Snort mailing list archives
deploying ClamAV with Snort IDS
From: Alan Brennan <alanbrennan1 () gmail com>
Date: Mon, 1 Feb 2010 17:24:05 +0000
Hi guys, I wish to deploy Snort in IDS mode (sitting off a tap), but I also want to have detection of viruses, spyware, malware, etc. Apparently it is possible to integrate the Clam AntiVirus system with Snort. However, does Snort have to be deplpoyed in Inline (IPS) mode to avail of the ClamAV preprocessor? Can I install ClamAV when Snort is running in passive/IDS mode? Also, can ClamAV module be used not only to detect viruses or malicious code but also to drop/block these viruses? Thanking you inadvance. Alan
------------------------------------------------------------------------------ The Planet: dedicated and managed hosting, cloud storage, colocation Stay online with enterprise data centers and the best network in the business Choose flexible plans and management services without long-term contracts Personal 24x7 support from experience hosting pros just a phone call away. http://p.sf.net/sfu/theplanet-com
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- deploying ClamAV with Snort IDS Alan Brennan (Feb 01)
- Re: deploying ClamAV with Snort IDS Will Metcalf (Feb 01)
- Re: deploying ClamAV with Snort IDS Randal T. Rioux (Feb 01)
- Re: deploying ClamAV with Snort IDS Jason Haar (Feb 01)
- Re: deploying ClamAV with Snort IDS Will Metcalf (Feb 01)
- Re: deploying ClamAV with Snort IDS Will Metcalf (Feb 01)