3. Question on Snort IP REP

Question on Snort IP REP

  • V

    Looking at the IP Rep option I see where you can add list…
    Question: It seems the list are stored locally and not pulled from a site (like PFBlocker)
    Is this the norm or will added feature be coming latter to pull list from web and do scheduled updates like PFBlocker?
    If I understand correctly, IP Rep “could” replace PBBlocker at some point? (or am I wrong?)
    Thanks for your help and hard work on Snort (and Suricta)

    vito

    0

  • @vito:

    Looking at the IP Rep option I see where you can add list…
    Question: It seems the list are stored locally and not pulled from a site (like PFBlocker)
    Is this the norm or will added feature be coming latter to pull list from web and do scheduled updates like PFBlocker?
    If I understand correctly, IP Rep “could” replace PBBlocker at some point? (or am I wrong?)
    Thanks for your help and hard work on Snort (and Suricta)

    vito

    You are correct that, at the moment, the lists are static and stored locally.  I think some users have created their own cron jobs and associated scripts to download updates and write them to the directory.

    For now, if a list is updated, Snort needs to be restarted in order to pick it up.  I am investigating some other options for the future.

    Bill

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© 2020 Rubicon Communications, LLC | Privacy Policy