• try setting HOME_NET and EXTERNAL_NET to any
  • to run, just type service snortd restart as root
  • try activating and deactivating rules to vary output
  • text alerts go in /var/log/snort/alert
  • binary logging goes in /var/log/snort/snort.log.TIMESTAMP
  • For real fun...make your own rules
    • NEXT
    PREVIOUS
    Master Index