Security Basics mailing list archives
Re: Re: IDS-IPS Recommendations
From: "David Almada" <dalmada () sisp cv>
Date: Fri, 19 Oct 2007 14:37:40 -0100
You can use it as an IPS also.You need to use it with IPtables statefull firewal, or ebtables. You have to do some minor work configuring the system and the run snort with -Q flag ( Snort inline). It will drop malicious traffic as you wish.
You can configure it to be stealth, meaning invisible on the network. david----- Original Message ----- From: <rohnskii () gmail com>
To: <security-basics () securityfocus com> Sent: Friday, October 19, 2007 6:47 AM Subject: Re: Re: IDS-IPS Recommendations
Dave, I've know you can use Snort as an IDS, how do you use it as an IPS? Or did you mean IDS and was IPS a typo?
Current thread:
- IDS-IPS Recommendations Al Cooper (Oct 18)
- Re: IDS-IPS Recommendations jeffrey rivero (Oct 18)
- RE: IDS-IPS Recommendations Al Cooper (Oct 18)
- Re: IDS-IPS Recommendations jeffrey rivero (Oct 18)
- RE: IDS-IPS Recommendations Al Cooper (Oct 18)
- RE: IDS-IPS Recommendations Campa, Albert R. (Oct 18)
- Re: IDS-IPS Recommendations David Almada (Oct 18)
- <Possible follow-ups>
- Re: IDS-IPS Recommendations rohnskii (Oct 19)
- Re: Re: IDS-IPS Recommendations rohnskii (Oct 19)
- Re: Re: IDS-IPS Recommendations David Almada (Oct 19)
- Re: Re: IDS-IPS Recommendations Emanuel Marufo (Oct 22)
- Re: Re: IDS-IPS Recommendations David Almada (Oct 19)
- Re: IDS-IPS Recommendations jeffrey rivero (Oct 18)