Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Re: sample files

From: Nick Moore <nmoore () sourcefire com>
Date: Thu, 12 Jan 2012 06:14:08 -0600
Negin,

One of the easiest ways to get some alerts is to play back a pcap file
through your Snort implementation. Since you said you don't have one
installed, you can easily install one using one of the setup guides or by
using one of the binaries already compiled on the snort web site.

Some sources of pcap files can be found here:
http://sourceforge.net/apps/mediawiki/networkminer/index.php?title=Publicly_available_PCAP_files

Happy Snorting!

Nick

On Thu, Jan 12, 2012 at 5:17 AM, Negin Nickparsa <nickparsa () gmail com>wrote:


hello
I know I can set snort to output me in my sql format
I don't have snort installed right now but I need sample data from snort
alerts in full mode is there any site like a repository to download them
from? I want them in mysql format. or if not can you introduce me txt files?
Thanks in advance


------------------------------------------------------------------------------
RSA(R) Conference 2012
Mar 27 - Feb 2
Save $400 by Jan. 27
Register now!
http://p.sf.net/sfu/rsa-sfdev2dev2
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Please visit http://blog.snort.org to stay current on all the latest
Snort news!





-- 
Nick Moore, SFCE, CISSP, CISA
Sr. Systems Engineer
Voice 708-336-9041
Email nick.moore () sourcefire com
IM    nickgmoore (Yahoo)
       nickgmoore38 (AIM)

    ,,_
   o"  )~   Sourcefire - The Creators of Snort
    ''''

www.sourcefire.com         www.snort.org     www.immunet.com

------------------------------------------------------------------------------
RSA(R) Conference 2012
Mar 27 - Feb 2
Save $400 by Jan. 27
Register now!
http://p.sf.net/sfu/rsa-sfdev2dev2
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!
Previous By Date Next
Previous By Thread Next

Current thread: