Date: Thu, 27 Sep 2001 00:09:58 +0200 From: "Karl M. Joch" <k.joch@kmjeuro.com> To: "Laurent Fabre" <fabre@matranet.com>, "Will Andrews" <will@physics.purdue.edu> Cc: "FreeBSD Security" <security@freebsd.org> Subject: Re: LaBrea for BSD? Message-ID: <006e01c146d7$fff4f0c0$0a05a8c0@ooe.kmjeuro.com> References: <20010924162750.24311@shalmaneser.thelbane.com> <4.3.2.7.2.20010925105333.04794430@localhost> <200109261355.PAA27232@malraux.matranet.com> <200109261414.QAA28606@malraux.matranet.com>
next in thread | previous in thread | raw e-mail | index | archive | help
----- Original Message ----- From: "Laurent Fabre" <fabre@matranet.com> To: "Will Andrews" <will@physics.purdue.edu> Cc: "FreeBSD Security" <security@FreeBSD.ORG> Sent: Wednesday, September 26, 2001 4:18 PM Subject: Re: LaBrea for BSD? > Will Andrews wrote: > > On Tue, Sep 25, 2001 at 10:54:37AM -0600, Brett Glass (brett@lariat.org) wrote: > > > >>It would be MUCH better to rewrite it rather than port it. The authors > >>have stamped the GPL on it. The last thing we need (IMHO) is to > >>spread one virus while attempting to catch another! > >> > > > > It would be MUCH better to stop using Windows than to spout > > nonsense like this. > > > > > > This discussion is off-topic. > > I'm writing a new version of it because i think this little > piece of code is a good idea but it also lacks features. > I want to be able to emulate stacks behaviors on a OS basis > and try to speed up a bit the capturing process. > If u got other things in mind let's discuss them. > if i would be able to rewrite this i would add one feature for systems only having 1 IP from their provider. eg. i have lots of systems at customers on a adsl or leased line base having 1 ip and running only ipfw/nat + maybe a mail server or ssh. it would be great to have a file like the ExcludeFiles in LaBrea to define ports which are to take care of. so if one tries to access eg. 23,21,3128.... it should start working. this would give people with only 1 ip the possibility to run it too. but that are just my 2 cents. Karl > > > -- > #--------------------------------------------# > # Laurent Fabre # > # fabre@matranet.com # /\ ASCII ribbon > # EADS, Matranet Product Group # \/ campaign > # # /\ against > # "foreach if-diff, # / \ HTML email > # you need to re-make world...." # > #--------------------------------------------# > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?006e01c146d7$fff4f0c0$0a05a8c0>