[Snort-users] Snort Malicious Traffic Redirection to other IP

Joel Esler (jesler) jesler at ...589...
Tue Mar 31 10:47:39 EDT 2015

Why not put Snort inline and drop the malicious traffic totally?

Joel Esler
Open Source Manager
Threat Intelligence Team Lead
Talos Group

On Mar 31, 2015, at 1:17 AM, mehrdad hajizadeh <mehrdad_richman at ...131...<mailto:mehrdad_richman at ...131...>> wrote:

Hello All,

I was wondering if somebody help me , how I can redirect malicious traffic to the other IP or host with Snort.
Is it possible in snort to redirect specific traffic (the traffic which is matched with snort attack signature ) to the one specific computer? I just wanna to separate malicious traffic with normal traffic by snort..
Tnx in advance

Dive into the World of Parallel Programming The Go Parallel Website, sponsored
by Intel and developed in partnership with Slashdot Media, is your hub for all
things parallel software development, from weekly thought leadership blogs to
news, videos, case studies, tutorials and more. Take a look and join the
conversation now. http://goparallel.sourceforge.net/_______________________________________________
Snort-users mailing list
Snort-users at lists.sourceforge.net<mailto:Snort-users at lists.sourceforge.net>
Go to this URL to change user options or unsubscribe:
Snort-users list archive:

Please visit http://blog.snort.org to stay current on all the latest Snort news!

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20150331/be96b3ce/attachment.html>

More information about the Snort-users mailing list