Date: Thu, 16 Feb 2006 19:06:46 -0500 From: Chuck Swiger <cswiger@mac.com> To: joe@joeholden.co.uk Cc: freebsd-isp@freebsd.org, freebsd-net@freebsd.org Subject: Re: (no subject) Message-ID: <43F51396.5000302@mac.com> In-Reply-To: <43F4EB72.5090702@joeholden.co.uk> References: <43F4EB72.5090702@joeholden.co.uk>
next in thread | previous in thread | raw e-mail | index | archive | help
Joe Holden wrote: [ ... ] > I'm looking at creating an intrusion detection system, similiar to > portsentry, however using bpf/tcpdump to monitor all traffic, without > needing to listen on those ports, it will be run on a border router, and > as such will need to check for incoming packets destined for other > machines too, and blackhole/add ipfw rules as needed. Are there any > tools like this currently available, or a number of tools I can put > together to create something like this? Check out /usr/ports/net/honeyd and the Honeynet project... -- -Chuck
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?43F51396.5000302>