check out Hogwash at http://hogwash.sourceforge.net/ never tried it, but it is a nice idea.
* - * - * Tzahi Fadida [EMAIL PROTECTED] Technion Email: [EMAIL PROTECTED] * - * - * - * - * - * - * - * - * - * WARNING TO SPAMMERS: see at http://members.lycos.co.uk/my2nis/spamwarning.html > -----Original Message----- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Mycroft > Sent: Tuesday, July 01, 2003 1:14 AM > To: [EMAIL PROTECTED] > Subject: Snort - iptables addon > > > Hello, > Have anyone heard of/used an snort add-on that could manage iptables firewall > in responce to a specific network events...like portscans or DOS attacks? > I know once it's detected, snort is capable of blocking it, but i was looking > for more low-level approach to this issue, stopping the packets cold on IP > level. I know i can use psad for such things, but again, i am looking for an > add-on, not a second IDS...which i would have to cripple in order to let them > live together. Googling for an answer doesn't help much. > -- > Sincerely Yours, > Vasiliev Michael > > NP: XMMS is not loaded. > > > ================================================================= > To unsubscribe, send mail to [EMAIL PROTECTED] with > the word "unsubscribe" in the message body, e.g., run the command > echo unsubscribe | mail [EMAIL PROTECTED] > > > > ================================================================= To unsubscribe, send mail to [EMAIL PROTECTED] with the word "unsubscribe" in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
