Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Kudos for Snort

From: Jim Campbell <jim () w4bqp net>
Date: Mon, 5 Jun 2017 12:28:25 -0400
I have been using Snort configured as an IPS for my small network for several months. I have a dedicated machine wired between my modem and my firewall. I also use a VPN on the machine that I use for internet access.
Several times during the last few months I have experienced attacks lasting a few hours, usually during the small hours of the night. Snort has apparently thwarted these attacks since neither of my two anti-virus packages has complained.
I mentioned my VPN. During the period of the attacks the VPN exited in California. Wondering if a change of scenery might help I changed my exit node to a country overseas. Not only did the Severity 1 events cease (so far) but the Severity 2 and 3 events dropped by an order of magnitude. (I let Snort alert on some harmless packets to assure me that Snort is "on the job".) 

Kudos to those who provide Snort for us.

Jim

--
"We are not human beings having a spiritual experience;
we are spiritual beings having a human experience."
---Pierre Teilhard de Chardin


------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!
Previous By Date Next
Previous By Thread Next

Current thread: