[Snort-users] firewall rules modification based on snort logs
JHally at ...5637...
Tue Jun 10 05:36:09 EDT 2003
There's also a cool little app called SnortSam ( www.snortsam.net
<http://www.snortsam.net> ) that works on both W2K and *nix, and will work
with a boatload of firewalls.
From: Poppi, Sandro [mailto:Sandro.Poppi at ...3316...]
Sent: Tuesday, June 10, 2003 6:13 AM
To: 'Gaurav Kumar'; snort-users at lists.sourceforge.net
Subject: AW: [Snort-users] firewall rules modification based on snort logs
You might take a look at guardian:
Looking in snort's web site's contrib section is so much fun >;)
hello snort user...
i was wondering if some script or tool is avaliable to modify the firewall
rules based on snort logs (i am using mysql database for snort logging).
for example is someone is ping flooding my server, tool will read the logs
from snort and modify the iptable rule to DENY the ip address to access my
E-mail - gaurav at ...9415... <mailto:gaurav at ...9415...>
Phone - +91-40-23555942, 23556538
[This e-mail may contain confidential and/or privileged information. If you
are not the intended recipient (or have received this e-mail in error)
please notify the sender immediately and destroy this e-mail. Any
unauthorized copying, disclosure or distribution of the material in this
e-mail is strictly forbidden.]
Do you Yahoo!?
Free online <http://us.rd.yahoo.com/mail_us/tag/*http://calendar.yahoo.com>
calendar with sync to Outlook(TM).
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Snort-users