Can I configure my Snort IDS/IPS to detect vulnerability scans from Nessus, openVAS, Metasploit and others?



  • Good afternoon from Singapore,

    Can I configure my Snort IDS/IPS to detect vulnerability scans from
    Nessus, openVAS, metasploit and other vulnerability scanners?

    Which preprocessor and snort rules do I have to turn on?

    I am looking forward to hearing from you.

    Thank you.

    Mr. Turritopsis Dohrnii Teo En Ming



  • Hi,

    You're asking if snort has rules available that can detect "Nessus, openVAS, Metasploit and others" ?
    What about asking them ? https://www.snort.org/documents at the bottom of the page.

    For the 'good' and recent rules, a subscription is needed.



  • I highly recommend a personal subscription to the Snort personal subscription as they're only US$30/year. However, I would also be wary of turning on too many rules at once as it can make a noticeable hit to your throughput speed as well as increased resource usage on your pfSense system.


Log in to reply