Re: Testing Snort

[Martin Holste <mcholste () gmail com>]

I have a short how-to in a previous blog post of mine here:
http://ossectools.blogspot.com/2011/04/network-intrusion-detection-systems.html
under the section "Detecting Packet Drops."

On Sun, Mar 4, 2012 at 12:43 PM, Heine Lysemose <lysemose () gmail com> wrote:
> Hi
>
> Try adding this to your local.rules
>
> alert tcp any any <> any 80 (msg: "Test rule"; sid: 1000001;)
>
> And start browsing a webpage.
>
> Or try browsing to, http://testmyids.com
>
> /Lysemose
>
> On Mar 4, 2012 7:19 PM, "Amit B" <amn0p () me com> wrote:
> > I have a few sensors that are sending alerts and a few not alerting at
> > all. Is there a way of running certain tests to make sure Snort is running
> > properly. I am aware of command line switch option to check on configuration
> > but I want to tip off a few rules, so rules deliberately. Can you please
> > suggest.
> >
> > Thanks,
> > Ams
> >
> >
> >
> > ------------------------------------------------------------------------------
> > Virtualization & Cloud Management Using Capacity Planning
> > Cloud computing makes use of virtualization - but cloud computing
> > also focuses on allowing computing to be delivered as a service.
> > http://www.accelacomm.com/jaw/sfnl/114/51521223/
> > _______________________________________________
> > Snort-users mailing list
> > Snort-users () lists sourceforge net
> > Go to this URL to change user options or unsubscribe:
> > https://lists.sourceforge.net/lists/listinfo/snort-users
> > Snort-users list archive:
> > http://www.geocrawler.com/redir-sf.php3?list=snort-users
> >
> > Please visit http://blog.snort.org to stay current on all the latest Snort
> > news!
>
>
> ------------------------------------------------------------------------------
> Virtualization & Cloud Management Using Capacity Planning
> Cloud computing makes use of virtualization - but cloud computing
> also focuses on allowing computing to be delivered as a service.
> http://www.accelacomm.com/jaw/sfnl/114/51521223/
> _______________________________________________
> Snort-users mailing list
> Snort-users () lists sourceforge net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users
>
> Please visit http://blog.snort.org to stay current on all the latest Snort
> news!

------------------------------------------------------------------------------
Virtualization & Cloud Management Using Capacity Planning
Cloud computing makes use of virtualization - but cloud computing 
also focuses on allowing computing to be delivered as a service.
http://www.accelacomm.com/jaw/sfnl/114/51521223/
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!