RE: Can snort cut off connections ?
From: Jordan, Jason D. \ (Jason.Jordan_at_honeywell-tsi.com)
Date: 07/13/04
- Previous message: SNAIL945: "RE: Anti-Virus on web facing servers??"
- Maybe in reply to: Juan B: "Can snort cut off connections ?"
- Next in thread: Michael Sconzo: "Re: Can snort cut off connections ?"
- Reply: Michael Sconzo: "Re: Can snort cut off connections ?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: 'Juan B' <juanbabi@yahoo.com>, "'security-basics@securityfocus.com'" <security-basics@securityfocus.com> Date: Tue, 13 Jul 2004 12:35:16 -0400
I know there was a project called Hogwash that used the snort engine and could adjust its rule set to block the ip addresses that set the alarm off. I think it used maybe iptables as the firewall on it and snort would just add a block rule for the
offending IP. The only thing was it had to be inline with whatever machine you were protecting.
Dallas Jordan MCSE, CCNA, Security+
Electronics Technician II
Honeywell Technology Solutions
1010 Bankton Drive
Hanahan, SC 29406
843-744-1221 Ext 11
-----Original Message-----
From: Juan B [mailto:juanbabi@yahoo.com]
Sent: Tuesday, July 13, 2004 2:46 AM
To: security-basics@securityfocus.com
Subject: Can snort cut off connections ?
Hi,
I heard that It is possible to change snort to be
active and start droping connections based on
predifined roles. is it true ?
thanks
__________________________________
Do you Yahoo!?
New and Improved Yahoo! Mail - Send 10MB messages!
http://promotions.yahoo.com/new_mail
---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off
any course! All of our class sizes are guaranteed to be 10 students or less
to facilitate one-on-one interaction with one of our expert instructors.
Attend a course taught by an expert instructor with years of in-the-field
pen testing experience in our state of the art hacking lab. Master the skills
of an Ethical Hacker to better assess the security of your organization.
Visit us at:
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------
---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off
any course! All of our class sizes are guaranteed to be 10 students or less
to facilitate one-on-one interaction with one of our expert instructors.
Attend a course taught by an expert instructor with years of in-the-field
pen testing experience in our state of the art hacking lab. Master the skills
of an Ethical Hacker to better assess the security of your organization.
Visit us at:
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------
- Previous message: SNAIL945: "RE: Anti-Virus on web facing servers??"
- Maybe in reply to: Juan B: "Can snort cut off connections ?"
- Next in thread: Michael Sconzo: "Re: Can snort cut off connections ?"
- Reply: Michael Sconzo: "Re: Can snort cut off connections ?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
