-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Volker Tanger said:
> ...which is the official license to shoot yourself into the foot. What > happens if I send you a forged, suspicious packet with source-IP equal > to the IP address of your gateway router, your DNS server, your internal > system(s), ... > I think that if you implement some good whitelists, the problem does not exist. There's a plugin (or something like this) in snort that works in a similar way. I don't know if someone is interested, but i started a new project of a mdids on Sourceforge. I post the project proposal to Sourceforge: Project Descriptive Name: Astu mdids Project UNIX Name: astu Project Description: Multiplatform distributed intrusion detection system Registration Description: The project should be a distributed intrusion detection system. It should be composed by a central server which communicates securely with satellites on the perimeter of the lan. The central server shuold admin all the sensors (changing dinamically firewall rules) and receive all the alerts, and manage them by filtering and sending them by mail, sms, or print. The server itself is managed by a web interface. The perimetral sensors should be firstly based on snort engine, but the goal of the project is to provide a fully centralized system which can operate with various oss and technologies (firewalls, etc.). It shuold be interesting to develop Windows sensors, which few idss implement, but important in a real mutiplatform lan. License: GNU General Public License (GPL) The project has been approved, and i have found lots of people interested in it. We're going start it in the next few weeks... If you're interested please reply me. I'm a debian user, so it would be nice to develop it for deb. Bye PS: please forgive me if I am too OT - -- Lucius in fabula - --www.lucius.it-- Open PGPKey: www.lucius.it/lucius.asc -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.2 (GNU/Linux) iQEVAwUBPwGdvRPJoalLltY2AQL21Qf/Ux0UNyt/VC/kAO8UFSWQYGPffHTUVBu2 aKsc1CIl3Cp/UStwyreCe5mJor5+xp66Ap1pih3EXxJssfC/jXOszw9GCmuf3L+3 EuQOFwtpXK1OSwHNYyJSSb2+3+HvtTZRjvEpRXtRnGEVvNnVRI07pbFme/8Bt7z7 v8CBXtZngQJY62DCKpsLX/65FUuiQBpV1q5yauj2hBWWO7TMMD/mn3XTsUgpsRLM g35WrADSnsSim47pz8qIeGpJWJOmJAMGhT1kNJhabV+vJuN51Z3CnO2p+P4WKkEG /20pyhBN7X9oDprV1aPKwRuWQKrcLrHl1+rTjTorHDFYLiQZM996wQ== =j0YF -----END PGP SIGNATURE----- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
