[Snort-users] howto convert snort alerts in to iptables rules? (like fail2ban does)

Joost Ringoot joost.ringoot at meteo.be
Fri Jun 21 06:14:39 EDT 2019


Hello, 

Does anyone of you have experience in converting snort alerts into iptables rules, ... like fail2ban does? 

Did it work? 

If you think it is unfeasible or a bad idea, please explain. 

Thanks, 

Joost 



KMI - IRM 
Joost RINGOOT 
System Administrator 
Koninklijk Meteorologisch Instituut 
Institut Royal Météorologique 
Ringlaan 3 Avenue Circulaire 
1180 Brussel | Bruxelles 
+32 (0)2 373 06 75 
after office hours: 
+32 (0)2 373 06 83 
[ https://www.meteo.be/ | www.meteo.be ] 
[ https://www.facebook.com/kmi.be/ ] [ https://www.facebook.com/www.meteo.be/ ] 

Pensez à l'environnement, n'imprimez ce mail que si nécessaire 
Denk aan het milieu, print deze mail niet af tenzij echt nodig 
[ http://ec.europa.eu/environment/emas/register/search/registration.do?registrationId=582580 ] 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20190621/f729594d/attachment.html>


More information about the Snort-users mailing list