Snort mailing list archives

RE: learning snort

From: Patrick Walsh <pwalsh () esoft com>
Date: Thu, 29 Sep 2005 09:12:39 -0600

-----Original Message-----
From: snort-users-admin () lists sourceforge net
[mailto:snort-users-admin () lists sourceforge net] On Behalf Of James B
Horwath
Sent: Wednesday, September 28, 2005 3:46 PM
To: snort-users () lists sourceforge net
Subject: [Snort-users] learning snort

I am in the process of studying for the GCIA second exam which covers snort
setup and use.  I have been reading the mailing list, snort documentation
and playing with a small controlled snort setup. Although RTFM is great, I
learn better by actually doing hands on things.  I am using a packet
crafting tool like hping2 to watch and learn how snort works.  I have been
reading about tools like snot which use the snort configuration and build
packets based on the configuration.  This seems like an ideal way to learn


        I think you're thinking of sneeze.  It didn't work for me when I tried
it, but I didn't dig very deep into it.  It used to be in the contribs
section of the snort.org site, but I don't see it there anymore, so
perhaps it has been retired.  A google search for "snort sneeze" found
the perl script though.

-- 
Patrick Walsh
eSoft Incorporated
303.444.1600 x3350
http://www.esoft.com/

Attachment: signature.asc
Description: This is a digitally signed message part

Current thread:

learning snort James B Horwath (Sep 28)
- Re: learning snort Joel Esler (Sep 28)
- RE: learning snort Andre' M. DiMino (Sep 28)
  - RE: learning snort Patrick Walsh (Sep 29)