Snort mailing list archives
Re: Rapid7 and Snort....Good Things from this I think
From: Chris Jacob <cjacob () sourcefire com>
Date: Mon, 11 Apr 2011 12:40:16 -0400
RNA and Active Scanners typically play different roles. An active scanner sees a new host, makes a note and starts interrogating it to build a list of vulns. RNA sees a new host and makes note that it's vulnerable to everything until it can prove otherwise. It continues to watch for more information, trimming the vulns as it gains understanding. Why? Because while false positives are annoying, false negatives are unacceptable. That being said, the information gained from both technologies can be extremely complementary. Customers wanted to leverage active scanners, asset management, and other tools to augment the real-time and contextual data provided by RNA. These requests resulted in additional APIs. We love APIs. :) ~chris On Mon, Apr 11, 2011 at 12:17 PM, Albert R. Campa <abcampa () gmail com> wrote:
i guess it would enhance RNA? There is only so much you can detect sniffing traffic passively. If you can import credentialed vuln information, your RNA recommended rules would be pretty tight. On Mon, Apr 11, 2011 at 11:07 AM, Michael Lubinski <michael.lubinski () gmail com> wrote:To trim off the fat, what will importing a NeXpose scan into the 3Dsystemaccomplish. I guess I'm just not familiar enough with the system ingeneralto make the connection here. If anyone could clue me in a bit, even off-list, that would be awesome. Thanks! On Mon, Apr 11, 2011 at 10:49 AM, Gibson, Nathan J. (HSC) <Nathan-Gibson () ouhsc edu> wrote:http://www.rapid7.com/news-events/press-releases/2011/2011-sourcefire.jspGIBBY _____________________________ Nathan J. Gibson, MsIA, CISSP, CISM,CCNA, MCSA IT Architect Infrastructure Services The University of Oklahoma HSC voice: 405.271.2644 x50340 fax: 405.271.2181 Feedback? Email comments to Chris Hodges -------------------------- CONFIDENTIALITY NOTICE: This e-mail communication and any attachmentsmaycontain confidential and privileged information for the use of the designated recipients named above. If you are not the intendedrecipient,you are hereby notified that you have received this communication inerrorand that any review, disclosure, dissemination, distribution or copyingofit or its contents is prohibited. If you have received thiscommunication inerror, please destroy all copies of this communication and anyattachments.------------------------------------------------------------------------------Xperia(TM) PLAY It's a major breakthrough. An authentic gaming smartphone on the nation's most reliable network. And it wants your games. http://p.sf.net/sfu/verizon-sfdev _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users------------------------------------------------------------------------------Xperia(TM) PLAY It's a major breakthrough. An authentic gaming smartphone on the nation's most reliable network. And it wants your games. http://p.sf.net/sfu/verizon-sfdev _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users------------------------------------------------------------------------------ Xperia(TM) PLAY It's a major breakthrough. An authentic gaming smartphone on the nation's most reliable network. And it wants your games. http://p.sf.net/sfu/verizon-sfdev _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
------------------------------------------------------------------------------ Xperia(TM) PLAY It's a major breakthrough. An authentic gaming smartphone on the nation's most reliable network. And it wants your games. http://p.sf.net/sfu/verizon-sfdev
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Rapid7 and Snort....Good Things from this I think Gibson, Nathan J. (HSC) (Apr 11)
- Re: Rapid7 and Snort....Good Things from this I think Michael Lubinski (Apr 11)
- Re: Rapid7 and Snort....Good Things from this I think Jefferson, Shawn (Apr 11)
- Re: Rapid7 and Snort....Good Things from this I think Albert R. Campa (Apr 11)
- Re: Rapid7 and Snort....Good Things from this I think Ray Caparros (Apr 11)
- Re: Rapid7 and Snort....Good Things from this I think Martin Holste (Apr 11)
- Re: Rapid7 and Snort....Good Things from this I think Chris Jacob (Apr 11)
- Re: Rapid7 and Snort....Good Things from this I think Jason Wallace (Apr 11)
- Re: Rapid7 and Snort....Good Things from this I think Joel Esler (Apr 11)
- Re: Rapid7 and Snort....Good Things from this I think Jason Brvenik (Apr 11)
- Re: Rapid7 and Snort....Good Things from this I think Joel Esler (Apr 11)
- Re: Rapid7 and Snort....Good Things from this I think Alan Ptak (Apr 11)
- Problem with snort,oinkmaster, and feed Carney, Megan (Apr 12)
- Re: Rapid7 and Snort....Good Things from this I think Michael Lubinski (Apr 11)