Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Can someone show an example how to force snort block ssh bruteforce?

From: kay <kay.diam () gmail com>
Date: Mon, 23 Apr 2012 11:06:13 +0400
What do you mean? Snort is an IPS, OSSEC is an IDS. Are you treing to tell
me that I can use snort in inline mode reading OSSEC logs?

20 апреля 2012 г. 21:02 пользователь Ian Bowers <iggdawg () gmail com> написал:


If running inline isn't an option, you can couple snort with software like
OSSEC (free and awesome if you've never used it) and use it's active
response routines to send shuns to firewalls or that sort of thing.


------------------------------------------------------------------------------
For Developers, A Lot Can Happen In A Second.
Boundary is the first to Know...and Tell You.
Monitor Your Applications in Ultra-Fine Resolution. Try it FREE!
http://p.sf.net/sfu/Boundary-d2dvs2

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!
Previous By Date Next
Previous By Thread Next

Current thread: