[Snort-users] Portsentry and Snort
Ralf.Hildebrandt at ...821...
Wed Mar 7 09:42:45 EST 2001
On Wed, Mar 07, 2001 at 09:07:32AM -0500, Bob Staaf wrote:
> Is anyone out there running Snort and Portsentry together? The problem
> I am having is that Portsentry blocks port scans before Snort can even see
Frankly, I'd say portsentry is crap. If you really insist on adding "drop"
routes for IP's offending your server, you can do that with snort (at least
I think one can execute programs as a response to triggering of a rule).
> I have dabbled with setting up an ipchains firewall in the
> past but, am not sure whether I will get the same results in that it will
> block scans before Snort can see them.
ralf.hildebrandt at ...821...
System Engineer innominate AG
Diplom-Informatiker the linux architects
tel: +49.30.308806-62 fax: -698 www.innominate.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 240 bytes
Desc: not available
More information about the Snort-users