• Support
  • Forums
  • Blogs

Snort as IPS

pfochipfochi

Entry Level
Are there any confirmed working configurations out there for running snort in inline mode on ossim v4.1?  How did you configure snort to start as a daemon?  Did you work around the ossim configs?

Share post:

Comments

  • The lack of comments/replies on questions like this always gives me concern about the vitality of the AlienVault community.  
    Is there anyone out there that has placed in inline sensor using snort or suricata?  Even high-level details of somebody having done this successfully would be helpful.

  • Hi Okie,

    https://www.alienvault.com/forums/discussion/1907/ was the best thread I found out.  I'm about to try and do the same myself, rather than a snort vm syslogging to OSSIM.  If you've had any luck since you're post wouldnt mind some pointers :).

    Thanks.
  • Hi Okie,

    https://www.alienvault.com/forums/discussion/1907/ was the best thread I found out.  I'm about to try and do the same myself, rather than a snort vm syslogging to OSSIM.  If you've had any luck since you're post wouldnt mind some pointers :).

    Thanks.
Sign In or Register to comment.