I'd suggest you look at Snort. >From the sound of it, you want to firewall, but you also want some Intrusion Detection. That would be Snort.
I've never worried about L7, so I can't really answer you on that. Google suggested to me that there is a strings patch out which is fairly new, but MIGHT provide this for you. I didn't follow the thread though, to be honest. Kev. ----- Original Message ----- From: "Richard Jenniss" <[EMAIL PROTECTED]> To: "CLUG" <[EMAIL PROTECTED]> Sent: Tuesday, October 01, 2002 12:38 AM Subject: (clug-talk) Fw: Firewall, and monitoring > What do people use for firewalls on Linux. > > I know of IPTables. Anything else to provide protection up to layer 7 ? > > Any utilities for active monitoring and logging, for example, port scans? > > Any way to dynamicly configure iptables in such an event if 6 or so different ports are scanned within a certain time, all ports are shut off to that IP ? > >
