cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

641
Views
0
Helpful
0
Replies
Antonio Macia
Participant

NMAP scan vulnerabilities

Hi,

 

In the "Advanced" tab under the "Network Discover" policy  settings, if we set the "keep active identity" results and then we run a NMAP scan on a host, then all the OS related vulnerabilities disappear and are replaced by the results of the ports opened/filtered from the NMAP scan, losing the previous visibility. How will the SNORT engine enforce the necessary IPS rules if the that vulnerability information is not present? What is the benefit then of running a NMAP scan?

 

Regards

0 REPLIES 0
Content for Community-Ad