[Snort-users] Syntax for alert_unixsock

Henrik Sandklef henrik at ...2202...
Fri Jun 8 19:29:05 EDT 2001

HI !

As a response to portscans I use iptables to drop the ips (that made the
portscan). So far I've been doing it every now and the, but I want do it
right away when snort finds out about the portscan. I found the
alert_unixsock would be useful, to communicate with a simple
server/daemon reading from a specified socket and thereafter invoking

BUT I can't find a description for the syntax of alert_unixsock, does
anybody where to find docs fot his?
Is alert_unixsock obsoleted or still not implemented?
Is there a better way to invoke a program from snort than using

More information about the Snort-users mailing list