[Snort-users] Compiling snort for CheckPoint Firewall-1 support

Briggs, Bruce Bruce.Briggs at ...13183...
Tue May 16 18:50:03 EDT 2006


You can use Oinkmaster to update your Snort rules and to keep your rule
modifications intact.
That is how I and many other do this.

Bruce 

-----Original Message-----
From: snort-users-admin at lists.sourceforge.net
[mailto:snort-users-admin at lists.sourceforge.net] On Behalf Of carlopmart
Sent: Friday, May 12, 2006 5:01 AM
To: Frank Knobbe
Cc: snort-users at lists.sourceforge.net
Subject: Re: [Snort-users] Compiling snort for CheckPoint Firewall-1
support

Hi Frank,

  Yes, correct but I need to modify snort rules by hand if i would to
block some connections with snortsam (and if I launch process to update
snort rules, they are overwritted and I lose my changes). I need to
block connections immediately using snort rules and custom rules.

Frank Knobbe wrote:
> On Thu, 2006-05-11 at 17:19 +0200, carlopmart wrote:
>>   i would like to test snort 2.4.4 release with CheckPoint fw-1
>> (NGR55
>> and NGX) and in-line (snort-inline.sf.net) support. I have used 
>> snortsam last months, but I need a real IPS now thath sends commands 
>> to my firewalls and blocks traffic. How can I compile snort for fw1 
>> support???
> 
> Uhm... that *IS* what Snortsam does. It sends commands to your 
> firewall to block traffic.
> 
> 
> On Thu, 2006-05-11 at 14:29 -0400, Paul Melson wrote: 
>> You can't build Snort with FW-1 specific support like you can with 
>> RealSecure or other commercial products that have OPSEC(tm) support.
> 
> Snortsam provides that OPSEC support, but not straight from Snort. It 
> is interfaced by Snortsam (Snort->Snortsam->FW-1).
> 
> 
> Regards,
> Frank
> 

--
CL Martinez
carlopmart {at} gmail {d0t} com


-------------------------------------------------------
Using Tomcat but need to do more? Need to support web services,
security?
Get stuff done quickly with pre-integrated technology to make your job
easier
Download IBM WebSphere Application Server v.1.0.1 based on Apache
Geronimo
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
_______________________________________________
Snort-users mailing list
Snort-users at lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users




More information about the Snort-users mailing list