[Snort-users] My Snort IDS Sensor Detected Nessus Vulnerability Scan

Eric G eric at ...15503...
Fri Apr 18 15:33:55 EDT 2014


On Apr 18, 2014 3:25 PM, "Teo En Ming" <teo.en.ming at ...11827...> wrote:
>
> Hi,
>
> My Snort IDS sensor detected nessus vulnerability scan. The nessus
vulnerability scan was launched from WAN outside of HOME_NET. However, the
alerts generated were few. It seems that Snort rules are not comprehensive
enough.
>

Teo, once again, you don't have your HOME_NET defined as your external IP
but you keep insisting that Snort isn't working right. Your config is
broken, not Snort.

If you want Snort to light up like a Christmas tree when you scan your box,
tap your outside interface and define HOME_NET as your external IP address.

--
Eric
http:// www.linkedin.com/in/ericgearhart
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20140418/fdc7d7b6/attachment.html>


More information about the Snort-users mailing list