[Snort-users] Snort vulnerability scan detection

Teo En Ming teo.en.ming at ...11827...
Mon Apr 14 11:29:02 EDT 2014


Dear Nicholas Mavis,

I ran both nmap and nessus scans from my internal network against my
*public* IP. Snort did not alert me. Any ideas why? I have the following
ruleset installed.

snortrules-snapshot-2960.tar.gz <http://www.snort.org/downloads/2855>

Thank you very much.

Teo En Ming


On Mon, Apr 14, 2014 at 11:17 PM, Nicholas Mavis (nmavis)
<nmavis at ...589...>wrote:

> Rameez,
>
> You likely should have alerted, it depends on what Nessus/Nexpose was
> testing and your rule set. We would need more information if you are
> curious why you did not alert, i.e., a CVE or pcap.
>
> Nick
>
> On 4/14/14, 11:04 AM, "Rameez Qureshi" <rameez_q at ...16117...> wrote:
>
> >Hello
> >
> >Can anyone tell me if snort has the ability to pick up a Nexpose or
> >Nessus vulnerability scan
> >
> >Thanks
> >Rameez
> >
> >Sent from my iPhone
> >--------------------------------------------------------------------------
> >----
> >Learn Graph Databases - Download FREE O'Reilly Book
> >"Graph Databases" is the definitive new guide to graph databases and their
> >applications. Written by three acclaimed leaders in the field,
> >this first edition is now available. Download your free book today!
> >http://p.sf.net/sfu/NeoTech
> >_______________________________________________
> >Snort-users mailing list
> >Snort-users at lists.sourceforge.net
> >Go to this URL to change user options or unsubscribe:
> >https://lists.sourceforge.net/lists/listinfo/snort-users
> >Snort-users list archive:
> >http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users
> >
> >Please visit http://blog.snort.org to stay current on all the latest
> >Snort news!
>
>
>
> ------------------------------------------------------------------------------
> Learn Graph Databases - Download FREE O'Reilly Book
> "Graph Databases" is the definitive new guide to graph databases and their
> applications. Written by three acclaimed leaders in the field,
> this first edition is now available. Download your free book today!
> http://p.sf.net/sfu/NeoTech
> _______________________________________________
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users
>
> Please visit http://blog.snort.org to stay current on all the latest
> Snort news!
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20140414/8bbb54d2/attachment.html>


More information about the Snort-users mailing list