[Snort-sigs] Snort alerts
pildesapo2 at protonmail.com
Mon May 21 09:40:32 EDT 2018
Currently I am trying to setup Snort 2.9.11. The problem is that snort is not detecting any nmap scans nor metasploit attacks. Adding a simple ICMP rule works though. Both community and registered rulesets are added and loaded into Snort.
Virtualbox environment (1 attack VM, 1 victim VM) with snort on the host machine, listening on vboxnet4 on which the victim VM receives nmap and metasploit attacks.
Snort start command:
$ sudo snort -c /etc/snort/snort.conf -l /var/log/snort/test5 -A full -i vboxnet4 -k none -de
My question is: why aren't any alerts triggered on the nmap or metasploit attacks.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Snort-sigs