[Snort-users] Daq module for wndows

Joel Esler (jesler) jesler at ...589...
Tue Dec 9 18:28:45 EST 2014


We do not support reset or inline functionality in Windows.

--
Joel Esler
Open Source Manager
Threat Intelligence Team Lead
Talos

> On Dec 8, 2014, at 2:03 PM, Argcyborg <argcyborg at ...11827...> wrote:
> 
> Thanks Joel for the replay, do u know any other way to drop a packet with and specific string in windows ?
> Now I can alert if the packet enters, but can´t drop it.
> Im using an app that not work in a Unix based OS.
>  
> Thanks again !
>  
>  
> De: Joel Esler (jesler) [mailto:jesler at ...589...] 
> Enviado el: lunes, 08 de diciembre de 2014 02:36 p.m.
> Para: Argcyborg
> CC: snort-users at lists.sourceforge.net
> Asunto: Re: [Snort-users] Daq module for wndows
>  
> No, Inline mode is not available for Windows.  We recommend a Unix based OS for that.
>  
> --
> Joel Esler
> Open Source Manager
> Threat Intelligence Team Lead
> Talos
>  
>  
>> On Dec 8, 2014, at 11:48 AM, Argcyborg <argcyborg at ...11827... <mailto:argcyborg at ...11827...>> wrote:
>>  
>> Hi, there´s a way to use snort in windows in inline mode ?
>> I need that snort can drop a packet with an specific string on it, is that possible ?
>>  
>> Windows 2003 x64 Enterprise
>> Snort 2.9.70
>>  
>>  
>> Thanks in advance
>> Best regards
>>  
>> Diego.
>> ------------------------------------------------------------------------------
>> Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server
>> from Actuate! Instantly Supercharge Your Business Reports and Dashboards
>> with Interactivity, Sharing, Native Excel Exports, App Integration & more
>> Get technology previously reserved for billion-dollar corporations, FREE
>> http://pubads.g.doubleclick.net/gampad/clk?id=164703151&iu=/4140/ostg.clktrk_______________________________________________ <http://pubads.g.doubleclick.net/gampad/clk?id=164703151&iu=/4140/ostg.clktrk_______________________________________________>
>> Snort-users mailing list
>> Snort-users at lists.sourceforge.net <mailto:Snort-users at ...3783...net>
>> Go to this URL to change user options or unsubscribe:
>> https://lists.sourceforge.net/lists/listinfo/snort-users <https://lists.sourceforge.net/lists/listinfo/snort-users>
>> Snort-users list archive:
>> http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users <http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users>
>> 
>> Please visit http://blog.snort.org <http://blog.snort.org/> to stay current on all the latest Snort news!

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20141209/50dc65a4/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4881 bytes
Desc: not available
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20141209/50dc65a4/attachment.bin>


More information about the Snort-users mailing list