Snort mailing list archives
Re: Test Snort with real attacks\packets
From: Ian Masters <ian () acces co jp>
Date: Tue, 10 Feb 2009 10:16:11 +0900
Joel Esler wrote:
Many of our rules are written to vulnerability, not exploit. Nessus mostly checks for presence of vulnerability (banner checking) or ability to exploit. Many times Nessus won't trigger Snort. Metasploit, being an actual exploitation method, will.
Sorry, yet again my mail didn't go to the list, only the OP. I threw a default Nessus scan against a vanilla snort sensor yesterday and it produced 148 alerts in a 10 minute interval. I've not used Metasploit (yet). Ian ------------------------------------------------------------------------------ Create and Deploy Rich Internet Apps outside the browser with Adobe(R)AIR(TM) software. With Adobe AIR, Ajax developers can use existing skills and code to build responsive, highly engaging applications that combine the power of local resources and data with the reach of the web. Download the Adobe AIR SDK and Ajax docs to start building applications today-http://p.sf.net/sfu/adobe-com _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Test Snort with real attacks\packets Itay Dagan (Feb 08)
- Test Snort with real attacks\packets Itay Dagan (Feb 08)
- Re: Test Snort with real attacks\packets Richard Bejtlich (Feb 08)
- Message not available
- Re: Test Snort with real attacks\packets Ryan Jordan (Feb 09)
- Re: Test Snort with real attacks\packets Joel Esler (Feb 09)
- Message not available
- Message not available
- Re: Test Snort with real attacks\packets Ian Masters (Feb 09)
- Message not available
- Re: Test Snort with real attacks\packets Richard Bejtlich (Feb 12)