[Snort-users] From IDS to IPS

Joel Esler (jesler) jesler at ...589...
Mon Apr 7 17:48:16 EDT 2014


I haven’t had the chance to review them yet.


On Apr 7, 2014, at 5:37 PM, Teo En Ming <teo.en.ming at ...11827...<mailto:teo.en.ming at ...11827...>> wrote:

Dear Joel,

Have you posted the manuals which I have written?

Regards,

Teo En Ming


On Tue, Apr 8, 2014 at 4:54 AM, Joel Esler (jesler) <jesler at ...589...<mailto:jesler at ...589...>> wrote:
On Apr 7, 2014, at 4:48 PM, James Lay <jlay at ...13475...<mailto:jlay at ...13810...5...>> wrote:

On 2014-04-07 10:31, Teo En Ming wrote:
Dear James,

May I know what is nfq?

After reading through your email, I still have no idea how to go
about
converting Snort from IDS to IPS.

Could you write a more detailed manual, covering every single step
along the way?

Teo En Ming


NFQ is the linux netfilter queue...basically you setup snort and
netfilter to instead of detect, to block.  I've sent Joel a writeup on
it.


Just posted:

http://www.snort.org/docs

--
Joel Esler
Open Source Manager
Threat Intelligence Team Lead
Vulnerability Research Team


------------------------------------------------------------------------------
Put Bad Developers to Shame
Dominate Development with Jenkins Continuous Integration
Continuously Automate Build, Test & Deployment
Start a new project now. Try Jenkins in the cloud.
http://p.sf.net/sfu/13600_Cloudbees
_______________________________________________
Snort-users mailing list
Snort-users at lists.sourceforge.net<mailto:Snort-users at lists.sourceforge.net>
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org<http://blog.snort.org/> to stay current on all the latest Snort news!


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20140407/c99a5d1f/attachment.html>


More information about the Snort-users mailing list