Snort mailing list archives
Snort Capabilities
From: Kyle Cummings <cummings.kyle.m () gmail com>
Date: Thu, 26 May 2016 15:48:56 -0600
I was wondering if Snort is capable of either of the following: 1. Deny / terminate requests based on the geographic location of the IP. 2. Detect and "block" potential DoS / DDoS attacks. I've tried reading around, and came across several security.stackexchange.com posts, but they all seem to be from 2013 or older, and I would imagine that Snort would have evolved significantly since then. I know that the former can technically be done by a list of firewall rules. However, typing and / or maintaining such a list manually is pretty much pure insanity. So, is there any other method with Snort? Or would I have to either enter things in manually into the configuration file or maybe write a script that does it for me? -- Thanks, *Kyle M. Cummings*
------------------------------------------------------------------------------ What NetFlow Analyzer can do for you? Monitors network bandwidth and traffic patterns at an interface-level. Reveals which users, apps, and protocols are consuming the most bandwidth. Provides multi-vendor support for NetFlow, J-Flow, sFlow and other flows. Make informed decisions using capacity planning reports. https://ad.doubleclick.net/ddm/clk/305295220;132659582;e
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- Snort Capabilities Kyle Cummings (May 26)
- Re: Snort Capabilities wkitty42 (May 26)