[Snort-users] Test Snort with real attacks\packets
ian at ...12163...
Mon Feb 9 20:16:11 EST 2009
Joel Esler wrote:
> Many of our rules are written to vulnerability, not exploit. Nessus
> mostly checks for presence of vulnerability (banner checking) or ability
> to exploit. Many times Nessus won't trigger Snort.
> Metasploit, being an actual exploitation method, will.
Sorry, yet again my mail didn't go to the list, only the OP.
I threw a default Nessus scan against a vanilla snort sensor yesterday
and it produced 148 alerts in a 10 minute interval.
I've not used Metasploit (yet).
More information about the Snort-users