-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On this note - would it be a good idea to create a database of snort fingerprints for each nessus plugin? Maybe developers could submit snort fingerprints for plugins as they are created?
By doing this we are still providing the "whitehat" community with a good scanner to proactively protect themselves and we are minimising the value of this tool to "blackhats" like script kiddies because it becomes easily detectible. Just an idea - I know that it would be a lot of work and may not be worth it. Marc - -----Original Message----- From: Boutwell, George [mailto:[EMAIL PROTECTED]] Sent: Tuesday, 23 April 2002 5:30 AM To: [EMAIL PROTECTED] Subject: Snort detection of Nessus Attacks If you haven't already seen this article it's very interesting read... HackInTheBox has an article about using Snort to detect/analyze Nessus Security Scans on a machine, URL follows. http://www.hackinthebox.org/article.php?sid=6089 -----BEGIN PGP SIGNATURE----- Version: PGP 7.0.4 iQA/AwUBPMSQPSdnO/MUFRaMEQI6tACZAXgQmCZUgGoptYacUj9vyloW8m8AoOux 5uVCS8+Lqbh4hJn24C8BSLWx =lUlw -----END PGP SIGNATURE-----
