3. Snort - reverse DNS on blocked IPs?

Snort - reverse DNS on blocked IPs?

  • M

    Is it possible to add reverse DNS to snort so that block IPs are looked up?  Similar to how Sarg works for web reporting?  I constantly find myself trying to access sites (i.e. iTunes stores) only to find I'm blocked and cannot quickly identify which IP address listed is the one that I need to Whitelist.  Instead I end up clearing all block IPs which resolves the issue until the same site is blocked minutes or hours later.

    If anyone can share their best practices, it would be much appreciated.  Thanks.

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy