PCAP samples to test Snort rules (community and subscriber)

[Pat <pkugrinas () gmail com>]

Hello,

We're working on an automated binary analysis platform which captures
traffic and runs Snort/Suricata on the resulting .pcap. With the recently
purchased rule subscription I was wondering if there are any recommended
ways to test some of the rules functionality. Partly because I'm not
completely certain I've got all the configuration bits right.. and it'd be
great to see them in action in general. I found some repositories
containing malicious traffic PCAP samples, notably the ones from various
CTFs and contagio. Is there anything else I can try to really make sure to
trigger them?

Thanks,
-p

------------------------------------------------------------------------------

_______________________________________________
Snort-sigs mailing list
Snort-sigs () lists sourceforge net
https://lists.sourceforge.net/lists/listinfo/snort-sigs
http://www.snort.org


Please visit http://blog.snort.org for the latest news about Snort!