Joe Holden wrote: [ ... ] > I'm looking at creating an intrusion detection system, similiar to > portsentry, however using bpf/tcpdump to monitor all traffic, without > needing to listen on those ports, it will be run on a border router, and > as such will need to check for incoming packets destined for other > machines too, and blackhole/add ipfw rules as needed. Are there any > tools like this currently available, or a number of tools I can put > together to create something like this?
Check out /usr/ports/net/honeyd and the Honeynet project... -- -Chuck _______________________________________________ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "[EMAIL PROTECTED]"
