Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 6 Oct 2005 14:04:34 -0400
From:      Bob Johnson <fbsdlists@gmail.com>
To:        jmulkerin <jmulkerin@comcast.net>
Cc:        bobo1009@mailtest2.eng.ufl.edu, freebsd-questions@freebsd.org
Subject:   Re: IPFW logging and dynamic rules
Message-ID:  <54db43990510061104j11261ac4yb99ca7c742e0e4f2@mail.gmail.com>
In-Reply-To: <4343D5CE.4040908@comcast.net>
References:  <54db439905092908455157e6a3@mail.gmail.com> <20051005085848.GA807@Alex.lan> <4343D5CE.4040908@comcast.net>

next in thread | previous in thread | raw e-mail | index | archive | help
On 10/5/05, jmulkerin <jmulkerin@comcast.net> wrote:
> How about using snort and guardian.    Guardian.pl will add a ipfw rule
> each time it sees an alert from Snort.  You'll need to adjust the snort
> rules for what you want to alert on but its a pretty safe and
> lightweight asset. (just my novice 2 cents...)
>

Thanks, I'll look at Guardian.  I had not planned to get that
sophisticated about it, but even if I don't use it on this system, I
have others where it may be just what I need.

- Bob



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?54db43990510061104j11261ac4yb99ca7c742e0e4f2>