Donatas (donatas) writes:
> I wonder if there's any person who did some scripting like
> application layer analysis with network sniffer (like tcpdump) + apropriate
> firewall rule generation(like statefull ipfw rules) ?
You mean this ?
http://www.hsc.fr/ressources/outils/nstreams/
Nstreams is a program which analyzes the streams that occur on a
network. It displays which streams are generated by the users between
several networks, and between the networks and the outside. It can
optionally generate the ipchains or ipfw rules that will match these
streams, thus only allowing what is required for the users, and nothing
more.
Nstreams can parse the tcpdump output, or the files generated
with the -w option of tcpdump. It can also directly sniff
the data that occurs on the network.
This product was designed by HSC and coded by Renaud Deraison
([EMAIL PROTECTED]), author of the Nessus software.
It is available for free under GNU license.
_______________________________________________
freebsd-net@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
