Has anyone ever setup another box with Snort for IDS w/ mikrotik.
I would like to "Mirror" my PPPoE connection and send it to my Snort box. Can this be done with packet streaming or CALEA ?
-
-
ciphercore
Member Candidate
- Posts: 155
- Joined:
Re: Snort IDS ?
hmmm... I will give that a try tonight.
Re: Snort IDS ?
Hi,
I have developed an IDS/IPS system for RouterOS.
It is here : http://sourceforge.net/projects/mt-fw-attack/
You need a linux machine to compile and run it.
It collects syslog messages from your's routeros device (there are instructions on how to use it) and adds the attackers on an address list which you can use to block them.
I have developed an IDS/IPS system for RouterOS.
It is here : http://sourceforge.net/projects/mt-fw-attack/
You need a linux machine to compile and run it.
It collects syslog messages from your's routeros device (there are instructions on how to use it) and adds the attackers on an address list which you can use to block them.
Re: Snort IDS ?
Hi, I configured correctly (I think) that IDS/IPS but I can't test if its works or not, how could I do it?Hi,
I have developed an IDS/IPS system for RouterOS.
It is here : http://sourceforge.net/projects/mt-fw-attack/
You need a linux machine to compile and run it.
It collects syslog messages from your's routeros device (there are instructions on how to use it) and adds the attackers on an address list which you can use to block them.
Thanks.
Who is online
Users browsing this forum: Demidrol and 208 guests