Originally posted by unSpawn
Yeah, Snort can send RST's to both parties or use 3rd party apps to help blocking by firewall.
Can you possible provide a link to docs on implementing snort sending rst's? I found this but was unable to grasp exactly what it is saying
One other question; since snort just watches the traffic, not route it, wouldn't it be possible for a host to be infected/compromised before snort could process the rule and send back a rst packet?