Snort mailing list archives

RE: Snort IPS Functionality

From: "Briggs, Bruce" <Bruce.Briggs () suny edu>
Date: Wed, 30 Mar 2005 09:05:35 -0500

See this:
http://snort-inline.sourceforge.net/
 
Bruce

  _____  

From: snort-users-admin () lists sourceforge net
[mailto:snort-users-admin () lists sourceforge net] On Behalf Of Dave Raven
Sent: Wednesday, March 30, 2005 7:24 AM
To: snort-users () lists sourceforge net
Subject: [Snort-users] Snort IPS Functionality



Hello all,

            I'm interested in using snort on a FreeBSD machine as an
IPS. I've read the docs on the website and as far as I can see the only
available "IPS" functionality exists on Linux, using iptables. Does this
actually just drop the questionable packet - or is it generating
firewall rules? And does any of the IPS functionality work on FreeBSD at
all? There was a project a while ago called Hogwash, which would do
exactly what I'm interested in - but that seems long dead...

 

Thanks in advance

Dave

Current thread:

RE: Snort IPS Functionality Briggs, Bruce (Mar 30)
- Re: Snort IPS Functionality Will Metcalf (Mar 30)
- <Possible follow-ups>
- RE: Snort IPS Functionality Briggs, Bruce (Mar 31)
- Snort IPS Functionality Dave Raven (Mar 31)
  - Re: Snort IPS Functionality Will Metcalf (Mar 30)