>Dear all, >1- can i use snort inline+iptables in router (no bridge) mode under linux? Snippet copied from one of the mail that I received from mailing list. ------------------------------------------------------- There are active-response modules for Snort available.
Snort can do content-detection; with active response, the packets could be dropped / filtered / redirected. Michael T. Babcock Triple PC Ltd. ------------------------------------------------------- To use it with IPTABLES you need to patch the kernel and netfilter to support Hex search. Thanks Dhruv ------------------------------------------------------------------------ Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to learn more. ------------------------------------------------------------------------
