[Snort-users] Help! I ran Nessus Vulnerability Scanner against my Public IP and No Alerts showed up on my Snort IDS box!

Teo En Ming teo.en.ming at ...11827...
Mon Apr 7 17:40:07 EDT 2014


But alerts are not showing up when I ran nessus against my home network.
Sigh.

Teo En Ming


On Tue, Apr 8, 2014 at 5:05 AM, James Lay <jlay at ...13475...> wrote:

> On 2014-04-07 15:04, Teo En Ming wrote:
>
>> Dear James,
>>
>> I have already added the following rule to icmp.rules some time ago:
>>
>> alert icmp any any -> any any (msg:"ICMP Packet", sid:477; rev:3;)
>>
>> The rule DID fire when I visited grc.com [7] to port scan my public IP
>> address.
>>
>> Use Gibson Research Corporations ShieldsUP! to port scan your public
>> IP address.
>>
>>  https://www.grc.com/x/ne.dll?bh0bkyd2 [8]
>>
>> Regards,
>>
>> Teo En Ming
>>
>
> Excellent...then your IDS is functional :)
>
> James
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20140408/593c3f2f/attachment.html>


More information about the Snort-users mailing list