Snort mailing list archives
snort & guardian & CISCO routers
From: Ralf Hildebrandt <Ralf.Hildebrandt () charite de>
Date: Tue, 22 Jan 2002 09:11:33 +0100
In order to alleviate the load on our snort/demarc IDS I'd like to use snort & guardian to block hosts portscanning us. Yes, I'm aware of the DoS opportunity here. Anyway: snort logs to a database, but also logs (at least portscans) to a plain text file which can be monitored by guardian. Are there any read-made scripts that create blocklists for CISCO routers? -- Ralf Hildebrandt (Im Auftrag des Referat V A) Ralf.Hildebrandt () charite de Charite Campus Virchow-Klinikum Tel. +49 (0)30-450 570-155 Referat V A - Kommunikationsnetze - Fax. +49 (0)30-450 570-916 Program /n./ 1. A magic spell cast over a computer allowing it to turn one's input into error messages. 2. An exercise in experimental epistemology. 3. A form of art, ostensibly intended for the instruction of computers, which is nevertheless almost inevitably a failure if other programmers can't understand it. - From the Jargon File. _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- snort & guardian & CISCO routers Ralf Hildebrandt (Jan 22)