[Rtir] configure routers

Wes Young wes at ren-isac.net
Sat Feb 4 09:12:00 EST 2012


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

buddy of mine wrote this:

https://sites.google.com/site/securitycuisine/recipes/recipe-index/ipblocker-lab/ip-blocker-home

they use it for that kinda thing, for RT you'd need to write yourself an action script from the Blocks queue (should be easy to do, even though it's in python). Even if it doesn't fit your environment, the process and ideas should help you figure out how to write it yourself.

<shameless plug>
http://code.google.com/p/collective-intelligence-framework/
</shameless plug>

might help you to, very easy to integrate with RT(+IR), in similar ways (generating feeds for blocks, etc).

hth,

On Feb 4, 2012, at 8:28 AM, Zahra Shamsi Sarbandi wrote:

> I want to know any command for remedy an attack in the network that is
> generated by a response team, how could be convert to commands that be
> compatible with any router and switch in the network.
> I will appreciate if you could introduce me any article or website
> that help me to convert commands to compatible commands with any
> router and switch.

- --
Wes
claimid.com/wesyoung
soc at ren-isac.net

-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.16 (Darwin)

iEYEARECAAYFAk8tPLQACgkQKezpZd226UarBgCcCsvSIQviBZrZt4XMkcCq9EYo
LDMAoIUjYZ/KfEzr8B1O2dxBdFzz9KXg
=VmJs
-----END PGP SIGNATURE-----


More information about the Rtir mailing list