[prev in list] [next in list] [prev in thread] [next in thread]
List: ossec-list
Subject: [ossec-list] Re: Block by destination ip
From: "Rodrigo Montoro(Sp0oKeR)" <spooker () gmail ! com>
Date: 2008-10-27 22:07:33
Message-ID: 9255886c0810271507u9402bbfi9fa2cbd32b7e77bb () mail ! gmail ! com
[Download RAW message or body]
Hi Aba3k,
I wrote a paper about ossec + snort sometime ago and I think it could help
you
http://www.dynsec.com.br/arquivos/ossec-snort-activeresponse_english.pdf
Regards,
Rodrigo Montoro(Sp0oKeR)
On Fri, Oct 24, 2008 at 8:59 PM, aba3k <aba3000@gmail.com> wrote:
>
> It's possible? I'm using snort + ossec, but i don't want to block my
> network, then they in the whitelist. But i want to block unauthorized
> access (caught by snort) to the internet.
>
--
===========================
Rodrigo Montoro (Sp0oKeR)
Intrusion Detection Analyst
SnortCP / RHCE / LPIC-I / MCSO
http://www.spooker.com.br
http://www.snort.org.br
http://www.linkedin.com/in/spooker
===========================
[Attachment #3 (text/html)]
Hi Aba3k,<div><br></div><div>I wrote a paper about ossec + snort sometime ago and I \
think it could help you </div><div><br></div><div><a \
href="http://www.dynsec.com.br/arquivos/ossec-snort-activeresponse_english.pdf">http://www.dynsec.com.br/arquivos/ossec-snort-activeresponse_english.pdf</a></div>
<div><br></div><div>Regards,</div><div><br></div><div>Rodrigo \
Montoro(Sp0oKeR)<br><br><div class="gmail_quote">On Fri, Oct 24, 2008 at 8:59 PM, \
aba3k <span dir="ltr"><<a \
href="mailto:aba3000@gmail.com">aba3000@gmail.com</a>></span> wrote:<br> \
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc \
solid;padding-left:1ex;"><br> It's possible? I'm using snort + ossec, but i \
don't want to block my<br> network, then they in the whitelist. But i want to \
block unauthorized<br> access (caught by snort) to the internet.<br>
</blockquote></div><br><br clear="all"><br>-- \
<br>===========================<br>Rodrigo Montoro (Sp0oKeR)<br>Intrusion Detection \
Analyst<br>SnortCP / RHCE / LPIC-I / MCSO<br><a \
href="http://www.spooker.com.br">http://www.spooker.com.br</a><br> <a \
href="http://www.snort.org.br">http://www.snort.org.br</a><br><a \
href="http://www.linkedin.com/in/spooker">http://www.linkedin.com/in/spooker</a><br>===========================<br>
</div>
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic