Re: (no subject)
- From: Chuck Swiger <cswiger@xxxxxxx>
- Date: Thu, 16 Feb 2006 19:06:46 -0500
Joe Holden wrote:
[ ... ]
I'm looking at creating an intrusion detection system, similiar to
portsentry, however using bpf/tcpdump to monitor all traffic, without
needing to listen on those ports, it will be run on a border router, and
as such will need to check for incoming packets destined for other
machines too, and blackhole/add ipfw rules as needed. Are there any
tools like this currently available, or a number of tools I can put
together to create something like this?
Check out /usr/ports/net/honeyd and the Honeynet project...
--
-Chuck
_______________________________________________
freebsd-net@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "freebsd-net-unsubscribe@xxxxxxxxxxx"
- References:
- (no subject)
- From: Joe Holden
- (no subject)
- Prev by Date: Re: hosts.allow default behaviour: IPv6 on its own lines
- Next by Date: ATH max packet size?
- Previous by thread: (no subject)
- Next by thread: ATH max packet size?
- Index(es):
Relevant Pages
|
