Snort mailing list archives
Re: Barnyard2 and Snortsam for 2.9.7.0
From: "Joel Esler (jesler)" <jesler () cisco com>
Date: Mon, 15 Dec 2014 13:06:59 +0000
Afaik, you don't need to add anything to Snort anymore. It's built into barnyard2 -- Joel Esler Sent from my iPhone On Dec 15, 2014, at 8:02 AM, Ian <snort_list () fishnet co uk<mailto:snort_list () fishnet co uk>> wrote: On 12/12/2014 16:28, Shirkdog wrote: Good ole' SnortSam. It was a great way to create custom actions and update your firewall config once a specific alert triggered. With DAQ and the ability to block in an IPS fashion, I am not sure if anyone is still using it. --- Michael Shirk Hi, We use snortsam extensively here. Its useful to send out blocks to other networks that have not yet seen attacks. We run it as a daemon though, not compiled into snort. Regards Ian -- On Fri, Dec 12, 2014 at 10:53 AM, Sec_Aficionado <secaficionado () gmail com<mailto:secaficionado () gmail com>> wrote: Hello there, I was looking through Barnyard2's barnyard2.conf file and noticed the section under # alert fw_sam: allow blocking of IP's through remote services However, I can't find a Snortsam version for snort later than 2.9.5.3 Does anyone here know if the project changed name or moved somewhere else for newer snort versions? As usual, thanks in advance! Sent from my mobile Any weird stuff in the message above is autocorrect's fault ------------------------------------------------------------------------------ ------------------------------------------------------------------------------ Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server from Actuate! Instantly Supercharge Your Business Reports and Dashboards with Interactivity, Sharing, Native Excel Exports, App Integration & more Get technology previously reserved for billion-dollar corporations, FREE http://pubads.g.doubleclick.net/gampad/clk?id=164703151&iu=/4140/ostg.clktrk _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net<mailto:Snort-users () lists sourceforge net> Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
------------------------------------------------------------------------------ Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server from Actuate! Instantly Supercharge Your Business Reports and Dashboards with Interactivity, Sharing, Native Excel Exports, App Integration & more Get technology previously reserved for billion-dollar corporations, FREE http://pubads.g.doubleclick.net/gampad/clk?id=164703151&iu=/4140/ostg.clktrk
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- Barnyard2 and Snortsam for 2.9.7.0 Sec_Aficionado (Dec 12)
- Re: Barnyard2 and Snortsam for 2.9.7.0 Shirkdog (Dec 12)
- Re: Barnyard2 and Snortsam for 2.9.7.0 Ian (Dec 15)
- Re: Barnyard2 and Snortsam for 2.9.7.0 Joel Esler (jesler) (Dec 15)
- Re: Barnyard2 and Snortsam for 2.9.7.0 Sec_Aficionado (Dec 15)
- Re: Barnyard2 and Snortsam for 2.9.7.0 Ian (Dec 15)
- Re: Barnyard2 and Snortsam for 2.9.7.0 Shirkdog (Dec 12)