[Snort-users] [SUSPECTED SPAM] Problem in snort

Carter Waxman (cwaxman) cwaxman at cisco.com
Mon Mar 4 15:35:19 EST 2019


--treat-drop-as-alert will enable drop rules for passive deployments

From: Snort-users <snort-users-bounces at lists.snort.org> on behalf of Lucero Guerrero Flores <lucero.guerrero at ipicyt.edu.mx>
Date: Monday, March 4, 2019 at 2:01 PM
To: "Al Lewis (allewi)" <allewi at cisco.com>
Cc: "snort-users at lists.snort.org" <snort-users at lists.snort.org>
Subject: Re: [Snort-users] [SUSPECTED SPAM] Problem in snort

Thank you for the clarification.

El lun., 4 mar. 2019 a las 12:26, Al Lewis (allewi) (<allewi at cisco.com<mailto:allewi at cisco.com>>) escribió:
Snort will have to be run inline for the blocks/drops/resets to work effectively.


Albert Lewis
ENGINEER.SOFTWARE ENGINEERING
Cisco Systems Inc.
Email: allewi at cisco.com<mailto:allewi at cisco.com>


From: Lucero Guerrero Flores <lucero.guerrero at ipicyt.edu.mx<mailto:lucero.guerrero at ipicyt.edu.mx>>
Date: Monday, March 4, 2019 at 1:18 PM
To: "Al Lewis (allewi)" <allewi at cisco.com<mailto:allewi at cisco.com>>
Cc: "snort-users at lists.snort.org<mailto:snort-users at lists.snort.org>" <snort-users at lists.snort.org<mailto:snort-users at lists.snort.org>>
Subject: Re: [SUSPECTED SPAM] [Snort-users] Problem in snort


No, the snort that installs this in IDS mode

El lun., 4 mar. 2019 a las 12:12, Al Lewis (allewi) (<allewi at cisco.com<mailto:allewi at cisco.com>>) escribió:
Are you running snort inline?

Albert Lewis
ENGINEER.SOFTWARE ENGINEERING
Cisco Systems Inc.
Email: allewi at cisco.com<mailto:allewi at cisco.com>


From: Snort-users <snort-users-bounces at lists.snort.org<mailto:snort-users-bounces at lists.snort.org>> on behalf of Lucero Guerrero Flores <lucero.guerrero at ipicyt.edu.mx<mailto:lucero.guerrero at ipicyt.edu.mx>>
Date: Monday, March 4, 2019 at 1:11 PM
To: "snort-users at lists.snort.org<mailto:snort-users at lists.snort.org>" <snort-users at lists.snort.org<mailto:snort-users at lists.snort.org>>
Subject: [SUSPECTED SPAM] [Snort-users] Problem in snort


Good afternoon. I have a question regarding Snort 2.9.12 installed on ubuntu server 18.04. I have installed Snort without any problem, but when I try to edit the rules with drop or block it seems that it is not taking them into account and only the one that is reflected is the one of "alert" since that one works without any problem. I hope you can solve my doubt. Thank you. regards

--
--
   TSU. Lucero Guerrero Flores
   Analista de seguridad informática


    Instituto Potosino de Investigación Científica y Tecnológica, A.C.


    Camino a la Presa San José 2055, Lomas 4a. secc.


   Ext.2716  Cel. (444)1206676




   [Image removed by sender. Resultado de imagen para imagen  de cns-ipicyt]



    www.cns-ipicyt.mx<http://www.cns-ipicyt.mx/>


--
--
   TSU. Lucero Guerrero Flores
   Analista de seguridad informática


    Instituto Potosino de Investigación Científica y Tecnológica, A.C.


    Camino a la Presa San José 2055, Lomas 4a. secc.


   Ext.2716  Cel. (444)1206676




   [Image removed by sender. Resultado de imagen para imagen  de cns-ipicyt]



    www.cns-ipicyt.mx<http://www.cns-ipicyt.mx/>


--
--
   TSU. Lucero Guerrero Flores
   Analista de seguridad informática


    Instituto Potosino de Investigación Científica y Tecnológica, A.C.


    Camino a la Presa San José 2055, Lomas 4a. secc.


   Ext.2716  Cel. (444)1206676




   [Image removed by sender. Resultado de imagen para imagen  de cns-ipicyt]



    www.cns-ipicyt.mx<http://www.cns-ipicyt.mx/>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20190304/17983d47/attachment.html>


More information about the Snort-users mailing list