Snort mailing list archives
Syntax for alert_unixsock
From: Henrik Sandklef <henrik () sandklef com>
Date: Sat, 09 Jun 2001 01:29:05 +0200
HI ! As a response to portscans I use iptables to drop the ips (that made the portscan). So far I've been doing it every now and the, but I want do it right away when snort finds out about the portscan. I found the alert_unixsock would be useful, to communicate with a simple server/daemon reading from a specified socket and thereafter invoking iptables..... BUT I can't find a description for the syntax of alert_unixsock, does anybody where to find docs fot his? Is alert_unixsock obsoleted or still not implemented? Is there a better way to invoke a program from snort than using alert_unixsock? _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: http://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Syntax for alert_unixsock Henrik Sandklef (Jun 08)