[Snort-users] (no subject)
dowling_denis at ...125...
Thu Nov 22 21:52:02 EST 2001
I'm looking at snort as a solution to a problem I've been given. Basically, we have a PCAnywhere machine on our corporate LAN. We want to allow an external company to access this machine for software updates. Obviously this is a security risk so we are looking at solutions that will eliminate this risk. One is to configure a linux firewall with scripts to disable all traffic (except PCAnywhere) using iptables when PCAnywhere traffic is detected and to enable all other traffic when no PCAnywhere traffic is detected. I'm looking at snort as the means of detecting the traffic but my question is can I configure snort to execute a script that will run iptables to disable all other traffic?
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Snort-users