Results 1 to 10 of 19

Thread: Snort IDS Question

Thread Tools
- Show Printable Version
Display
- Switch to Linear Mode
- Hybrid Mode
- Switch to Threaded Mode

Hybrid View

July 21st, 2006, 02:38 AM #1
henry95

View Profile

View Forum Posts

Visit Homepage
Member

Join Date

Dec 2004

Posts

45
Snort IDS Question

I hope I word this correctly.

I am running IPcop firewall and I always see a lot of garbage traffic coming from over seas. I see a lot of misc MS-SQL attacks from the same range of IPs. I got tired of seeing them and decided to drop packets from entire continets.

I did "iptables -A INPUT -s 213.0.0.0/8 -j DROP" for a bunch of other ip ranges.

I thought that by droping the packets the IDS would ignore all the attack attempts but it still shows up on the IDS logs.
Is that normal?
Reply With Quote

Quick Navigation IDS & Scanner Discussions Top

« Previous Thread | Next Thread »

Posting Permissions

You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
[VIDEO] code is On
HTML code is Off

Forum Rules

Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

Thread: Snort IDS Question

Thread Tools

Display

Hybrid View

Snort IDS Question

Posting Permissions