[COLUG] snort does what?

[Vince Herried]

I've peeked at the overview, doesn't help much.


Occasionally I like to open my ftp port for non-anonymous access.
The other day I had left if open for a few days and someone started beating on
it for several hours trying to guess a userid and password.

Some time ago there was a thread here about ad hock tools that would 
block access by IP address (which seemed to me to be a wasted effort).

Will someting like snort or some other tool block 
attempts by IP address? What I'm thinking is if they put the entry
in an easily accessable place (database) so one could purge the entries
after a week or month or ...

My guess is that when the door slams shut quickly, the cracker  will just
find another place to play.

So the short of it...
a tool that will watch for attempts against ports 20,21,23,80
and selectively slam to door shut with out creating a huge
file of every IP address in Korea,...

Is that tool snort?

I'll go back to reading about snort some more but I don't want to have to
learn yet another language and spend several dozen hours....


v