[Snort-users] UPDATE: flexresp2 (new and improved active response for Snort)

Jeff Nathan jeff at ...950...
Thu Sep 4 11:56:35 EDT 2003


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


On Thursday, September 4, 2003, at 04:49 AM, Francis A. Vidal wrote:

> Jeff,
>
> Any chance you can make the patch work cleanly with the FreeBSD port?
> Thanks.

Francis,

This is mostly dependent upon which version of Snort is in the FreeBSD 
ports tree.  If it's a relatively recent version you should be able to 
run "make extract" on the Snort port and once that has finished apply 
the patch I created.  After you've applied the patch you'll have to 
edit the port's Makefile and either add a flavor for flexresp2 or 
modify the flexresp flavor to pass "--enable-flexresp2" instead of 
"--enable-flexresp".

I don't have a FreeBSD box handy, I'm not sure which version of FreeBSD 
you're running and I'm not sure which version of Snort they've got in 
their ports tree.  However, you should be able to get this working 
without too much trouble.

- -Jeff

- --
Top security experts.  Cutting edge tools, techniques and information.
Tokyo, Japan   November, 2003   http://www.pacsec.jp

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (Darwin)

iD8DBQE/V3k6Eqr8+Gkj0/0RAiJQAKC79jakbw5AIO85uj7XtKKH/fX7nACgqJPj
01Yl5Yo2t4olNNLrHc/vfZc=
=Ddyo
-----END PGP SIGNATURE-----





More information about the Snort-users mailing list