[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Active Snort Log Analyser

Hello all,
I use snort to detect attacks on some FireWalls, it works well but I still need 
a tool to tell me when the FireWall is beeing portscanned or under attack. 
Secundary, I need a tool to deny the IP or even better, stop the scan/attack but 
let the ip execute normal things (such as accessing the web server). Let me 
explain, I can be scanned by a masqueraded machine behind a university FireWall, 
I don't want to stop all this network from accessing the services I'm defending.
Well, I went to snort HomePage and didn't find what I need. The proposed tools 
to alert you seems more programmation language than config files... In that 
case, I'd better write my own tool -what a time consumming task-.


Reply to: