Snort mailing list archives
Re: Snort vulnerability scan detection
From: Eric G <eric () nixwizard net>
Date: Mon, 14 Apr 2014 11:26:07 -0400
On Apr 14, 2014 11:19 AM, "Teo En Ming" <teo.en.ming () gmail com> wrote:
Hi, I ran both nessus and nmap scans. Snort is unable to detect these scans.
Teo I believe you really need to stop assuming Snort is the problem... it's very, very likely configuration issues or some issue with the way you're feeding data to Snort that is the problem. Are you only feeding data to Snort on the inside of your network? Is there a firewall blocking traffic on the outside, and that's why Snort doesn't see the traffic? If you are feeding outside traffic to Snort, do you have HOME_NET defined correctly, meaning do you have your outside IP addresses included in HOME_NET? -- Eric http://www.linkedin.com/in/ericgearhart
------------------------------------------------------------------------------ Learn Graph Databases - Download FREE O'Reilly Book "Graph Databases" is the definitive new guide to graph databases and their applications. Written by three acclaimed leaders in the field, this first edition is now available. Download your free book today! http://p.sf.net/sfu/NeoTech
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- Snort vulnerability scan detection Rameez Qureshi (Apr 14)
- Re: Snort vulnerability scan detection Nicholas Mavis (nmavis) (Apr 14)
- Re: Snort vulnerability scan detection Teo En Ming (Apr 14)
- Re: Snort vulnerability scan detection Rameez Qureshi (Apr 14)
- Re: Snort vulnerability scan detection Joel Esler (jesler) (Apr 14)
- Re: Snort vulnerability scan detection Teo En Ming (Apr 14)
- Re: Snort vulnerability scan detection Rameez Qureshi (Apr 14)
- Re: Snort vulnerability scan detection Eric G (Apr 14)
- Re: Snort vulnerability scan detection Teo En Ming (Apr 14)
- Re: Snort vulnerability scan detection waldo kitty (Apr 14)
- Re: Snort vulnerability scan detection Teo En Ming (Apr 14)
- Re: Snort vulnerability scan detection waldo kitty (Apr 14)
- Re: Snort vulnerability scan detection Leonardo Pezente (Apr 15)
- Re: Snort vulnerability scan detection Nicholas Mavis (nmavis) (Apr 14)