Snort mailing list archives
Re: using Snort to audit the firewall
From: Luis Daniel Lucio Quiroz <luis.daniel.lucio () gmail com>
Date: Mon, 14 Jun 2010 16:43:04 -0500
I guess you may do something like this -A FORWARD... rules -j DROP -A FORWARD... rules -j QUEUE your snort shouldnt get any drop rules, Le lundi 14 juin 2010 16:36:43, Cristian Grigoriu a écrit :
Hi guys, I have deployed a firewall using iptables. I would like to employ Snort to audit the firewall by logging any packet which was not suppossed to get through firewall but somehow has escaped. 4 days ago I have posted this question to Snort Newbie forum: https://forums.snort.org/forums/snort-newbies/topics/using-snort-to-audit-m y-own-firewalls How can I achieve this? Is this even possible? Thank you, Cristian Grigoriu --------------------------------------------------------------------------- --- ThinkGeek and WIRED's GeekDad team up for the Ultimate GeekDad Father's Day Giveaway. ONE MASSIVE PRIZE to the lucky parental unit. See the prize list and enter to win: http://p.sf.net/sfu/thinkgeek-promo _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
------------------------------------------------------------------------------ ThinkGeek and WIRED's GeekDad team up for the Ultimate GeekDad Father's Day Giveaway. ONE MASSIVE PRIZE to the lucky parental unit. See the prize list and enter to win: http://p.sf.net/sfu/thinkgeek-promo _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- using Snort to audit the firewall Cristian Grigoriu (Jun 14)
- Re: using Snort to audit the firewall Luis Daniel Lucio Quiroz (Jun 14)