search for: fwsnort

Hi, I like shorewall and I''ve been using it for a long time. I now have a requirement to block worms / trojans in a public free wifi network I''m running. fwsnort ( http://www.cipherdyne.org/fwsnort/) translates Snort rules to iptables rules and it seems to fit my requirements. What is the best way to integrate shorewall and fwsnort? I tried googling for information about this subject but I couldn''t find any. Can anyone share experiences of integr...

Hello Leon. In addition to everything else mentioned in this thread, I'd recommend you a great book on the topic. "Attack Detection and Response with iptables, psad, and fwsnort by Michael Rash" It contains a really nice and detailed guide on iptables and most common attacks, nmap, psad and snort. Regarding your config, I'd like to point several things: 1. You're not dropping packets in status 'INVALID' on top of your script, which is strange regardi...

.... Kind Regards Leon On Wed, Jun 29, 2016 at 5:41 PM, l at avc.su <l at avc.su> wrote: > Hello Leon. > > In addition to everything else mentioned in this thread, I'd recommend you > a great book on the topic. > "Attack Detection and Response with iptables, psad, and fwsnort by Michael > Rash" > It contains a really nice and detailed guide on iptables and most common > attacks, nmap, psad and snort. > > Regarding your config, I'd like to point several things: > 1. You're not dropping packets in status 'INVALID' on top of your scri...

Dear Members I hope you are all doing well. I am busy teaching myself iptables and was wondering if I may get some advise. The scenario is the following: 1. Default policy is to block all traffic 2. Allow web traffic and SSH 3. Allow other applications I have come up with the following: #!/bin/bash # RESET CURRENT RULE BASE iptables -F service iptables save # DEFAULT FIREWALL