Snort mailing list archives
Snort + iptables
From: Bradley M Alexander <storm () tux org>
Date: Sat, 21 Jul 2001 21:31:40 -0400
Hi gang, Given a home user's situation (or at least this particular home user's situation), I have a single point to the outside world, a Linux firewall running 2.4.5. and iptables. I am currently on cablemodem (but when I move, its to dialup country). Its not really feasable for me, especially on a dialup, to place a Snort sensor on the outside of the firewall. I know that Alexander Newald has written Snort2IPTables, but I am less interested in an automated response than I am in capturing packets in my snort db. Is there a way to assimilate iptables logs into the Snort databese? I use gShield and a very restrictive ruleset, and I would like to also see the things that iptables/gShield is dropping. Is there a way to do this? N.B. Jim, beat ya to the punch. :) Thanks, -- --Brad ============================================================================ Bradley M. Alexander, CISSP | Co-Chairman, Beowulf System Admin/Security Specialist | NoVALUG/DCLUG Security SIG Debian/GNU Linux Developer | storm () debian org | storm () tux org ============================================================================ The enemy invariably attacks on two occasions: a. when you're ready for them. b. when you're not ready for them. --Murphy's Laws of Combat _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: http://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Snort + iptables Bradley M Alexander (Jul 21)
- Re: Snort + iptables Ian Jones (Jul 21)
- Re: Snort + iptables Andreas Hasenack (Jul 21)
- Re: Snort + iptables Ian Jones (Jul 21)
- Re: Snort + iptables Andreas Hasenack (Jul 21)
- <Possible follow-ups>
- Re: Snort + iptables SHAIFUL HASHIM (Jul 23)
- Re: Re: Snort + iptables Jason Haar (Jul 23)
- Re: Snort + iptables Ian Jones (Jul 21)