Security Basics mailing list archives
RE: Can snort cut off connections ?
From: "Jordan, Jason D. \"Dallas\"" <Jason.Jordan () honeywell-tsi com>
Date: Tue, 13 Jul 2004 12:35:16 -0400
I know there was a project called Hogwash that used the snort engine and could adjust its rule set to block the ip addresses that set the alarm off. I think it used maybe iptables as the firewall on it and snort would just add a block rule for the offending IP. The only thing was it had to be inline with whatever machine you were protecting. Dallas Jordan MCSE, CCNA, Security+ Electronics Technician II Honeywell Technology Solutions 1010 Bankton Drive Hanahan, SC 29406 843-744-1221 Ext 11 -----Original Message----- From: Juan B [mailto:juanbabi () yahoo com] Sent: Tuesday, July 13, 2004 2:46 AM To: security-basics () securityfocus com Subject: Can snort cut off connections ? Hi, I heard that It is possible to change snort to be active and start droping connections based on predifined roles. is it true ? thanks __________________________________ Do you Yahoo!? New and Improved Yahoo! Mail - Send 10MB messages! http://promotions.yahoo.com/new_mail --------------------------------------------------------------------------- Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off any course! All of our class sizes are guaranteed to be 10 students or less to facilitate one-on-one interaction with one of our expert instructors. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. Visit us at: http://www.infosecinstitute.com/courses/ethical_hacking_training.html ---------------------------------------------------------------------------- --------------------------------------------------------------------------- Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off any course! All of our class sizes are guaranteed to be 10 students or less to facilitate one-on-one interaction with one of our expert instructors. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. Visit us at: http://www.infosecinstitute.com/courses/ethical_hacking_training.html ----------------------------------------------------------------------------
Current thread:
- Can snort cut off connections ? Juan B (Jul 13)
- Re: Can snort cut off connections ? Zoran Perkov (Jul 13)
- Re: Can snort cut off connections ? Dan Daggett (Jul 13)
- RE: Can snort cut off connections ? Jason Haith (Jul 13)
- RE: Can snort cut off connections ? dbs (Jul 15)
- <Possible follow-ups>
- RE: Can snort cut off connections ? Dave Torre (Jul 13)
- RE: Can snort cut off connections ? Jordan, Jason D. "Dallas" (Jul 13)
- Re: Can snort cut off connections ? Michael Sconzo (Jul 14)