"Wesley M." writes:
> Perhaps, this can be helpful ;-)
> http://www.procyonlabs.com/guides/openbsd/snort/
It's possible it's quite valid for the Snort parts, but unfortunately
this HOWTO shows several of the features typical of docs maintained by
people who are not, in fact, terribly familiar wi
y, Dain
> Cc: misc@openbsd.org
> Subject: Re: PF Snort tutorial
>
> 2012/1/3 Bentley, Dain mailto:dbent...@nas.edu>>
> I've been looking around for a good tutorial on implementing snort with
PF
> and
> everything I see is old, does anyone know of or have implemented
e OSSEC docs right now and it seems pretty
> promising.
> Having trouble finding anything about having it read from pflog.
>
> From: Andres Genovez [andresgeno...@gmail.com]
> Sent: Tuesday, January 03, 2012 3:04 PM
> To: Bentley, Dain
&g
eading through some OSSEC docs right now and it seems pretty
promising.
Having trouble finding anything about having it read from pflog.
From: Andres Genovez [andresgeno...@gmail.com]
Sent: Tuesday, January 03, 2012 3:04 PM
To: Bentley, Dain
Cc: misc@op
2012 3:04 PM
To: Bentley, Dain
Cc: misc@openbsd.org
Subject: Re: PF Snort tutorial
2012/1/3 Bentley, Dain mailto:dbent...@nas.edu>>
I've been looking around for a good tutorial on implementing snort with PF
and
everything I see is old, does anyone know of or have implemented a solution
2012/1/3 Bentley, Dain
> I've been looking around for a good tutorial on implementing snort with PF
> and
> everything I see is old, does anyone know of or have implemented a solution
> using an IDS/IPS with PF on the same box? If possible I'd like snort of
> some
> other IDS inspect packets and
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Am Tue, 3 Jan 2012 10:57:16 -0500
schrieb "Bentley, Dain" :
> I've been looking around for a good tutorial on implementing snort
> with PF and everything I see is old, does anyone know of or have
> implemented a solution using an IDS/IPS with
I've been looking around for a good tutorial on implementing snort with PF and
everything I see is old, does anyone know of or have implemented a solution
using an IDS/IPS with PF on the same box? If possible I'd like snort of some
other IDS inspect packets and have pf drop them based on the fact
8 matches
Mail list logo