[Snort-users] Fw: Snort Malicious Traffic Redirection to other IP

mehrdad hajizadeh mehrdad_richman at ...131...
Wed Apr 1 01:53:13 EDT 2015

Actually, in this special case I wanna separate and send malicious traffic for further analysis in other machine  (honeypot machine or get DPI service from central DPI machine).

      On Tuesday, March 31, 2015 4:47 PM, Joel Esler (jesler) <jesler at ...5925...9...> wrote:

 Why not put Snort inline and drop the malicious traffic totally?
Joel Esler
Open Source Manager
Threat Intelligence Team Lead
Talos Group

On Mar 31, 2015, at 1:17 AM, mehrdad hajizadeh <mehrdad_richman at ...131...> wrote:

Hello All,
I was wondering if somebody help me , how I can redirect malicious traffic to the other IP or host with Snort.Is it possible in snort to redirect specific traffic (the traffic which is matched with snort attack signature ) to the one specific computer? I just wanna to separate malicious traffic with normal traffic by snort..Tnx in advance
Dive into the World of Parallel Programming The Go Parallel Website, sponsored
by Intel and developed in partnership with Slashdot Media, is your hub for all
things parallel software development, from weekly thought leadership blogs to
news, videos, case studies, tutorials and more. Take a look and join the 
conversation now. http://goparallel.sourceforge.net/_______________________________________________
Snort-users mailing list
Snort-users at lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
Snort-users list archive:

Please visit http://blog.snort.org to stay current on all the latest Snort news!

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20150401/62bf9529/attachment.html>

More information about the Snort-users mailing list