Snort mailing list archives
Snort-inline vs. SnortSam
From: Adam Kennedy <akennedy () niesc k12 in us>
Date: Thu, 10 Mar 2005 09:03:23 -0500
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Greetings all. I'm trying to figure out which of these would best fit my situation. I'm going to be using oinkmaster to download the VRT rules. I'm also going to be using iptables on a Slackware 10.1 server What I'm trying to do is figure out what method is easiest/best for automatically blocking traffic snort picks up. I've used snortsam before, but re-writing all the rules gets annoying. I've heard that oinkmaster can do this for you based on the sid, but I don't want to have to maintain a list of sid's (as that will get cumbersome as well). Any ideas? Thanks! - -- Northern Indiana ESC Adam Kennedy - akennedy () niesc k12 in us Linux Specialist / Network Administrator Phone: (574) 254-0111 x113 Toll Free: 800-326-5642 Fax: (574) 254-0148 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.0 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFCMFOrV72KWYU3lA0RAr/OAJ9qU6gk6I0mTsauEcNeBwRHEbTTPwCgj9Wa zfFVFBnm/jfl7MF5OfA1CFI= =pYz0 -----END PGP SIGNATURE----- ------------------------------------------------------- SF email is sponsored by - The IT Product Guide Read honest & candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Snort-inline vs. SnortSam Adam Kennedy (Mar 10)
- Re: Snort-inline vs. SnortSam Will Metcalf (Mar 10)
- Re: Snort-inline vs. SnortSam Frank Knobbe (Mar 11)