Network Security: Detailed info on Re: Integrating iptables with Snort

Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.

Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.

Network Security Firewalls

[Top] [All Lists]

Re: Integrating iptables with Snort

from [Serg Belokamen] Network Security

[Permanent Link]

Subject:	Re: Integrating iptables with Snort
Date:	Thu, 19 May 2005 10:10:29 +1000

There are few scripts on freshmeat.net that do what you want.

If you want to do something like IPS and convert Snort rules to
Netfilter rules, you may also be interested in Netfilters string match
module and once again take a peek at freshmeat.net.

I am 100% sure I have seen something like that there.  On that note,
incase you are building an IPS, make sure you fine tune it, other wise
you will get an very lage ammount of false positivs and lagitimate
traffic loss.

Cheers,
   Serg 

On 18/05/05, Shang Goh <shanggoh@gmail.com> wrote:

Snort-Inline does that already? Or do you mean something else?

Th4r

On 5/17/05, Amir Effat <amireffat@gmail.com> wrote:

Hi all,
I am working on a project about integrating iptables with Snort.
Any hints or suggestions?

Thanks

Amir

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
Integrating iptables with Snort, Amir Effat Re: Integrating iptables with Snort, Shang Goh Re: Integrating iptables with Snort, Serg Belokamen <= Re: Integrating iptables with Snort, Jon D Re: Integrating iptables with Snort, Matt Baker RE: Integrating iptables with Snort, Jeff Dell Re: Integrating iptables with Snort, Bartosz Krajnik Re: Integrating iptables with Snort, Jose Maria Lopez Hernandez

Previous by Date:	RE: Fortigate 100 w/ Websense, Steven Jones
Next by Date:	Re: Nokia FW HA monitoring, nil
Previous by Thread:	Re: Integrating iptables with Snort, Shang Goh
Next by Thread:	Re: Integrating iptables with Snort, Jon D
Indexes:	[Date] [Thread] [Top] [All Lists]