nixCraft Linux / UNIX / Shell Scripting Forum

nixCraft

Linux / UNIX Tech Support Forum

Facing an issue with Snort

This is a discussion on Facing an issue with Snort within the Networking, Firewalls and Security forums, part of the Mastering Servers category; PS:Cross posted in different forums for quick response Hi all, recently we installed snort with —enable-inline option and we are ...

Register free or login to your account to remove all advertisements.

Go Back   nixCraft Linux / UNIX / Shell Scripting Forum > Mastering Servers > Networking, Firewalls and Security

Facing an issue with Snort Facing an issue with Snort

Linux answers from nixCraft.

Register FAQ Members List Social Groups Calendar Forgotten your password? Mark Forums Read

Networking, Firewalls and Security No it's not a secret. Talk about firewalls and security issues.

Reply

 

Thread Tools Display Modes
  #1 (permalink)  
Old 10th December 2009, 01:43 PM
kumarat9pm's Avatar
Senior Member
  
Join Date: Jun 2007
Location: Pune,MH,India
OS: RHEL(4/5),UBUNTU..
Scripting language: Bash,PHP,Perl(noob)
Posts: 635
Thanks: 32
Thanked 41 Times in 36 Posts
Rep Power: 8
kumarat9pm is just really nicekumarat9pm is just really nicekumarat9pm is just really nicekumarat9pm is just really nicekumarat9pm is just really nice
Send a message via Yahoo to kumarat9pm Send a message via Skype™ to kumarat9pm
Default Facing an issue with Snort
PS:Cross posted in different forums for quick response
Hi all,
recently we installed snort with —enable-inline option and we are able to queue all the 80 port traffic
We have iptables with ip_queue option as mention in snort
documentation
Here are some of my queries
1)How snort will take packets from the queue(Do we have to configure
snort to take packets from ip queue)
2)Ok all 80 port traffic is taken by snort for analyzing, how snort
will pass the genuine packets which passed the test?(Do we have to
create any rule other then pass rule in snort?)
3)What is the difference between snort with —enable-inline and
snort_inline packages?
4)Where can we use rate_filter, i did not find much documentation on
this.. any one used rate_filter in your configuration? please share
it. Where we have to mention rate_filter? do we have to mention in any
configuration file? if yes what is the configuration file?
Thanks in advance to you all.
__________________
Thanks,
Surendra Kumar Anne
Linux: Fast, friendly, flexible and .... free!
Support Open source.
http://www.linuxnix.com
Reply With Quote
Reply

« Require SNIRT forums/resources | Regarding centralized authentication.. »

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)

 
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off

Similar Threads

Thread Thread Starter Forum Replies Last Post
Facing an issue with squid reverse proxy kumarat9pm Proxy Servers 5 15th July 2010 06:00 PM
Facing an issue with a Server kumarat9pm CentOS / RHEL / Fedora 3 4th September 2009 03:56 PM
[Solved] Facing an issue with nagios kumarat9pm Networking, Firewalls and Security 3 21st August 2009 07:15 PM
Facing an issue when installing createrepo kumarat9pm CentOS / RHEL / Fedora 4 30th July 2009 12:58 PM
Facing problem configuring DNS on RHEL 5 mhasan Domain Name Server 1 30th June 2009 10:22 AM


All times are GMT +5.5. The time now is 09:04 AM.

Contact Us - Home - Archive - Privacy Statement - Terms of Service - Top

Powered by vBulletin® Version 3.8.6 - Copyright ©2000 - 2010, Jelsoft Enterprises Ltd.
Search Engine Optimization by vBSEO 3.3.2
©2005-2010 nixCraft. All rights reserved

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40