[Snort-users] New Trend: Intrusion Prevention

Alberto Gonzalez albertg at ...7149...
Fri Dec 13 09:57:07 EST 2002


Well, Intrusion Preventing has hit snort in the form of snortsam[0] 
hogwash[1] and snort-inline[2].
I suggest grabbing and playing with all of the above examples and see 
which one suits your environment
the best. I've been running hogwash for a few months now and just 
started playing with snortsam now that
the pf plugin is here!

Cheers!

    - Alberto

[0] - http://www.snortsam.net
[1] - http://hogwash.sf.net
[2] - http://www.snort.org/dl/contrib/patches/inline/

Sheahan, Paul (PCLN-NW) wrote:

>I attended Infosecurity 2002 yesterday and there was much talk about
>intrusion detection going away, and intrusion prevention replacing it. Does
>anyone know if there are any plans to include intrusion prevention
>functionality into Snort in the future?
>
>Thanks,
>
>Paul Sheahan
>Manager of Information Security
>Priceline.com
>paul.sheahan at ...2218...
>
>
>
>  
>

-- 
The secret to success is to start from scratch and keep on scratching.






More information about the Snort-users mailing list