Snort mailing list archives

Re: From IDS to IPS

From: Teo En Ming <teo.en.ming () gmail com>
Date: Tue, 8 Apr 2014 05:37:53 +0800

Dear Joel,

Have you posted the manuals which I have written?

Regards,

Teo En Ming


On Tue, Apr 8, 2014 at 4:54 AM, Joel Esler (jesler) <jesler () cisco com>wrote:

 On Apr 7, 2014, at 4:48 PM, James Lay <jlay () slave-tothe-box net> wrote:

On 2014-04-07 10:31, Teo En Ming wrote:

Dear James,

May I know what is nfq?

After reading through your email, I still have no idea how to go
about
converting Snort from IDS to IPS.

Could you write a more detailed manual, covering every single step
along the way?

Teo En Ming


NFQ is the linux netfilter queue...basically you setup snort and
netfilter to instead of detect, to block.  I've sent Joel a writeup on
it.



 Just posted:

 http://www.snort.org/docs

 --
*Joel Esler*
Open Source Manager
Threat Intelligence Team Lead
Vulnerability Research Team



------------------------------------------------------------------------------
Put Bad Developers to Shame
Dominate Development with Jenkins Continuous Integration
Continuously Automate Build, Test & Deployment
Start a new project now. Try Jenkins in the cloud.
http://p.sf.net/sfu/13600_Cloudbees
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest
Snort news!

------------------------------------------------------------------------------
Put Bad Developers to Shame
Dominate Development with Jenkins Continuous Integration
Continuously Automate Build, Test & Deployment 
Start a new project now. Try Jenkins in the cloud.
http://p.sf.net/sfu/13600_Cloudbees

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!

Current thread:

From IDS to IPS James Lay (Apr 07)
- Re: From IDS to IPS Teo En Ming (Apr 07)
  - Re: From IDS to IPS James Lay (Apr 07)
    - Re: From IDS to IPS Joel Esler (jesler) (Apr 07)
    - Re: From IDS to IPS Teo En Ming (Apr 07)
    - Re: From IDS to IPS Joel Esler (jesler) (Apr 07)