[Snort-users] Guardian with Snort - Help
ira at ...9134...
Fri May 9 05:58:22 EDT 2003
I am new to Snort and to this list.
I have setup Snort successfully and now trying to setup "Guardian". Couldn't
find and list for Guardian..
I am running FreeBSD based firewall with three interfaces (Internal,
External and DMZ).
My External and DMZ are on the same C class which has been subneted. Now in
my Guardian.ignore file, I have defined my external C class.
Snort is producing Attack Alerts and Guardian is detecting it. But instead
of block the attack it's producing the following log message
Odd.. source = Attacker's IP, dest = (My Class Address) - No action done.
Any help will be appreciated.
Burdett Buckeridge Young Limited
A participating organisation of the Australian Stock Exchange
Level 17, 60 Margaret St
Sydney NSW 2000
Direct: +61 2 9226 0059
Fax: +61 2 9226 0066
Email: ira at ...9134...
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Snort-users