[Bro] bro not alert nessus attack
fatema bannatwala
fatema.bannatwala at gmail.com
Thu May 24 12:52:00 PDT 2018
Hi Bz Oz,
It depends on what you are testing with nessus and how are you testing it.
Bro should be able to detect scanning, ssh-bruteforce, sql injection,
htp-bruteforce etc. by default.
Hence, if you are scanning the systems from your nessus machine, and if Bro
is able to sniff that traffic, then scanning get reported in notice.log
file.
It might not able to detect all the attacks that you launch from nessus,
unless you have custom scripts/plugins installed in Bro.
Fatema.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20180524/312a7b90/attachment.html
More information about the Bro
mailing list