[COLUG] snort does what?
Chris Clonch
chris at theclonchs.com
Sun Feb 11 17:49:53 EST 2007
Vince Herried wrote:
> Will someting like snort or some other tool block
> attempts by IP address?
<snip>
> So the short of it...
> a tool that will watch for attempts against ports 20,21,23,80
> and selectively slam to door shut with out creating a huge
> file of every IP address in Korea,...
>
> Is that tool snort?
Snort Inline is what you're looking for. The original goal of Snort was
an Intrusion Detection System or IDS. This merely detects activity
based on signatures. Luckily, Snort Inline is now part of the main
Snort project:. Check out the documentation at
http://www.snort.org/docs/snort_htmanuals/htmanual_2.4/node7.html.
There are also a few other tools that perform the same task, try
googling for Intrusion Prevention System or IPS.
-Chris
More information about the colug432
mailing list