Re: Snort & iptables on the same box
From: snort user (snort.user_at_gmail.com)
Date: 06/14/05
- Previous message: Kelly Dowd: "Re: Vulnerability & Exploit Signatures"
- In reply to: Jean-Pierre Denis: "Snort & iptables on the same box"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 13 Jun 2005 18:25:04 -0400 To: Jean-Pierre Denis <jp@webglobe.ca>
Iptables has a bunch of rules
one of them will say 'forward to QUEUE'
Snort picks up from this QUEUE and marks it PASS or BLOCK
Iptables actually drops on that decision
Other IPtables rules are not affected
On 6/10/05, Jean-Pierre Denis <jp@webglobe.ca> wrote:
> Hi,
>
>
> When running snort and iptables on the same box, which of the 2 act first ?
>
> Those it go thru snort and then the iptable rule allow or deny the
> connection
> or it's the other way around
>
>
> Merci,
> JP
>
>
> -----------------------------------------
> WebMail Powered by WebGlobe.
> http://www.webglobe.ca
>
>
> --------------------------------------------------------------------------
> Test Your IDS
>
> Is your IDS deployed correctly?
> Find out quickly and easily by testing it with real-world attacks from
> CORE IMPACT.
> Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708
> to learn more.
> --------------------------------------------------------------------------
>
>
--------------------------------------------------------------------------
Test Your IDS
Is your IDS deployed correctly?
Find out quickly and easily by testing it with real-world attacks from
CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708
to learn more.
--------------------------------------------------------------------------
- Previous message: Kelly Dowd: "Re: Vulnerability & Exploit Signatures"
- In reply to: Jean-Pierre Denis: "Snort & iptables on the same box"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
