Menu
▾
▴
[Snort-inline-users] new user - need documents
|
From: <lok...@ac...> - 2005-02-15 14:53:24
|
Hi=20 =20 I have installed snort ( not snort-inline ) on Enterprise Redhat with ACID. I can see packets matching rules are getting logged in Mysql Database.=20 But I didn't see any action on those packets. After sending mail to snort mailing list I found that I need to use snort in INLINE mode.=20 I read INLINE mode document on http://snort-inline.sourceforge.net/index.html. As per this document snort-inline can send a TCP RST packet to drop that session which is matching rule. But I am not finding more documents on that. Is there any other web site for that, I need to see how snort-inline is different than snort ? and how snort-inline takes action ? =20 Cordially, LK |
