Snort mailing list archives
RE: RE: [Snort-devel] IDS vs IPS
From: Tom Van Overbeke <tvanoverbeke () ccncsi net>
Date: Fri, 22 Aug 2003 15:36:12 +0200
What about: if snort sees a scan, send back a RST to the offending ip adress to terminate the connection ? I heard once that this was possible, any idea how ? tom. -----Original Message----- From: snort-users-admin () lists sourceforge net [mailto:snort-users-admin () lists sourceforge net]On Behalf Of Robert Wagner Sent: 21 August 2003 15:12 To: 'Vkmobile () aol com'; snort-devel () lists sourceforge net Cc: snort-users () lists sourceforge net Subject: [Snort-users] RE: [Snort-devel] IDS vs IPS What is your definition of an IPS, or what do you want it to do? Example: I want snort to run on the public side of my network, when it sees a scan or critical attack, it will notify my firewall (make, model) and add a blocking rule for the attacker. -----Original Message----- From: Vkmobile () aol com [mailto:Vkmobile () aol com] Sent: Wednesday, August 20, 2003 11:10 AM To: snort-devel () lists sourceforge net Cc: snort-users () lists sourceforge net Subject: [Snort-devel] IDS vs IPS So is Snort an IDS or an IPS (Intrusion Prevention) or both? Also, how can an IDS be converted to an IPS? Can someone point me in the right direction such as an FAQ or some website where i can read and learn? Thank you. **************************************************************************** Disclaimer: This electronic transmission and any files attached to it are strictly confidential and intended solely for the addressee. If you are not the intended addressee, you must not disclose, copy or take any action in reliance of this transmission. If you have received this transmission in error, please notify the sender by return and delete the transmission. Although the sender endeavors to maintain a computer virus free network, the sender does not warrant that this transmission is virus-free and will not be liable for any damages resulting from any virus transmitted. Thank You. ****************************************************************************
Current thread:
- Re: Re: [Snort-devel] IDS vs IPS Mark Teicher (Aug 22)
- <Possible follow-ups>
- RE: [Snort-devel] IDS vs IPS Robert Wagner (Aug 22)
- RE: RE: [Snort-devel] IDS vs IPS Tom Van Overbeke (Aug 22)
- RE: Re: [Snort-devel] IDS vs IPS Bob Walder (Aug 22)
- RE: Re: [Snort-devel] IDS vs IPS Frank Knobbe (Aug 22)
- Re: Re: [Snort-devel] IDS vs IPS Jason (Aug 27)
- Re: Re: [Snort-devel] IDS vs IPS Stevo (Aug 27)
- Re: Re: [Snort-devel] IDS vs IPS Frank Knobbe (Aug 27)
- RE: Re: [Snort-devel] IDS vs IPS Gordon Cunningham (Aug 27)
- RE: Re: [Snort-devel] IDS vs IPS Frank Knobbe (Aug 27)
- RE: Re: [Snort-devel] IDS vs IPS twig les (Aug 27)
- RE: Re: [Snort-devel] IDS vs IPS Frank Knobbe (Aug 27)
- RE: Re: [Snort-devel] IDS vs IPS Mark Teicher (Aug 28)