Snort mailing list archives
Testing Snort functionality, or, how do I know if Snort really works?
From: Ricky Huang <rhuang.work () gmail com>
Date: Wed, 6 Mar 2013 10:11:12 -0800
Hello all, Following the abundant info/instructions on snort.org, I have set up Snort on my server with basic configurations, loaded the latest (registered user) Sourcefire-VRT rules, and it is currently running according to the "status" argument. Now for the very n00b question, how do I know Snort actually works? I meant is there a test intrusion suite that will run again a snort-protected server for validation? How does one test to see if a rule established by Sourcefire is in fact, in effect? It would not make sense for me to sit around waiting for attacks, right? I apologize if this seem like a noob question, but it is my first experience setting up IDS/IPS. Thanks in advance.
------------------------------------------------------------------------------ Symantec Endpoint Protection 12 positioned as A LEADER in The Forrester Wave(TM): Endpoint Security, Q1 2013 and "remains a good choice" in the endpoint security space. For insight on selecting the right partner to tackle endpoint security challenges, access the full report. http://p.sf.net/sfu/symantec-dev2dev
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- Testing Snort functionality, or, how do I know if Snort really works? Ricky Huang (Mar 06)