Snort mailing list archives

Snort IPS Functionality

From: "Dave Raven" <fx () badc0de net>
Date: Wed, 30 Mar 2005 14:23:49 +0200

Hello all,

            I'm interested in using snort on a FreeBSD machine as an IPS.
I've read the docs on the website and as far as I can see the only available
"IPS" functionality exists on Linux, using iptables. Does this actually just
drop the questionable packet - or is it generating firewall rules? And does
any of the IPS functionality work on FreeBSD at all? There was a project a
while ago called Hogwash, which would do exactly what I'm interested in -
but that seems long dead.

 

Thanks in advance

Dave

Current thread:

RE: Snort IPS Functionality Briggs, Bruce (Mar 30)
- Re: Snort IPS Functionality Will Metcalf (Mar 30)
- <Possible follow-ups>
- RE: Snort IPS Functionality Briggs, Bruce (Mar 31)
- Snort IPS Functionality Dave Raven (Mar 31)
  - Re: Snort IPS Functionality Will Metcalf (Mar 30)