Menu
▾
▴
Re: [Snort-inline-users] how to get snort_inline rules
|
From: Matt J. <jo...@jo...> - 2008-05-12 12:25:20
|
BTW: We (at emergingthreats.net) have considered some specific inline modified rulesets. We've tried to make these, but it always comes doen to the fact that what to block, how long to block are just too personal or organizationally specific. These are not decisions anyone can make for you. Not even on a very general level unfortunately. Matt Will Metcalf wrote: > There is not a specific set of snort_inline rules that I am aware of. > You can use the VRT, community, and emergingthreats.net rules and > modify them to use inline specific actions such as drop or reject etc. > If you want to make mass rule changes oinkmaster can help you > accomplish this. http://oinkmaster.sourceforge.net/ > > Regards, > > Will > > On Mon, May 12, 2008 at 5:28 AM, vishal_nitr <vis...@re...> wrote: >> Hi ALL, >> I am a new comer in the snort_inline community and want to use >> snort_inline as an IPS. I searched for the rules but I got only snort rules >> not the snort_inline rules. >> can any body help me in getting snort_inline rules and how to use them ? >> >> Thank You. >> >> Thanks and Regards, >> Vishal Kotalwar, >> Software Engineer, >> Aricent, >> Chennai-35. >> 09884074047. >> >> ------------------------------------------------------------------------- >> This SF.net email is sponsored by the 2008 JavaOne(SM) Conference >> Don't miss this year's exciting event. There's still time to save $100. >> Use priority code J8TL2D2. >> >> http://ad.doubleclick.net/clk;198757673;13503038;p?http://java.sun.com/javaone >> _______________________________________________ >> Snort-inline-users mailing list >> Sno...@li... >> https://lists.sourceforge.net/lists/listinfo/snort-inline-users >> >> > > ------------------------------------------------------------------------- > This SF.net email is sponsored by the 2008 JavaOne(SM) Conference > Don't miss this year's exciting event. There's still time to save $100. > Use priority code J8TL2D2. > http://ad.doubleclick.net/clk;198757673;13503038;p?http://java.sun.com/javaone > _______________________________________________ > Snort-inline-users mailing list > Sno...@li... > https://lists.sourceforge.net/lists/listinfo/snort-inline-users -- -------------------------------------------- Matthew Jonkman Emerging Threats Phone 765-429-0398 Fax 312-264-0205 http://www.emergingthreats.net -------------------------------------------- PGP: http://www.jonkmans.com/mattjonkman.asc |
