From owner-freebsd-security@FreeBSD.ORG Wed Feb 25 02:22:17 2004 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 2E77416A4CF for ; Wed, 25 Feb 2004 02:22:17 -0800 (PST) Received: from orhi.sarenet.es (orhi.sarenet.es [192.148.167.5]) by mx1.FreeBSD.org (Postfix) with ESMTP id BF66E43D1F for ; Wed, 25 Feb 2004 02:22:16 -0800 (PST) (envelope-from borjamar@sarenet.es) Received: from [172.16.1.9] (izaro.sarenet.es [192.148.167.11]) by orhi.sarenet.es (Postfix) with ESMTP id 283707A354C for ; Wed, 25 Feb 2004 11:22:15 +0100 (MET) Mime-Version: 1.0 (Apple Message framework v612) In-Reply-To: <20040224170735.305df436.c.prevotaux@hexanet.fr> References: <20040224170735.305df436.c.prevotaux@hexanet.fr> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Message-Id: <7BB83E65-677C-11D8-ABA5-000393C94468@sarenet.es> Content-Transfer-Encoding: quoted-printable From: Borja Marcos Date: Wed, 25 Feb 2004 11:22:15 +0100 To: freebsd-security@freebsd.org X-Mailer: Apple Mail (2.612) Subject: Re: improve ipfw rules X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 25 Feb 2004 10:22:17 -0000 > It is my hope that someday someone will step in and implement a = similar > system under FreeBSD. But i think it requires quite a lot of work and=20= > possibly > major rebuilding of ipfw if it needs to be integrated (which would be=20= > great) =BFPerhaps Snort with Flexresp? It should be able to close a = connection=20 upon detection of a signature. Borja.