[Snort-devel] Question about snort alerts

Geries Handal stingddp99 at ...445...
Wed May 11 08:49:13 EDT 2005

Dear snort developers,

I like to know if there is any way to read real time alerts from snort. The 
purpose is because i want to try to write a module that will response to 
some attacks in certain way... For example if i detect a portscan, or a 
worm, etc. i want to send a command to a firewall or cisco router and block 
the attack. I was thinking of using unix domain socket option of snort, but 
i don't know if its the right way to go. Maybe you can help me giving me 
some documentation, tips, reference, etc, anything... tell me how can i 
access the socket using java, c/c++..  I don't want to use any plugins... i 
want to code it my self... directly accessing the socket.. thanks

I will really appreciate any help

Geries Handal

p.s. sorry for not sending the msg in html...thanks to Lamont R. Peterson  
for tip...

Express yourself instantly with MSN Messenger! Download today it's FREE! 

More information about the Snort-devel mailing list