[Snort-users] running a script when a match is found

Michael Boman michael.boman at ...4162...
Tue May 7 09:14:05 EDT 2002


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Tuesday 07 May 2002 22:23, Lookman Fazal wrote:
> Now what I want to do is, when it writes the sender's IP address in this
> /var/log/snort directory, I want to, at the same time run a script,
> which will take the sender's IP address and telnet to my router and add
> an access-list to deny this sender. How do I invoke a script in snort
> when a pattern matches?
>
> Is there a way to do this?  Any help will be greatly appreciated
>
> --Fazal

I haven't tries this myself, but why not try out SnortSam(.net) that can 
re-configure firewalls and routers.

/Mike

- -- 
Michael Boman
Security Architect, SecureCiRT (A SBU of Z-Vance Pte Ltd)
http://www.securecirt.com
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE81/02ds5fQJiraJwRAll0AJ9vTev0XAdmSjAGIqPXlTB4jMsQbgCbBzdO
CC63zmoq77OWuTBSXz6RPjE=
=DEA3
-----END PGP SIGNATURE-----




More information about the Snort-users mailing list