[Snort-users] Barnyard2 and Snortsam for

Joel Esler (jesler) jesler at ...589...
Mon Dec 15 08:06:59 EST 2014

Afaik, you don't need to add anything to Snort anymore.  It's built into barnyard2

Joel Esler
Sent from my iPhone

On Dec 15, 2014, at 8:02 AM, Ian <snort_list at ...16912...<mailto:snort_list at ...16912...>> wrote:

On 12/12/2014 16:28, Shirkdog wrote:
Good ole' SnortSam. It was a great way to create custom actions and
update your firewall config once a specific alert triggered.

With DAQ and the ability to block in an IPS fashion, I am not sure if
anyone is still using it.

Michael Shirk


We use snortsam extensively here.  Its useful to send out blocks to
other networks that have not yet seen attacks.

We run it as a daemon though, not compiled into snort.



On Fri, Dec 12, 2014 at 10:53 AM, Sec_Aficionado
<secaficionado at ...11827...<mailto:secaficionado at ...11827...>> wrote:
Hello there,

I was looking through Barnyard2's barnyard2.conf file and noticed the section under
# alert fw_sam: allow blocking of IP's through remote services

However, I can't find a Snortsam version for snort later than

Does anyone here know if the project changed name or moved somewhere else for newer snort versions?

As usual, thanks in advance!

Sent from my mobile
Any weird stuff in the message above is autocorrect's fault

Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server
from Actuate! Instantly Supercharge Your Business Reports and Dashboards
with Interactivity, Sharing, Native Excel Exports, App Integration & more
Get technology previously reserved for billion-dollar corporations, FREE
Snort-users mailing list
Snort-users at lists.sourceforge.net<mailto:Snort-users at lists.sourceforge.net>
Go to this URL to change user options or unsubscribe:
Snort-users list archive:

Please visit http://blog.snort.org to stay current on all the latest Snort news!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20141215/7d15f109/attachment.html>

More information about the Snort-users mailing list