From owner-freebsd-net@FreeBSD.ORG Thu Feb 16 21:15:41 2006 Return-Path: <owner-freebsd-net@FreeBSD.ORG> X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id D8A7816A420; Thu, 16 Feb 2006 21:15:41 +0000 (GMT) (envelope-from joe@joeholden.co.uk) Received: from elise.rewt.org.uk (elise.rewt.org.uk [82.152.108.146]) by mx1.FreeBSD.org (Postfix) with ESMTP id A8F0543D6B; Thu, 16 Feb 2006 21:15:37 +0000 (GMT) (envelope-from joe@joeholden.co.uk) Received: from [82.152.108.166] (im.a.raver.not.a.fucking.drug-addict.be [82.152.108.166]) (authenticated bits=0) by elise.rewt.org.uk (8.13.5/8.13.4) with ESMTP id k1GLFdH2011193 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Thu, 16 Feb 2006 21:15:39 GMT (envelope-from joe@joeholden.co.uk) Message-ID: <43F4EB72.5090702@joeholden.co.uk> Date: Thu, 16 Feb 2006 21:15:30 +0000 From: Joe Holden <joe@joeholden.co.uk> User-Agent: Thunderbird 1.5 (Windows/20051201) MIME-Version: 1.0 To: freebsd-isp@freebsd.org, freebsd-net@freebsd.org X-Enigmail-Version: 0.94.0.0 OpenPGP: id=13A6D1E7; url=http://www.joeholden.co.uk/pubkey.asc Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="------------enig44DD52E44DE515495371D51B" Cc: Subject: (no subject) X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: joe@joeholden.co.uk List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org> List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>, <mailto:freebsd-net-request@freebsd.org?subject=unsubscribe> List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net> List-Post: <mailto:freebsd-net@freebsd.org> List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help> List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>, <mailto:freebsd-net-request@freebsd.org?subject=subscribe> X-List-Received-Date: Thu, 16 Feb 2006 21:15:42 -0000 This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enig44DD52E44DE515495371D51B Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: quoted-printable Hello list! Sorry for posting this to both, however I wasn't sure which it applied to= =2E I'm looking at creating an intrusion detection system, similiar to=20 portsentry, however using bpf/tcpdump to monitor all traffic, without=20 needing to listen on those ports, it will be run on a border router, and = as such will need to check for incoming packets destined for other=20 machines too, and blackhole/add ipfw rules as needed. Are there any=20 tools like this currently available, or a number of tools I can put=20 together to create something like this? --=20 With thanks, Joe Holden Freelance Network Engineer / Consultant FreeBSD Port Maintainer http://www.joeholden.co.uk Pub Key: http://www.joeholden.co.uk/pubkey.asc Contact: Finger me! --------------enig44DD52E44DE515495371D51B Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFD9OtydQJXshOm0ecRAtNuAKCWBQK2J0/zq4GwlfgkzQlwPH16OQCffgxx XU9/nQjToqZTgL2W9kxCOXs= =HG5Q -----END PGP SIGNATURE----- --------------enig44DD52E44DE515495371D51B--