[Oisf-users] Suricata & Project HoneyPot
Phil Daws
uxbod at splatnix.net
Fri Feb 14 14:11:19 UTC 2014
----- Original Message -----
From: "Victor Julien" <lists at inliniac.net>
To: oisf-users at lists.openinfosecfoundation.org
Sent: Friday, 14 February, 2014 1:58:28 PM
Subject: Re: [Oisf-users] Suricata & Project HoneyPot
On 02/14/2014 02:48 PM, Phil Daws wrote:
> ----- Original Message -----
> From: "Phil Daws" <uxbod at splatnix.net>
> To: oisf-users at lists.openinfosecfoundation.org
> Sent: Tuesday, 11 February, 2014 9:52:57 AM
> Subject: [Oisf-users] Suricata & Project HoneyPot
>
> Hello,
>
> would it be possible to integrate Suricata with
> https://www.projecthoneypot.org/ ? am wondering how one could write a
> rule to look up the incoming IP against the database.
>
> Thank you.
>
> --
>
> Any thoughts on whether this is possible ? Thanks.
Can you be more specific? What kind of integration are you seeking?
--
was wondering whether could hook into them using their API http://www.projecthoneypot.org/httpbl_api.php ... that would bring the line of defence closer to the perimeter instead of at the WAF level when it could be to late. Thanks. Phil
More information about the Oisf-users
mailing list