[Snort-users] Pulledpork Modify Rules Automatically
jim at w4bqp.net
Wed Jun 14 21:42:23 EDT 2017
Since I last posted here I ended up formatting my hard drive, installing
the latest Ubuntu and installing Snort in IPS mode. However, at the end
of the tutorial on
shows you how to modify the single local rule to drop rather than alert.
There is mention of a future page that will tell how to have Pulledpork
automatically modify all the rules to drop.
My setup is running in inline mode but so far hasn't reported any
packets being flagged. I could sure use some help.
"We are not human beings having a spiritual experience;
we are spiritual beings having a human experience."
---Pierre Teilhard de Chardin
More information about the Snort-users