Snort mailing list archives
RE: SHUN
From: "Mike Koponick" <mike () redhawk info>
Date: Tue, 26 Nov 2002 10:58:19 -0800
Frank, Thanks for the info. Mike -----Original Message----- From: Frank Knobbe [mailto:fknobbe () knobbeits com] Sent: Tuesday, November 26, 2002 10:55 AM To: Mike Koponick Cc: snort-users () lists sourceforge net Subject: Re: [Snort-users] SHUN On Tue, 2002-11-26 at 11:48, Mike Koponick wrote:
Does SNORT support adding commands to firewalls? As an example, if I received a BAD packet, I would like to add a filter based on that information to my firewall. I understand that SNORT cannot decide which packets are bad, but I would think we would be able to trace an issue once the command has been executed.
Mike, Snort can do that through the use of SnortSam. SnortSam can shun on Cisco routers and various firewalls. See http://www.snortsam.net for more info. Regarding Snort deciding what is bad, well, Snort is an IDS and it is the job of an IDS to flag certain packets/connections as 'bad' in that sense that they match a signature or a rule. Regards, Frank ------------------------------------------------------- This SF.net email is sponsored by: Get the new Palm Tungsten T handheld. Power & Color in a compact size! http://ads.sourceforge.net/cgi-bin/redirect.pl?palm0002en _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Alerting and Reporting tools Scott, Joshua (Nov 25)
- RE: SHUN ams67 (Dec 02)
- RE: SHUN Frank Knobbe (Dec 02)
- RE: SHUN ams67 (Dec 02)
- Re: SHUN Alberto Gonzalez (Dec 02)
- Re: SHUN Frank Knobbe (Dec 02)
- Re: SHUN Alberto Gonzalez (Dec 03)
- RE: SHUN ams67 (Dec 02)
- Re: SHUN Alberto Gonzalez (Dec 03)
- RE: SHUN Frank Knobbe (Dec 03)
- RE: SHUN ams67 (Dec 03)