From owner-freebsd-questions  Sat Aug 18 11:33: 8 2001
Delivered-To: freebsd-questions@freebsd.org
Received: from shumai.marcuscom.com (rdu26-228-058.nc.rr.com [66.26.228.58])
	by hub.freebsd.org (Postfix) with ESMTP
	id E0B8537B403; Sat, 18 Aug 2001 11:33:00 -0700 (PDT)
	(envelope-from marcus@marcuscom.com)
Received: from localhost (marcus@localhost)
	by shumai.marcuscom.com (8.11.3/8.11.3) with ESMTP id f7IIWf767879;
	Sat, 18 Aug 2001 14:32:41 -0400 (EDT)
	(envelope-from marcus@marcuscom.com)
X-Authentication-Warning: shumai.marcuscom.com: marcus owned process doing -bs
Date: Sat, 18 Aug 2001 14:32:41 -0400 (EDT)
From: Joe Clarke <marcus@marcuscom.com>
To: John Galt <galt@inconnu.isu.edu>
Cc: Dave <dave@reason.za.org>, <freebsd-security@FreeBSD.ORG>,
	<freebsd-questions@FreeBSD.ORG>,
	<hogwash-users@lists.sourceforge.net>
Subject: Re: IDS
In-Reply-To: <Pine.LNX.4.33.0108172252040.6229-100000@inconnu.isu.edu>
Message-ID: <20010818143216.F67826-100000@shumai.marcuscom.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-questions.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-questions>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-questions>
X-Loop: FreeBSD.ORG

I would be happy to put a FreeBSD port together if people want it.  I
think this would be a useful application.

Joe Clarke

On Fri, 17 Aug 2001, John Galt wrote:

>
> We DO have a -users list, and we ARE trying to go with the BSD setup, it's
> just our main author is more comfortable with Linux.  However, I believe
> that we should have a FreeBSD test box RSN (4.3R), as we have two people
> working on getting one up: one'll be up within a week.  Pity :( I was
> waiting until FreeBSD 4.4 came out to get the box in question up: looks
> like a cvsup/make world...
>
> On Fri, 17 Aug 2001, Joe Clarke wrote:
>
> >You can certainly get hogwash to compile on FreeBSD.  I just did it.  Let
> >me know if you have questions on the build.
> >
> >Joe Clarke
> >
> >On Fri, 17 Aug 2001, Dave wrote:
> >
> >> Hello,
> >>     I have been using snort for some time now and I stumbled across a
> >> program named Hogwash (http://hogwash.sourceforge.org) which uses the snort
> >> base to detect possible intrusion, but then DROPS the packet if it matches a
> >> ruleset. E.g. Code red can just be dropped instead of blocking port 80.
> >>
> >> This seems like a very good idea to me however hogwash is a linux program.
> >> Can anyone perhaps recommend another program and/or method to do this.
> >>
> >> Thanks in advance,
> >> --Dave.
> >>
> >>
> >>
> >>
> >> To Unsubscribe: send mail to majordomo@FreeBSD.org
> >> with "unsubscribe freebsd-questions" in the body of the message
> >>
> >>
> >
> >
> >To Unsubscribe: send mail to majordomo@FreeBSD.org
> >with "unsubscribe freebsd-questions" in the body of the message
> >
>
> --
> The Internet must be a medium for it is neither Rare nor Well done!
> <a href="mailto:galt@inconnu.isu.edu">John Galt </a>
>
>
>


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message