Snort is running, now what ?

News

Retiring eBay CEO Running for CA Governor

Published on January 25, 2008

Sacramento (CA) - eBay Chief Executive Meg Whitman is already making her post-retirement plans and could be running for California governorship in 2010. According to the Los Angeles Times, 51-year-old Whitman has been talking to top Republican leaders Read more

Nokia, Qualcomm Settle Long-running Dispute

Published on July 24, 2008

The legal salvos between Nokia and Qualcomm stopped months ago, part of what officials at the wireless industry heavyweights described as a truce in a long-running battle that spanned three continents. Read more

Obama to Announce Running-Mate via Email

Published on August 13, 2008

Presidential candidate Barack Obama has announced supporters that are signed up to his email service will be the "first to know" who he chooses as his running-mate. Read more

Google Wins Wireless Spectrum Auction By Losing

Published on February 08, 2008

Google may have never wanted to build a nationwide wireless network after all. Read more

Latest Reviews

Portable Photo Printer Roundup

Published on October 02, 2008

Relive your summer vacation this fall with one of these portable photo printers from Canon, HP, Epson, Sony and Polaroid. Read more

WD ShareSpace NAS Brings IT Home

Published on September 30, 2008

Western Digital's new ShareSpace NAS comes equipped with 4TB and three flavors of RAID, but is it too complicated for a home or tiny office? Read more

Beyond iPhone: Touchy-Feely Tech

Published on September 29, 2008

The iPhone, Microsoft Surface and Blackberry Storm are only the newest touchscreen devices to tickle our fancy. How did the revolution start? Read more

Toshiba Tecra A9: Gets the Job Done

Published on September 23, 2008

Toshiba focuses on business customers with its A9 notebook computer, a solid performer with all the essentials—but not much innovation. Read more

Google Ads

Tom's Guide > Forums > Firewall > Snort is running, now what ?

Tom's Guide Forums

Tom's Guide Forums » General Networking » Firewall » Snort is running, now what ?

Show comments: By default All Good ratings Poor ratings

Word : Username : Filter :
Bottom
Author	Thread : Snort is running, now what ?

Acey

More Information

06-15-2004 at 07:02:32 AM

Archived from groups: comp.security.firewalls (More info?)

Greetings,

Here is my lan :

Router
-> Machine 1 with port 22 open (linux)
-> Machine 2 with port 80 open (linux)

I put snort on Machine 2 to detect hack attempts on the webserver.

Say somone try to hack my apache, Snort fill an entry in the alert
file.
Ok.

Now, How can I take active mesures ?
I thought of doing the following but maybe this was done already :
Snort sends a packet to the a socket to a program listening on the
port.
The program add the ip adress in the /etc/hosts.deny file.

is that enough ?
does a program doing this already exist ?
can snort do it himself (i am currently reading the snort
documentation but din't find anything yet)

thanks for your help

Go to:

Tom's Guide Forums » General Networking » Firewall » Snort is running, now what ?

Page generated in 0.284 seconds

Google ads