[Snort-users] running a script when a match is found
michael.boman at ...4162...
Tue May 7 09:14:05 EDT 2002
-----BEGIN PGP SIGNED MESSAGE-----
On Tuesday 07 May 2002 22:23, Lookman Fazal wrote:
> Now what I want to do is, when it writes the sender's IP address in this
> /var/log/snort directory, I want to, at the same time run a script,
> which will take the sender's IP address and telnet to my router and add
> an access-list to deny this sender. How do I invoke a script in snort
> when a pattern matches?
> Is there a way to do this? Any help will be greatly appreciated
I haven't tries this myself, but why not try out SnortSam(.net) that can
re-configure firewalls and routers.
Security Architect, SecureCiRT (A SBU of Z-Vance Pte Ltd)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
-----END PGP SIGNATURE-----
More information about the Snort-users