On Tue, Apr 23, 2002 at 08:38:26AM +1000, Marc Bown wrote:
>
> On this note - would it be a good idea to create a database of snort
> fingerprints for each nessus plugin? Maybe developers could submit
> snort fingerprints for plugins as they are created?
>
> By doing this we are still providing the "whitehat" community with a
> good scanner to proactively protect themselves and we are minimising
> the value of this tool to "blackhats" like script kiddies because it
> becomes easily detectible.
>
> Just an idea - I know that it would be a lot of work and may not be
> worth it.
The snort guys have been sending me CVE updates recently (thanks Brian!)
so you can use CVE IDs to do Nessus-to-Snort mappings.
-- Renaud
