Re: Test Snort with real attacks\packets

[Ian Masters <ian () acces co jp>]

Joel Esler wrote:
> Many of our rules are written to vulnerability, not exploit.  Nessus 
> mostly checks for presence of vulnerability (banner checking) or ability 
> to exploit.  Many times Nessus won't trigger Snort.
>
> Metasploit, being an actual exploitation method, will.

Sorry, yet again my mail didn't go to the list, only the OP.

I threw a default Nessus scan against a vanilla snort sensor yesterday
and it produced 148 alerts in a 10 minute interval.

I've not used Metasploit (yet).

Ian


------------------------------------------------------------------------------
Create and Deploy Rich Internet Apps outside the browser with Adobe(R)AIR(TM)
software. With Adobe AIR, Ajax developers can use existing skills and code to
build responsive, highly engaging applications that combine the power of local
resources and data with the reach of the web. Download the Adobe AIR SDK and
Ajax docs to start building applications today-http://p.sf.net/sfu/adobe-com
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users