Testing snort alerts



  • What sort of things would cause snort to throw an alert?

    I am trying to test its functionality so I need a few test cases that would prove that it works.

    Thank you



  • @tsolrm:

    What sort of things would cause snort to throw an alert?

    I am trying to test its functionality so I need a few test cases that would prove that it works.

    Thank you

    Enable the Emerging Threats scan rules category, then scan the firewall (on the interface where Snort is running) from a host running nmap.  That should generate some alerts for MySQL probes, VNC probes and a handful of others.

    Bill