Snort mailing list archives
Re: From IDS to IPS
From: "Joel Esler (jesler)" <jesler () cisco com>
Date: Mon, 7 Apr 2014 20:54:04 +0000
On Apr 7, 2014, at 4:48 PM, James Lay <jlay () slave-tothe-box net<mailto:jlay () slave-tothe-box net>> wrote: On 2014-04-07 10:31, Teo En Ming wrote: Dear James, May I know what is nfq? After reading through your email, I still have no idea how to go about converting Snort from IDS to IPS. Could you write a more detailed manual, covering every single step along the way? Teo En Ming NFQ is the linux netfilter queue...basically you setup snort and netfilter to instead of detect, to block. I've sent Joel a writeup on it. Just posted: http://www.snort.org/docs -- Joel Esler Open Source Manager Threat Intelligence Team Lead Vulnerability Research Team
------------------------------------------------------------------------------ Put Bad Developers to Shame Dominate Development with Jenkins Continuous Integration Continuously Automate Build, Test & Deployment Start a new project now. Try Jenkins in the cloud. http://p.sf.net/sfu/13600_Cloudbees
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- From IDS to IPS James Lay (Apr 07)
- Re: From IDS to IPS Teo En Ming (Apr 07)
- Re: From IDS to IPS James Lay (Apr 07)
- Re: From IDS to IPS Joel Esler (jesler) (Apr 07)
- Re: From IDS to IPS Teo En Ming (Apr 07)
- Re: From IDS to IPS Joel Esler (jesler) (Apr 07)
- Re: From IDS to IPS James Lay (Apr 07)
- Re: From IDS to IPS Teo En Ming (Apr 07)