Run Snort to listen to the traffic on the interface you specify. The more traffic the better. What alerts are raised by Snort? Do you think they are false positives? You may capture the traffic in a file and let Snort read the file off-line. Therefore, you have a chance to manually analyze the packets or connections that cause an alert later.
Already registered? Login
Not Account? Sign up
Enter your email address to reset your password
Back to Login? Click here