Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Need Rules for blocking IP's

From: "Al Lewis (allewi)" <allewi () cisco com>
Date: Fri, 26 Feb 2016 12:02:11 +0000
Hello,


Please refer to the snort manual for more detailed information and check out the README files included.

Section on active response.

http://manual.snort.org/node26.html





Albert Lewis
QA Software Engineer
SOURCEfire, Inc. now part of Cisco
9780 Patuxent Woods Drive
Columbia, MD 21046
Phone: (office) 443.430.7112
Email: allewi () cisco com

From: ARUN LAL [mailto:arunlal7701 () gmail com]
Sent: Friday, February 26, 2016 6:23 AM
To: Snort-sigs () lists sourceforge net
Subject: [Snort-sigs] Need Rules for blocking IP's

Hi All,

I need some snort rules to block attacker IP. Let us know how to write a custom rule to block the attacker IP in 
firewall. Could you mention the file where we need to make the changes in order to block the attacker IP? If there is 
any rule for blocking IP then please provide us. It will be very helpful for us.
Thanks in advance
Arunlal

------------------------------------------------------------------------------
Site24x7 APM Insight: Get Deep Visibility into Application Performance
APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
Monitor end-to-end web transactions and take corrective actions now
Troubleshoot faster and improve end-user experience. Signup Now!
http://pubads.g.doubleclick.net/gampad/clk?id=272487151&iu=/4140
_______________________________________________
Snort-sigs mailing list
Snort-sigs () lists sourceforge net
https://lists.sourceforge.net/lists/listinfo/snort-sigs
http://www.snort.org


Please visit http://blog.snort.org for the latest news about Snort!
Previous By Date Next
Previous By Thread Next

Current thread: