Snort mailing list archives
Snort + ipchains
From: Guillaume <guillaume () anteria fr>
Date: Fri, 30 Nov 2001 16:47:40 +0100 (CET)
Hi. Does anybody use the -o option of ipchains to capture REJECTed or DENYied packets and send its to snort for log or analyse action ? How does it work ? (Please send a more detailed answer than just "fine" ! :-)) I would like to enhance my ipchains filter by adding to it this facility: all REJECT or DENY packets are logged "à la tcpdump" and post-analyzed by running snort. Thanks. Guillaume *********************************** Sent with HORDE/IMP (www.horde.org) _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Snort + ipchains Guillaume (Nov 30)
- Re: Snort + ipchains John Sage (Nov 30)
- RE: Snort + ipchains Martijn Heemels (Dec 01)
- Re: Snort + ipchains John Sage (Dec 01)
- RE: Snort + ipchains Martijn Heemels (Dec 01)
- Re: Snort + ipchains John Sage (Dec 01)
- RE: Snort + ipchains Erek Adams (Dec 01)
- Re: Snort + ipchains Ed Wiget (Dec 01)
- RE: Snort + ipchains Martijn Heemels (Dec 01)
- Re: Snort + ipchains John Sage (Nov 30)
- Re: Snort + ipchains John Sage (Dec 01)
- RE: Snort + ipchains John Berkers (Dec 01)