Snort mailing list archives
Kudos for Snort
From: Jim Campbell <jim () w4bqp net>
Date: Mon, 5 Jun 2017 12:28:25 -0400
I have been using Snort configured as an IPS for my small network for several months. I have a dedicated machine wired between my modem and my firewall. I also use a VPN on the machine that I use for internet access.
Several times during the last few months I have experienced attacks lasting a few hours, usually during the small hours of the night. Snort has apparently thwarted these attacks since neither of my two anti-virus packages has complained.
I mentioned my VPN. During the period of the attacks the VPN exited in California. Wondering if a change of scenery might help I changed my exit node to a country overseas. Not only did the Severity 1 events cease (so far) but the Severity 2 and 3 events dropped by an order of magnitude. (I let Snort alert on some harmless packets to assure me that Snort is "on the job".)
Kudos to those who provide Snort for us. Jim -- "We are not human beings having a spiritual experience; we are spiritual beings having a human experience." ---Pierre Teilhard de Chardin ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- Kudos for Snort Jim Campbell (Jun 05)
- Re: Kudos for Snort James Lay (Jun 06)
- Re: Kudos for Snort Joel Esler (jesler) (Jun 06)
- Re: Kudos for Snort James Lay (Jun 06)