Testing snort alerts
-
What sort of things would cause snort to throw an alert?
I am trying to test its functionality so I need a few test cases that would prove that it works.
Thank you
-
What sort of things would cause snort to throw an alert?
I am trying to test its functionality so I need a few test cases that would prove that it works.
Thank you
Enable the Emerging Threats scan rules category, then scan the firewall (on the interface where Snort is running) from a host running nmap. That should generate some alerts for MySQL probes, VNC probes and a handful of others.
Bill