I definitely like the BSD idea. I would be interested in assisting a BSD something or other.
I have also worked with snort on FreeBSD. I would also be willing to share my experiences with snort. But there really isn't much to it. You install it, customize the rules, and then just follow up on the alerts to prevent security breaches or improve your network. In fact, I'm in the process of recovering from a network issue that was exposed through snort. I had some strange alerts, which indicated a network breach. I found that my FreeBSD system (with snort, acid, and apache) was frantically sending tcp packets with the Reset flag set. A tcpdump yielded a source address of 127.0.0.1:80. This was rather shocking since my rules firewall rules (which were also running on this system) specifically blocked any traffic on 127.0.0.0/8 for anti-spoofing reasons. After some digging, I found that every-so-often apache would core dump, but its worker processes would remain running. Super weird. Needless to say, I uninstalled apache immediately. Upon trying to the latest version of apache, I picked up a few strange dependency errors. So at this point, I'm proceeding with caution. Well, sorry for the digression and back to the topic at hand. I would be willing to do a co-presentation of something in the FreeBSD realm if the dates would work out. I know that I'm unavailable the first two weekends in July. How do we feel about a gathering on the third Saturday of July? (July 17, 2004)? Matthew Lee Cottonwood, MN -----Original Message----- From: Ryan Patterson [mailto:[EMAIL PROTECTED] Sent: Tuesday, June 29, 2004 2:50 PM To: [EMAIL PROTECTED] Subject: Re: [sclug-generallist] Next Meeting: When, Where, What, Who = "everyone" I'd definitely be interested to see what everyone else is using Postfix for. I use it at my place of work (in a load balanced HA configuration) as Internet relays and I can safely say, I like it. Might be nice to see a little something about a BSD. I'd be willing to help put something like that together but right now I don't have the time to do it all myself. Anyone that would like to collaborate, let me know, I'm more than willing to help. -Ryan
