[Snort-users] New Trend: Intrusion Prevention

Alberto Gonzalez albertg at ...7149...
Fri Dec 13 09:57:07 EST 2002

Well, Intrusion Preventing has hit snort in the form of snortsam[0] 
hogwash[1] and snort-inline[2].
I suggest grabbing and playing with all of the above examples and see 
which one suits your environment
the best. I've been running hogwash for a few months now and just 
started playing with snortsam now that
the pf plugin is here!


    - Alberto

[0] - http://www.snortsam.net
[1] - http://hogwash.sf.net
[2] - http://www.snort.org/dl/contrib/patches/inline/

Sheahan, Paul (PCLN-NW) wrote:

>I attended Infosecurity 2002 yesterday and there was much talk about
>intrusion detection going away, and intrusion prevention replacing it. Does
>anyone know if there are any plans to include intrusion prevention
>functionality into Snort in the future?
>Paul Sheahan
>Manager of Information Security
>paul.sheahan at ...2218...

The secret to success is to start from scratch and keep on scratching.

More information about the Snort-users mailing list