RE: Snort inline and iptables
From: Soi, Dhruv (dsoi_at_ipolicynetworks.com)
Date: 08/22/05
- Previous message: Michal Melewski: "Re: Snort inline and iptables"
- Maybe in reply to: afshinlamei_at_gmail.com: "Snort inline and iptables"
- Next in thread: Ratnakumar C H: "Re: Snort inline and iptables"
- Reply: Ratnakumar C H: "Re: Snort inline and iptables"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 22 Aug 2005 16:04:49 +0530 To: <afshinlamei@gmail.com>, <focus-ids@securityfocus.com>
>Dear all,
>1- can i use snort inline+iptables in router (no bridge) mode under linux?
Snippet copied from one of the mail that I received from mailing list.
-------------------------------------------------------
There are active-response modules for Snort available.
Snort can do content-detection; with active response, the packets could
be dropped / filtered / redirected.
Michael T. Bab***
Triple PC Ltd.
-------------------------------------------------------
To use it with IPTABLES you need to patch the kernel and netfilter to support Hex search.
Thanks
Dhruv
------------------------------------------------------------------------
Test Your IDS
Is your IDS deployed correctly?
Find out quickly and easily by testing it
with real-world attacks from CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708
to learn more.
------------------------------------------------------------------------
- Previous message: Michal Melewski: "Re: Snort inline and iptables"
- Maybe in reply to: afshinlamei_at_gmail.com: "Snort inline and iptables"
- Next in thread: Ratnakumar C H: "Re: Snort inline and iptables"
- Reply: Ratnakumar C H: "Re: Snort inline and iptables"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
