Re: Way to generate alerts?

[Giles Coochey <giles () coochey net>]

On 10/01/2013 22:46, Matthew Van Gent wrote:
> administrator@cp-pci-1301:~$ curl testmyids.com
>
> uid=0(root) gid=0(root) groups=0(root)
>
> administrator@cp-pci-1301:~$
>
> I do not see any alerts in snortreport.
Which implies that the test has failed?

Another good test is to download a PCAP from one of these locations: 
http://code.google.com/p/security-onion/wiki/Pcaps

and using tcpreplay to fire them into your wires.

--
Regards,

Giles Coochey, CCNA, CCNAS
NetSecSpec Ltd
+44 (0) 7983 877438
http://www.coochey.net
http://www.netsecspec.co.uk
giles () coochey net

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

------------------------------------------------------------------------------
Master Visual Studio, SharePoint, SQL, ASP.NET, C# 2012, HTML5, CSS,
MVC, Windows 8 Apps, JavaScript and much more. Keep your skills current
with LearnDevNow - 3,200 step-by-step video tutorials by Microsoft
MVPs and experts. ON SALE this month only -- learn more at:
http://p.sf.net/sfu/learnmore_122712

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!