[Oisf-users] Suricata and clamav ? and/or Squidclamav ?

Olivier - gnaap at hotmail.fr
Tue Mar 11 11:17:23 UTC 2014


Hi all,
Suricata i s a great IDS and I use it as an IPS.
I have some questions (perhaps stupid questions :) ) :

- Suricata run as an IPS on my gateway 
- Squid is installed with squidclamav (no cache only clamav protection)

First question :
- is there any real interest to run both suricata and squidclamav/clamav ?

Squid is in transparent mode so the trafic to destination port 80 goes to port 3128 in nat table.
I'm not sure the trafic goes to suricata then (no http.log when redirect to 3128 is active).  It's a bit confused and I'm working on it.


Second question :
- is there a solution to make suricata and clamav work together ?

Thanks a lot !
Have a nice day.



 

 		 	   		  
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20140311/2abd1c3e/attachment.html>


More information about the Oisf-users mailing list