Re: It is possible to execute NIPS and NIDS together?

["Cynthia Leonard \(cyleonar\) via Snort-users" <snort-users () lists snort org>]

Hi Younes,
If you run Snort in NIPS mode , that should help you detect and block the attacks.  You can initially start with rule 
action as alert, if you want to only view the alerts, then you can change the rule action from alert -> drop if you 
want to block the attacks after taking a look at the alerts.

Regards
Cynthia


From: Snort-users [mailto:snort-users-bounces () lists snort org] On Behalf Of Younes Abderrahmane via Snort-users
Sent: Friday, June 1, 2018 10:15 PM
To: snort-users () lists snort org
Subject: [Snort-users] It is possible to execute NIPS and NIDS together?

Hello everyone ,

Is it possible to install snort in a machine as being NIDS to generate alerts and store them in the database (I have 
already made this stage using Barnyard2  and  MySQL database ) ,
and in the second machine as being NIPS to block the traffic generates by this NIDS?


my goal is to save the alerts in a MySQL database, and then block the attack attempts that generated these alerts.
I do not know if NIDS is able to do these two options (generate alerts and block attacks), that's why I thought about 
using a NIPS with NIDS.
it's possible


Thank you.

_______________________________________________
Snort-users mailing list
Snort-users () lists snort org
Go to this URL to change user options or unsubscribe:
https://lists.snort.org/mailman/listinfo/snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!

Please follow these rules: https://snort.org/faq/what-is-the-mailing-list-etiquette