-
July 21st, 2006, 02:38 AM
#1
Member
Snort IDS Question
I hope I word this correctly.
I am running IPcop firewall and I always see a lot of garbage traffic coming from over seas. I see a lot of misc MS-SQL attacks from the same range of IPs. I got tired of seeing them and decided to drop packets from entire continets.
I did "iptables -A INPUT -s 213.0.0.0/8 -j DROP" for a bunch of other ip ranges.
I thought that by droping the packets the IDS would ignore all the attack attempts but it still shows up on the IDS logs.
Is that normal?
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|