Re: Snort queries

[Ulises Mora Alvarez <uma () geociencias unam mx>]

https://docs.netgate.com/pfsense/en/latest/ids-ips/setup-snort-package.html#managing-blocked-hosts

El vie., 19 de jul. de 2019 a la(s) 11:55, Justin Xavier (
Justin.Xavier () cybertech com) escribió:

> Hi All,
>
>
>
> We are using Netgate Pfsense firewall in our premises with Snort service
> installed. We had some queries regarding the service and need your
> assistance in understanding SNORT.
>
>
>
> 1.      We observed SNORT logs and found many log entries for snort
> events. Is it that SNORT is blocking/dropping all these packets?
>
> 2.      When does SNORT decide to block traffic from a particular IP?
> This is regarding the Blocked hosts.
>
> 3.      How can we determine the blocked hosts from snort logs, as we
> couldn’t find a specific log entry that stated the ip was blocked and added
> to Blocked hosts.
>
>
>
> Regards,
>
> Justin X.
> _______________________________________________
> Snort-users mailing list
> Snort-users () lists snort org
> Go to this URL to change user options or unsubscribe:
> https://lists.snort.org/mailman/listinfo/snort-users
>
>         To unsubscribe, send an email to:
>         snort-users-leave () lists snort org
>
> Please visit http://blog.snort.org to stay current on all the latest
> Snort news!
>
> Please follow these rules:
> https://snort.org/faq/what-is-the-mailing-list-etiquette


-- 
Ulises M. Alvarez
https://sophie.unam.mx/

_______________________________________________
Snort-users mailing list
Snort-users () lists snort org
Go to this URL to change user options or unsubscribe:
https://lists.snort.org/mailman/listinfo/snort-users

        To unsubscribe, send an email to:
        snort-users-leave () lists snort org

Please visit http://blog.snort.org to stay current on all the latest Snort news!

Please follow these rules: https://snort.org/faq/what-is-the-mailing-list-etiquette