Date: Thu, 27 Sep 2001 23:25:34 -0400 From: Mike Tancsa <mike@sentex.net> To: security@freebsd.org Subject: inspecting data with ipfw (ala hogwash) Message-ID: <5.1.0.14.0.20010927231534.036396f0@192.168.0.12>
next in thread | raw e-mail | index | archive | help
Does anyone know of any patches similar in function to what hogwash does ? (http://hogwash.sourceforge.net). Basically something to deny packets based on the content of the packets. With the latest iptables on LINUX, you can now do matching on data portion as well. Something like ipfw add 666 deny log tcp from any to me 80 data "*scripts/cmd.exe*" ? would be what I am after ---Mike -------------------------------------------------------------------- Mike Tancsa, tel +1 519 651 3400 Sentex Communications, mike@sentex.net Providing Internet since 1994 www.sentex.net Cambridge, Ontario Canada www.sentex.net/mike To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5.1.0.14.0.20010927231534.036396f0>