Snort mailing list archives
Re: Is IPTables blocking Snort detection?
From: Dirk Geschke <Dirk_Geschke () genua de>
Date: Mon, 19 Jan 2004 17:22:09 +0100
Hi Stephen,
If I've got everything firewalled on my Linux-Snort box using IPTables except for SSH, will that limit what Snort (and the promiscuous mode NIC) is able to see & detect? Just curious... Thanks!
snort will detect traffic before iptables will block them. But however nearly every rule contains the keyword "established" so you won't see any attacks triggered by these rules. Best regards Dirk ------------------------------------------------------- The SF.Net email is sponsored by EclipseCon 2004 Premiere Conference on Open Tools Development and Integration See the breadth of Eclipse activity. February 3-5 in Anaheim, CA. http://www.eclipsecon.org/osdn _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Is IPTables blocking Snort detection? Stephen W. Corey - 5535 (Jan 19)
- Re: Is IPTables blocking Snort detection? Dirk Geschke (Jan 19)
- Message not available
- Re: Is IPTables blocking Snort detection? Matt Kettler (Jan 19)