Snort mailing list archives

Re: How dose suricata load snort dynamic rules (so_rules)?

From: 刘强 <liuqiang40 () 163 com>
Date: Sat, 19 Nov 2016 15:08:26 +0800 (CST)

Hi


The purpose is to show basic IDS ability.
1. ddos attack
2. SQL inject
3. Web attack
and so on.

Could you please kindly provide some precious advice?

Thanks so much.


At 2016-11-19 12:14:40, "Joel Esler (jesler)" <jesler () cisco com> wrote:

Which rules are you trying to trigger?

--
Sent from my iPhone

On Nov 18, 2016, at 10:12 PM, 刘强 <liuqiang40 () 163 com> wrote:


Hi,

We need show a demo to our customer the IDS ability of snort.


Where can I find some pcap samples to trigger the rules?

Thanks a lot.






在 2016-11-18 00:06:43，"Joel Esler (jesler)" <jesler () cisco com> 写道：
It doesn’t.  Suricata cannot load Snort’s Dynamic Ruleset.  




--
Joel Esler | Talos: Manager | jesler () cisco com











On Nov 16, 2016, at 9:58 PM, 刘强 <liuqiang40 () 163 com> wrote:


Hi,

How can I use the latest suricata to load the latest snort dynamic rules (so_rules)?

Thanks a lot.





超大附件列表‍
snortrules-snapshot-2983.tar[205.6MB]‍
进入下载页面



 

------------------------------------------------------------------------------
_______________________________________________
Snort-sigs mailing list
Snort-sigs () lists sourceforge net
https://lists.sourceforge.net/lists/listinfo/snort-sigs

http://www.snort.org

Please visit http://blog.snort.org for the latest news about Snort!

Visit the Snort.org to subscribe to the official Snort ruleset, make sure to stay up to date to catch the most <a 
href=" https://snort.org/downloads/#rule-downloads";>emerging threats</a>!

------------------------------------------------------------------------------

_______________________________________________
Snort-sigs mailing list
Snort-sigs () lists sourceforge net
https://lists.sourceforge.net/lists/listinfo/snort-sigs

http://www.snort.org

Please visit http://blog.snort.org for the latest news about Snort!

Visit the Snort.org to subscribe to the official Snort ruleset, make sure to stay up to date to catch the most <a 
href=" https://snort.org/downloads/#rule-downloads";>emerging threats</a>!

Current thread:

How dose suricata load snort dynamic rules (so_rules)? 刘强 (Nov 17)
- Re: How dose suricata load snort dynamic rules (so_rules)? Joel Esler (jesler) (Nov 17)
  - Re: How dose suricata load snort dynamic rules (so_rules)? 刘强 (Nov 22)
    - Re: How dose suricata load snort dynamic rules (so_rules)? Joel Esler (jesler) (Nov 18)
    - Re: How dose suricata load snort dynamic rules (so_rules)? 刘强 (Nov 22)
    - Re: How dose suricata load snort dynamic rules (so_rules)? Joel Esler (jesler) (Nov 21)
    - Snort cann't check LOIC 刘强 (Nov 22)
    - Re: Snort cann't check LOIC lists (Nov 22)
    - Re: Snort cann't check LOIC lists (Nov 22)
    - Re: Snort cann't check LOIC Joel Esler (jesler) (Nov 22)