Snort mailing list archives
Re: Virtual Machines and Hypervisors
From: "Jefferson, Shawn" <Shawn.Jefferson () bcferries com>
Date: Tue, 29 Jan 2013 10:34:27 -0700
What you want is a Systems Management product. Enumerate applications installed on your assets, lock them down to a standard list, and either disallow anything else, or uninstall it. You may be able to use nmap to discover unauthorized devices, and/or vulnerability scanners to detect unauthorized operating systems/devices. Snort definitely isn't the right tool for this. From: Juan Camilo Valencia [mailto:juan.valencia () seguratec com co] Sent: Tuesday, January 29, 2013 4:59 AM To: snort-users () lists sourceforge net Subject: [Snort-users] Virtual Machines and Hypervisors Hi Guys, I am trying to find a way to ban virtual machines and hypervisors in our network, I made a quicly research and I didn't found anything. Can somebody tell me if exist a way or a method to detect that, one of my ideas is when the VM is configured in NAT mode detect that kind of traffic, but the problem is when the VM is configured in bridge mode. Thanks for your advance, Regards -- JUAN CAMILO VALENCIA VARGAS Ingeniero de Operaciones SeguraTec S.A.S Calle 11 # 43B-50 of 307 MedelllĂn Colombia "Choose a job you love, and you will never have to work a day in your life"
------------------------------------------------------------------------------ Master Visual Studio, SharePoint, SQL, ASP.NET, C# 2012, HTML5, CSS, MVC, Windows 8 Apps, JavaScript and much more. Keep your skills current with LearnDevNow - 3,200 step-by-step video tutorials by Microsoft MVPs and experts. ON SALE this month only -- learn more at: http://p.sf.net/sfu/learnnow-d2d
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- Re: Virtual Machines and Hypervisors, (continued)
- Re: Virtual Machines and Hypervisors Joel Esler (Jan 29)
- Re: Virtual Machines and Hypervisors Juan Camilo Valencia (Jan 30)
- Re: Virtual Machines and Hypervisors Joel Esler (Jan 29)
- Re: Virtual Machines and Hypervisors Juan Camilo Valencia (Jan 29)
- Re: Virtual Machines and Hypervisors Ulric Eriksson (Jan 30)
- Re: Virtual Machines and Hypervisors Juan Camilo Valencia (Jan 30)
- Re: Virtual Machines and Hypervisors Joel Esler (Jan 29)
- Message not available
- Fwd: Re: Virtual Machines and Hypervisors Mikael Keri (Jan 29)
- Re: Virtual Machines and Hypervisors Joel Esler (Jan 29)
- Re: Virtual Machines and Hypervisors mikael keri (Jan 29)
- Re: Virtual Machines and Hypervisors Joel Esler (Jan 29)
- Re: Virtual Machines and Hypervisors Juan Camilo Valencia (Jan 30)
- Fwd: Re: Virtual Machines and Hypervisors Mikael Keri (Jan 29)