RE: problem with snort...

["Patrick Harper" <patrick () internetsecurityguru com>]

First, you should reply to the list not to the only to the person.  It gets
archived and if someone is trying to so what you are doing they can google
the answer.

Second, I have no idea on that.  Snort-inline can sort of do that from what
I know of the product, are you talking about redirecting to a honeypot or
something?  



Patrick S. Harper | CISSP RHCT MCSE
www.internetsecurityguru.com 

In a world of compromise, some don't.


-----Original Message-----
From: tommy garsia [mailto:tommy_garsia () yahoo com] 
Sent: Saturday, June 04, 2005 4:12 AM
To: Patrick Harper
Subject: RE: [Snort-users] problem with snort...

Hello,

It is not about the iptables...
I want to switch the connection...of course including
all packets..the switching because the packet trying
offend me..so, what should i do with my snort?
what should i do with the configuration so i can
switch the connection to the specific IP..

regards,

tommy

--- Patrick Harper <patrick () internetsecurityguru com>
wrote:

> Huh?  Sounds like NAT to me.  You may want to look
> at IP tables.  You might
> want to give us a little better idea what you really
> want to do. Send
> detailed descriptions, pictures, diagrams, cave
> drawings, something. 
>
> You did not mention why it would switch, is it just
> because there is a
> packet or did this packet offend you?  If every
> packet would be switched,
> what would trigger the switch.  Shoot, maybe a
> badminton racquet to swat the
> packets from one machine to the other will work
> (picturing that in my head
> it looks real funny) would work.  Please provide
> more details as to what you
> would like to do and if Snort can do it I am sure
> this list can help point
> you in the right direction.
>
>
>
> Patrick S. Harper | CISSP RHCT MCSE
> www.internetsecurityguru.com 
>
> In a world of compromise, some don't.



                
__________________________________ 
Discover Yahoo! 
Use Yahoo! to plan a weekend, have fun online and more. Check it out! 
http://discover.yahoo.com/




-------------------------------------------------------
This SF.Net email is sponsored by: NEC IT Guy Games.  How far can you shotput
a projector? How fast can you ride your desk chair down the office luge track?
If you want to score the big prize, get to know the little guy.  
Play to win an NEC 61" plasma display: http://www.necitguy.com/?r=20
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users