Hi,
I've just currently setup guardian and snort together , so it looks like this :
[attacker's host]--> [snort+guardian]--> [target's host]
Guardian works fine if I used it to proect 1 ip address (on snort+guardian's host). Is it possible to use guardian to protect the target's host ?
When I tried to attack target's host from attacker's host , this is what i got on /var/log/guardian.log :
Quote:
Odd.. source= 192.168.1.4,dest = 192.168.1.7 - No Action Done
|
FYI : I'm using these scripts to block/unblock :
http://www.chaotic.org/guardian/scri...ables_block.sh
http://www.chaotic.org/guardian/scri...les_unblock.sh
Thankx