[Oisf-users] Suricata & Project HoneyPot

Phil Daws uxbod at splatnix.net
Fri Feb 14 14:11:19 UTC 2014


----- Original Message -----
From: "Victor Julien" <lists at inliniac.net>
To: oisf-users at lists.openinfosecfoundation.org
Sent: Friday, 14 February, 2014 1:58:28 PM
Subject: Re: [Oisf-users] Suricata & Project HoneyPot

On 02/14/2014 02:48 PM, Phil Daws wrote:
> ----- Original Message -----
> From: "Phil Daws" <uxbod at splatnix.net>
> To: oisf-users at lists.openinfosecfoundation.org
> Sent: Tuesday, 11 February, 2014 9:52:57 AM
> Subject: [Oisf-users] Suricata & Project HoneyPot
> 
> Hello,
> 
> would it be possible to integrate Suricata with
> https://www.projecthoneypot.org/ ? am wondering how one could write a
> rule to look up the incoming IP against the database.
> 
> Thank you.
> 
> -- 
> 
> Any thoughts on whether this is possible ? Thanks.

Can you be more specific? What kind of integration are you seeking?

-- 

was wondering whether could hook into them using their API http://www.projecthoneypot.org/httpbl_api.php ... that would bring the line of defence closer to the perimeter instead of at the WAF level when it could be to late.  Thanks. Phil



More information about the Oisf-users mailing list