I have enabled signature for ping 2000 and 2004 and i have set them sev to high still i am not get alert.
I also did nmap attack and it give alert
how can i achieve this ?
Yes using IDM you can select multiple signatures and right-click -> Enable.
Signature 2000-0 triggers on ICMP Echo Replies and 2004-0 triggers on ICMP Echo Requests. Note that these are
extremely common network traffic. If you have enabled and unretired the sigs and if the sigs fire when tested using NMAP, they seem to be working fine. May be theres some other device on your network thats blocking such packets.
2000 and 2004 are retired by default now. You will need to make sure that you both enable and unretire these signatures before testing.