Snort mailing list archives
Re: Way to generate alerts?
From: Joel Esler <jesler () sourcefire com>
Date: Thu, 17 Jan 2013 12:02:00 -0500
Or you could just read the pcap with Snort's -r command. On Jan 17, 2013, at 11:48 AM, Giles Coochey <giles () coochey net> wrote:
On 10/01/2013 22:46, Matthew Van Gent wrote:administrator@cp-pci-1301:~$ curl testmyids.com uid=0(root) gid=0(root) groups=0(root) administrator@cp-pci-1301:~$ I do not see any alerts in snortreport.Which implies that the test has failed? Another good test is to download a PCAP from one of these locations: http://code.google.com/p/security-onion/wiki/Pcaps and using tcpreplay to fire them into your wires. -- Regards, Giles Coochey, CCNA, CCNAS NetSecSpec Ltd +44 (0) 7983 877438 http://www.coochey.net http://www.netsecspec.co.uk giles () coochey net ------------------------------------------------------------------------------ Master Visual Studio, SharePoint, SQL, ASP.NET, C# 2012, HTML5, CSS, MVC, Windows 8 Apps, JavaScript and much more. Keep your skills current with LearnDevNow - 3,200 step-by-step video tutorials by Microsoft MVPs and experts. ON SALE this month only -- learn more at: http://p.sf.net/sfu/learnmore_122712_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
------------------------------------------------------------------------------ Master Visual Studio, SharePoint, SQL, ASP.NET, C# 2012, HTML5, CSS, MVC, Windows 8 Apps, JavaScript and much more. Keep your skills current with LearnDevNow - 3,200 step-by-step video tutorials by Microsoft MVPs and experts. ON SALE this month only -- learn more at: http://p.sf.net/sfu/learnmore_122712
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- Way to generate alerts? Matthew Van Gent (Jan 10)
- Re: Way to generate alerts? Heine Lysemose (Jan 10)
- Re: Way to generate alerts? Matthew Van Gent (Jan 10)
- Re: Way to generate alerts? Giles Coochey (Jan 17)
- Re: Way to generate alerts? Joel Esler (Jan 17)
- Re: Way to generate alerts? Matthew Van Gent (Jan 10)
- Re: Way to generate alerts? Heine Lysemose (Jan 10)