Snort mailing list archives
Re: snort 2.9.0.3 flexresp3 and active-response
From: Russ Combs <rcombs () sourcefire com>
Date: Wed, 2 Feb 2011 12:52:10 -0500
On Tue, Feb 1, 2011 at 10:33 AM, Michael Scheidell < michael.scheidell () secnap com> wrote:
I noticed that starting with snort 2.9.* there are seemly two configure flags that affect flexresp. a) --enable-flexresp3 (similar to 2.8.6.1 flexrep and flexrep2) but there is a new one: b) --enable-active-response Q for ports/rpm maintainers: if user enabled flexresp3 during compile time, should we also enable active-response? is there any reason to enable one without the other? it appears to me that you would want both or none.
That makes sense to me. And neither will generate responses without additional configuration so no harm done.
-- Michael Scheidell, CTO o: 561-999-5000 d: 561-948-2259 ISN: 1259*1300*| *SECNAP Network Security Corporation- Certified SNORT Integrator - 2008-9 Hot Company Award Winner, World Executive Alliance - Five-Star Partner Program 2009, VARBusiness - Best in Email Security,2010: Network Products Guide - King of Spam Filters, SC Magazine 2008 ------------------------------ This email has been scanned and certified safe by SpammerTrap®. For Information please see http://www.secnap.com/products/spammertrap/ ------------------------------ ------------------------------------------------------------------------------ Special Offer-- Download ArcSight Logger for FREE (a $49 USD value)! Finally, a world-class log management solution at an even better price-free! Download using promo code Free_Logger_4_Dev2Dev. Offer expires February 28th, so secure your free ArcSight Logger TODAY! http://p.sf.net/sfu/arcsight-sfd2d _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
------------------------------------------------------------------------------ Special Offer-- Download ArcSight Logger for FREE (a $49 USD value)! Finally, a world-class log management solution at an even better price-free! Download using promo code Free_Logger_4_Dev2Dev. Offer expires February 28th, so secure your free ArcSight Logger TODAY! http://p.sf.net/sfu/arcsight-sfd2d
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- snort 2.9.0.3 flexresp3 and active-response Michael Scheidell (Feb 01)
- Re: snort 2.9.0.3 flexresp3 and active-response Russ Combs (Feb 02)
- Re: snort 2.9.0.3 flexresp3 and active-response Michael Scheidell (Feb 02)
- Re: snort 2.9.0.3 flexresp3 and active-response Russ Combs (Feb 02)
- Re: snort 2.9.0.3 flexresp3 and active-response Michael Scheidell (Feb 02)
- Re: snort 2.9.0.3 flexresp3 and active-response Russ Combs (Feb 02)