Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Pulledpork Modify Rules Automatically

From: Jim Campbell <jim () w4bqp net>
Date: Wed, 14 Jun 2017 21:42:23 -0400
Since I last posted here I ended up formatting my hard drive, installing the latest Ubuntu and installing Snort in IPS mode. However, at the end of the tutorial on http://sublimerobots.com/2016/02/snort-ips-inline-mode-on-ubuntu/ it shows you how to modify the single local rule to drop rather than alert. There is mention of a future page that will tell how to have Pulledpork automatically modify all the rules to drop.
My setup is running in inline mode but so far hasn't reported any packets being flagged. I could sure use some help. 

Thanks,

Jim

--
"We are not human beings having a spiritual experience;
we are spiritual beings having a human experience."
---Pierre Teilhard de Chardin

_______________________________________________
Snort-users mailing list
Snort-users () lists snort org
Go to this URL to change user options or unsubscribe:
https://lists.snort.org/mailman/listinfo/snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!
Previous By Date Next
Previous By Thread Next

Current thread: