Hi
Any plans for HoneyD in pfsense?
Chris
Feel free to write a package for it.
-Original Message-
From: christiaan [mailto:[EMAIL PROTECTED]
Sent: Wednesday, September 21, 2005 5:27 AM
To: discussion@pfsense.com
Subject: [pfSense-discussion] HoneyD
Hi
Any plans for HoneyD in pfsense?
Chris
Gary Buckmaster wrote:
Feel free to write a package for it.
-Original Message-
From: christiaan [mailto:[EMAIL PROTECTED]
Sent: Wednesday, September 21, 2005 5:27 AM
To: discussion@pfsense.com
Subject: [pfSense-discussion] HoneyD
Hi
Any plans for HoneyD in pfsense?
Chris
I
FreeBSD ports don't include pfSense gui code. A pfSense package will
need to be written and at this time it will need to be written by
someone other than the core dev team. We're not adding any further
functionality until after the first release.
--Bill
On 9/21/05, christiaan [EMAIL PROTECTED]
Would it be feasible to add payload inspection to pfSense after its first
release?
(FYI: I don't know how to code, but I am trying to teach myself)
I do not know of any layer 7 stuff for the BSD's besides the usual snort, etc.
Scott
On 9/21/05, A Rossi [EMAIL PROTECTED] wrote:
Would it be feasible to add payload inspection to pfSense after its first
release?
(FYI: I don't know how to code, but I am trying to teach myself)
Everyone break out the pitch-forks and fire! There's gonna be a
lynching for cross-posters!
Scott
On 9/21/05, Greg Hennessy [EMAIL PROTECTED] wrote:
Nice thread here:
http://thread.gmane.org/gmane.os.freebsd.devel.pf4freebsd/952
The OP in that thread wasn't the sharpest knife in the
On 9/21/05, Chris Buechler [EMAIL PROTECTED] wrote:
[...]In the open source world, iptables has the ability to basically run aregexp on payloads, but it's a stupid thing to do and isn't secure.Nice thread here:
http://thread.gmane.org/gmane.os.freebsd.devel.pf4freebsd/952
...mmh, I think he was
As has
been mentioned previously on this thread, this kind of "inspection" is simply a
series of regex comparisons compared on the payload data. This can be a
real performance hog atbest and extremely insecure at worst. Aside
from a marketing bullet point, this isn't a terribly practical or
I was thinking of payload inspection as a way to check to see if the payload
contains requested data (like HTML, or mp3 or whatever the user is
downloading) to make sure that it doesn't contain infected data (with a worm
or such) that is piggybacking on legitimate data.
- Original Message
10 matches
Mail list logo