'[ossec-list] Re: Block by destination ip'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       ossec-list
Subject:    [ossec-list] Re: Block by destination ip
From:       "Rodrigo Montoro(Sp0oKeR)" <spooker () gmail ! com>
Date:       2008-10-27 22:07:33
Message-ID: 9255886c0810271507u9402bbfi9fa2cbd32b7e77bb () mail ! gmail ! com
[Download RAW message or body]

Hi Aba3k,
I wrote a paper about ossec + snort sometime ago and I think it could help
you

http://www.dynsec.com.br/arquivos/ossec-snort-activeresponse_english.pdf

Regards,

Rodrigo Montoro(Sp0oKeR)

On Fri, Oct 24, 2008 at 8:59 PM, aba3k <aba3000@gmail.com> wrote:

>
> It's possible? I'm using snort + ossec, but i don't want to block my
> network, then they in the whitelist. But i want to block unauthorized
> access (caught by snort) to the internet.
>



-- 
===========================
Rodrigo Montoro (Sp0oKeR)
Intrusion Detection Analyst
SnortCP / RHCE / LPIC-I / MCSO
http://www.spooker.com.br
http://www.snort.org.br
http://www.linkedin.com/in/spooker
===========================

[Attachment #3 (text/html)]

Hi Aba3k,<div><br></div><div>I wrote a paper about ossec + snort sometime ago and I \
think it could help you&nbsp;</div><div><br></div><div><a \
href="http://www.dynsec.com.br/arquivos/ossec-snort-activeresponse_english.pdf">http://www.dynsec.com.br/arquivos/ossec-snort-activeresponse_english.pdf</a></div>
 <div><br></div><div>Regards,</div><div><br></div><div>Rodrigo \
Montoro(Sp0oKeR)<br><br><div class="gmail_quote">On Fri, Oct 24, 2008 at 8:59 PM, \
aba3k <span dir="ltr">&lt;<a \
href="mailto:aba3000@gmail.com">aba3000@gmail.com</a>&gt;</span> wrote:<br> \
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc \
solid;padding-left:1ex;"><br> It&#39;s possible? I&#39;m using snort + ossec, but i \
don&#39;t want to block my<br> network, then they in the whitelist. But i want to \
block unauthorized<br> access (caught by snort) to the internet.<br>
</blockquote></div><br><br clear="all"><br>-- \
<br>===========================<br>Rodrigo Montoro (Sp0oKeR)<br>Intrusion Detection \
Analyst<br>SnortCP / RHCE / LPIC-I / MCSO<br><a \
href="http://www.spooker.com.br">http://www.spooker.com.br</a><br> <a \
href="http://www.snort.org.br">http://www.snort.org.br</a><br><a \
href="http://www.linkedin.com/in/spooker">http://www.linkedin.com/in/spooker</a><br>===========================<br>
 </div>



[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic