[Snort-users] What am I missing?
Edward.M.Greshko at ...1974...
Sat May 5 19:48:35 EDT 2001
Here is my setup....
3 machines on the same subnet.
a. runs snort
b. runs nessus (10.220.17.96)
c. intended victim
var HOME_NET [10.220.17.0/24,!10.220.17.96/32]
var EXTERNAL_NET !$HOME_NET
Then a full nessus run was performed.
However, the only things logged were....
spp_portscan: portscan status
spp_http_decode: CGI Null Byte attack detected
I must be missing something....
Edward M. Greshko Technical Manager
Syntegra Asia Region
More information about the Snort-users