Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 16 Feb 2006 19:06:46 -0500
From:      Chuck Swiger <cswiger@mac.com>
To:        joe@joeholden.co.uk
Cc:        freebsd-isp@freebsd.org, freebsd-net@freebsd.org
Subject:   Re: (no subject)
Message-ID:  <43F51396.5000302@mac.com>
In-Reply-To: <43F4EB72.5090702@joeholden.co.uk>
References:  <43F4EB72.5090702@joeholden.co.uk>

next in thread | previous in thread | raw e-mail | index | archive | help
Joe Holden wrote:
[ ... ]
> I'm looking at creating an intrusion detection system, similiar to
> portsentry, however using bpf/tcpdump to monitor all traffic, without
> needing to listen on those ports, it will be run on a border router, and
> as such will need to check for incoming packets destined for other
> machines too, and blackhole/add ipfw rules as needed.  Are there any
> tools like this currently available, or a number of tools I can put
> together to create something like this?

Check out /usr/ports/net/honeyd and the Honeynet project...

-- 
-Chuck



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?43F51396.5000302>