deploying ClamAV with Snort IDS

[Alan Brennan <alanbrennan1 () gmail com>]

Hi guys,

I wish to deploy Snort in IDS mode (sitting off a tap), but I also want to
have detection of viruses, spyware, malware, etc.

Apparently it is possible to integrate the Clam AntiVirus system with Snort.

However, does Snort have to be deplpoyed in Inline (IPS) mode to avail of
the ClamAV preprocessor? Can I install ClamAV when Snort is running in
passive/IDS mode?

Also, can ClamAV module be used not only to detect viruses or malicious code
but also to drop/block these viruses?

Thanking you inadvance.

Alan

------------------------------------------------------------------------------
The Planet: dedicated and managed hosting, cloud storage, colocation
Stay online with enterprise data centers and the best network in the business
Choose flexible plans and management services without long-term contracts
Personal 24x7 support from experience hosting pros just a phone call away.
http://p.sf.net/sfu/theplanet-com

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users