Re: Daq module for wndows

[waldo kitty <wkitty42 () windstream net>]

On 12/8/2014 2:03 PM, Argcyborg wrote:
> Thanks Joel for the replay, do u know any other way to drop a packet with and
> specific string in windows ?
>
> Now I can alert if the packet enters, but can´t drop it.
>
> Im using an app that not work in a Unix based OS.

why do you have to run snort on that winwhatever box? why not place a *nix based 
snort box between the winwhatever box and the rest of the network? then you can 
drop block or even swizzle the traffic in most any way you please ;)

you'd need another machine with two NICs which you would set for snort to bond 
together with you run it inline... possibly a third NIC for management unless 
you prefer to ssh in or use the local console to manage it...

-- 
  NOTE: No off-list assistance is given without prior approval.
        Please *keep mailing list traffic on the list* unless
        private contact is specifically requested and granted.

------------------------------------------------------------------------------
Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server
from Actuate! Instantly Supercharge Your Business Reports and Dashboards
with Interactivity, Sharing, Native Excel Exports, App Integration & more
Get technology previously reserved for billion-dollar corporations, FREE
http://pubads.g.doubleclick.net/gampad/clk?id=164703151&iu=/4140/ostg.clktrk
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!