Date: Sat, 18 Aug 2001 03:56:35 +0800 From: "Rino Mardo" <rmardo@yahoo.com> To: "Dave" <dave@reason.za.org> Cc: <freebsd-questions@freebsd.org> Subject: Re: IDS Message-ID: <010e01c12758$1e22ffa0$57a145ca@rino> References: <001f01c1274e$cdc8b620$3400a8c0@mandy>
next in thread | previous in thread | raw e-mail | index | archive | help
check whitehat.com as they have some nifty tools there to help you analyse/act on snort's output. it is made for Unix. :-) Rino ----- Original Message ----- From: Dave <dave@reason.za.org> To: <freebsd-security@FreeBSD.org>; <freebsd-questions@FreeBSD.org> Sent: Saturday, August 18, 2001 2:59 AM Subject: IDS > Hello, > I have been using snort for some time now and I stumbled across a > program named Hogwash (http://hogwash.sourceforge.org) which uses the snort > base to detect possible intrusion, but then DROPS the packet if it matches a > ruleset. E.g. Code red can just be dropped instead of blocking port 80. > > This seems like a very good idea to me however hogwash is a linux program. > Can anyone perhaps recommend another program and/or method to do this. > > Thanks in advance, > --Dave. _________________________________________________________ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?010e01c12758$1e22ffa0$57a145ca>