snort + Guardian
 

I am currently running a slackware box with a snort/base setup and I am thinking about setting up guardian as well. I was wondering if anyone had any notes or setup guides for Guardian, maybe on creating rules and actions that can be performed based on snort logs>?????????

I already know the implications of using an IPS and the possible denial of service to legit hosts and such, what I am trying to do is use it in a wirless setting to run comands to reduce RF signal and block mac's based on logs. As well as the firewall capabilities of guardian.

So any install guides, setup guides or notes involving guardian would be appreaciated!!!!!!!!!!

Ok I went ahead and set it up and it seems to be running, started it up with no errors i didnt correct after 1 min of thinking about it.... But now does anyone know of any other uses for guardian or plugins to do other things other then block ports for specified time periods or am I going ot have to change the guardian.pl file??