Snort mailing list archives

Snort alerts

From: Pildesapo2 via Snort-sigs <snort-sigs () lists snort org>
Date: Mon, 21 May 2018 09:40:32 -0400

Hello,

Currently I am trying to setup Snort 2.9.11. The problem is that snort is not detecting any nmap scans nor metasploit 
attacks. Adding a simple ICMP rule works though. Both community and registered rulesets are added and loaded into Snort.

Setup:
Virtualbox environment (1 attack VM, 1 victim VM) with snort on the host machine, listening on vboxnet4 on which the 
victim VM receives nmap and metasploit attacks.

Snort start command:
$ sudo snort -c /etc/snort/snort.conf -l /var/log/snort/test5 -A full -i vboxnet4 -k none -de

My question is: why aren't any alerts triggered on the nmap or metasploit attacks.

_______________________________________________
Snort-sigs mailing list
Snort-sigs () lists snort org
https://lists.snort.org/mailman/listinfo/snort-sigs

Please visit http://blog.snort.org for the latest news about Snort!

Please follow these rules: https://snort.org/faq/what-is-the-mailing-list-etiquette

Visit the Snort.org to subscribe to the official Snort ruleset, make sure to stay up to date to catch the most <a 
href=" https://snort.org/downloads/#rule-downloads";>emerging threats</a>!

Current thread:

Snort alerts Pildesapo2 via Snort-sigs (May 21)