Can I configure my Snort IDS/IPS to detect vulnerability scans from Nessus, openVAS, Metasploit and others?
Good afternoon from Singapore,
Can I configure my Snort IDS/IPS to detect vulnerability scans from
Nessus, openVAS, metasploit and other vulnerability scanners?
Which preprocessor and snort rules do I have to turn on?
I am looking forward to hearing from you.
Mr. Turritopsis Dohrnii Teo En Ming
Gertjan last edited by
You're asking if snort has rules available that can detect "Nessus, openVAS, Metasploit and others" ?
What about asking them ? https://www.snort.org/documents at the bottom of the page.
For the 'good' and recent rules, a subscription is needed.
I highly recommend a personal subscription to the Snort personal subscription as they're only US$30/year. However, I would also be wary of turning on too many rules at once as it can make a noticeable hit to your throughput speed as well as increased resource usage on your pfSense system.