RE: Snort ---- Not Blocking Connection

["Rich Stryker" <rstryker () virtuallearning net>]

Sorry, please disregard my last entry. I will just read and observe until I know more. :-) But once you know how to do 
this please let me know. I would be interested in setting something like this up on my network. Does it work on W2K?
 
Rich
 
 
-----Original Message-----
From: Rich Stryker 
Sent: Friday, January 03, 2003 9:03 AM
To: snort-users () lists sourceforge net
Subject: RE: [Snort-users] Snort ---- Not Blocking Connection
 
I don't think SNORT is capable of shutting down connections. It is just an observer to the network traffic. Aren't you 
looking for a Firewall solution that corresponds with an IDS in order to shutdown specific traffic as it occurs?
 
Rich
 
-----Original Message-----
From: Atul Shrivastava [mailto:atulsh () hclinsys com]
Sent: Thursday, January 02, 2003 11:34 PM
To: snort-users () lists sourceforge net
Subject: [Snort-users] Snort ---- Not Blocking Connection
Importance: High
 
Hello All,
 
I have compiled snort with Flexresp and made rules such that if a rule is met then rest: rst_all ...... but snort is 
not blocking connection... It is detecting rule and generating alerts but can't block the connection. Can anyone solve 
my problem. I want to know how can I block certain connection detected by my snort sensor.
Thanks in advance.

Regards and have a nice day,
                           Atul Shrivastava
                           Info Structure Services
                           HCL INFOSYSTEMS LTD.
                           E - 4,5,6 Sector XI,
                           Noida - 201301
                           Tel: 91-120-2526910,2443013