Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Help! I ran Nessus Vulnerability Scanner against my Public IP and No Alerts showed up on my Snort IDS box!

From: Bjoern Meier <bjoern.meier () gmail com>
Date: Mon, 7 Apr 2014 21:33:37 +0200
hi,


2014-04-07 21:19 GMT+02:00 Teo En Ming <teo.en.ming () gmail com>:


Question 3: The Nessus vulnerability scanner reported numerous
vulnerabilities. Why are there no alerts in my Snort IDS box at all?



ok, one example:

maybe one version of Apache2 has a security hole. Nessus grabs the banner
and sees that you have this version running.  It does not need to exploit
any of this.
Nessus is just information gathering, not exploiting. Why should Snort
alert this? It's not evil. Many programs are gathering information. Just
like your Browser (Which can show you also the banner on a indexed site).

Greetings,
Björn

------------------------------------------------------------------------------
Put Bad Developers to Shame
Dominate Development with Jenkins Continuous Integration
Continuously Automate Build, Test & Deployment 
Start a new project now. Try Jenkins in the cloud.
http://p.sf.net/sfu/13600_Cloudbees
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!
Previous By Date Next
Previous By Thread Next

Current thread: