[Snort-users] Snort and Brdiging Firewall

Allan Dover bigaldover at ...125...
Wed Apr 2 19:31:28 EST 2003


Hey Fellow Snorters,

I put togeteher a new RH 8.0 Linux box.
Set up Snort 2.0 with ACID and MySQL, works great.
Im running it as my main IDS now.
although I still Have 1.91 running on another Linux Box.
I have patched my kernel and have enabled Bridging and Netfiler Firewall 
support.  I am trying to figure out where to go next.  Snort is catching 
everything coming in the nextwork very efficiently, I want to have snort 
dynamically change the IPTABLES so if one of the users tries to launch 
Kazaa, Snort would log the attempt and dynamically block that users from 
using Kazaa and so on.

Anyone do anything similar to this ?

Any help is greatly appreciated.

Allan
bigaldover at ...125...

_________________________________________________________________
The new MSN 8: smart spam protection and 2 months FREE*  
http://join.msn.com/?page=features/junkmail





More information about the Snort-users mailing list