snortattack

Hi@all,

with this useful information you can use snort in inline mode on your computer directly...

These are the rules for queuing the packets in INPUT and OUTPUT on

a stand alone host to use snort_inline in Host IPS.

iptables -A INPUT -i lo -j ACCEPT
iptables -A INPUT  -j QUEUE
iptables -A OUTPUT -j QUEUE

snort -Q -D -c /etc/snort/snort.conf

Remember  if snort don't run all traffic is blocked.

Snortattack team.