Snort Capabilities

[Kyle Cummings <cummings.kyle.m () gmail com>]

I was wondering if Snort is capable of either of the following:

   1. Deny / terminate requests based on the geographic location of the IP.
   2. Detect and "block" potential DoS / DDoS attacks.

I've tried reading around, and came across several
security.stackexchange.com posts, but they all seem to be from 2013 or
older, and I would imagine that Snort would have evolved significantly
since then.

I know that the former can technically be done by a list of firewall rules.
However, typing and / or maintaining such a list manually is pretty much
pure insanity. So, is there any other method with Snort? Or would I have to
either enter things in manually into the configuration file or maybe write
a script that does it for me?

--
Thanks,
*Kyle M. Cummings*

------------------------------------------------------------------------------
What NetFlow Analyzer can do for you? Monitors network bandwidth and traffic
patterns at an interface-level. Reveals which users, apps, and protocols are 
consuming the most bandwidth. Provides multi-vendor support for NetFlow, 
J-Flow, sFlow and other flows. Make informed decisions using capacity 
planning reports. https://ad.doubleclick.net/ddm/clk/305295220;132659582;e

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!