Joe Holden wrote:
[ ... ]
> I'm looking at creating an intrusion detection system, similiar to
> portsentry, however using bpf/tcpdump to monitor all traffic, without
> needing to listen on those ports, it will be run on a border router, and
> as such will need to check for incoming packets destined for other
> machines too, and blackhole/add ipfw rules as needed.  Are there any
> tools like this currently available, or a number of tools I can put
> together to create something like this?

Check out /usr/ports/net/honeyd and the Honeynet project...

-- 
-Chuck
_______________________________________________
freebsd-net@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Reply via email to