule..

Here is a problem for me..I created a directory
packets which got sub-directories like TCP, UDP IP and
ICMP..I got the packets in the respective
directories..Our engine will read the packet as a
file, runs  and we got to give the SID of the packet
as the command line and our engine will generate an
alarm...How can I automate it..
I mean if I give UDP as the command line argument
engine should go through the directory and read all
the packets and generate alarms..same for TCP <IP and
ICMP..Can I get a code for that..

Regards


                
_______________________________
Do you Yahoo!?
Express yourself with Y! Messenger! Free. Download now. 
http://messenger.yahoo.com


-------------------------------------------------------
This SF.Net email is sponsored by OSTG. Have you noticed the changes on
Linux.com, ITManagersJournal and NewsForge in the past few weeks? Now,
one more big change to announce. We are now OSTG- Open Source Technology
Group. Come see the changes on the new OSTG site. www.ostg.com
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users