[Snort-users] Help! I ran Nessus Vulnerability Scanner against my Public IP and No Alerts showed up on my Snort IDS box!

Bjoern Meier bjoern.meier at ...11827...
Mon Apr 7 15:33:37 EDT 2014


2014-04-07 21:19 GMT+02:00 Teo En Ming <teo.en.ming at ...11827...>:
> Question 3: The Nessus vulnerability scanner reported numerous
> vulnerabilities. Why are there no alerts in my Snort IDS box at all?

ok, one example:

maybe one version of Apache2 has a security hole. Nessus grabs the banner
and sees that you have this version running.  It does not need to exploit
any of this.
Nessus is just information gathering, not exploiting. Why should Snort
alert this? It's not evil. Many programs are gathering information. Just
like your Browser (Which can show you also the banner on a indexed site).

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20140407/c24e9dad/attachment.html>

More information about the Snort-users mailing list