Re: [Snort-inline-users] To bridge or to route ?

[C.G.Senthilkumar. <che...@cs...>]

> of a denial of service attack. For example, if I know a specific IP
> address is running an active intrusion blocking system, I can spoof an
> attack from microsoft and google, which the active IPS will respond by
> putting the appropriate IP addresses into a block list, either timed or
This is exactly where snort-inline adds value to regular firewalls. It drops
connections based on malicious content/matching rules rather than a black
list of IP addresses.