(no subject)
Chuck Swiger
cswiger at mac.com
Thu Feb 16 16:07:00 PST 2006
Joe Holden wrote:
[ ... ]
> I'm looking at creating an intrusion detection system, similiar to
> portsentry, however using bpf/tcpdump to monitor all traffic, without
> needing to listen on those ports, it will be run on a border router, and
> as such will need to check for incoming packets destined for other
> machines too, and blackhole/add ipfw rules as needed. Are there any
> tools like this currently available, or a number of tools I can put
> together to create something like this?
Check out /usr/ports/net/honeyd and the Honeynet project...
--
-Chuck
More information about the freebsd-net
mailing list