Snort mailing list archives
Snort alerts
From: Pildesapo2 via Snort-sigs <snort-sigs () lists snort org>
Date: Mon, 21 May 2018 09:40:32 -0400
Hello, Currently I am trying to setup Snort 2.9.11. The problem is that snort is not detecting any nmap scans nor metasploit attacks. Adding a simple ICMP rule works though. Both community and registered rulesets are added and loaded into Snort. Setup: Virtualbox environment (1 attack VM, 1 victim VM) with snort on the host machine, listening on vboxnet4 on which the victim VM receives nmap and metasploit attacks. Snort start command: $ sudo snort -c /etc/snort/snort.conf -l /var/log/snort/test5 -A full -i vboxnet4 -k none -de My question is: why aren't any alerts triggered on the nmap or metasploit attacks.
_______________________________________________ Snort-sigs mailing list Snort-sigs () lists snort org https://lists.snort.org/mailman/listinfo/snort-sigs Please visit http://blog.snort.org for the latest news about Snort! Please follow these rules: https://snort.org/faq/what-is-the-mailing-list-etiquette Visit the Snort.org to subscribe to the official Snort ruleset, make sure to stay up to date to catch the most <a href=" https://snort.org/downloads/#rule-downloads">emerging threats</a>!
Current thread:
- Snort alerts Pildesapo2 via Snort-sigs (May 21)