Snort may also be of interest here.
>
> You can do it using open-source software as "Bro" (http://bro-ids.org),
> it's an open-source, Unix-based Network Intrusion Detection
> System (NIDS) that passively monitors network traffic and looks for
> suspicious activity.
> "Bro" has the "DPD" (d
Thanks a lot jean-philippe !
Will give it a try immediately.
Regards
Srikant Tangirala.
On Fri, 9 May 2008 10:40:18 +0530
"Srikant Tangirala" <[EMAIL PROTECTED]> wrote:
> Hello All
>
> there some way to ensure that traffic to port 53
> is in fact not from a program like iodine and what
> goes to port 80 is only HTTP/HTTPS, and so on
> for all the common protocols? With my little bit
On 08-05-09 08.25, Reyk Floeter wrote:
On Fri, May 09, 2008 at 10:40:18AM +0530, Srikant Tangirala wrote:
for all the common protocols? With my little bit
of knowledge what I figure is that we need some
piece of software(s) which understands each protocol
thoroughly, can look at raw packets in r
On Fri, May 09, 2008 at 12:23:47PM +0530, Srikant Tangirala wrote:
> Thanks for such a prompt reply.
>
> I will not use Linux even if you pay me. It has been OpenBSD
> for me for past three years and it will remain so as long as
> OpenBSD remains what it stands for.
>
heh, i like your answer ;)
Thanks for such a prompt reply.
I will not use Linux even if you pay me. It has been OpenBSD
for me for past three years and it will remain so as long as
OpenBSD remains what it stands for.
That aside, see, I have used this tool called ourmon successfully
on OpenBSD to detect P2P traffic and bloc
On Fri, May 09, 2008 at 10:40:18AM +0530, Srikant Tangirala wrote:
> for all the common protocols? With my little bit
> of knowledge what I figure is that we need some
> piece of software(s) which understands each protocol
> thoroughly, can look at raw packets in real-time
> and detect the protocol
On Fri, May 09, 2008 at 10:40:18AM +0530, Srikant Tangirala wrote:
> let pf know what to filter and what not? So, is
> there some way to ensure that traffic to port 53
> is in fact not from a program like iodine and what
> goes to port 80 is only HTTP/HTTPS, and so on
> for all the common protocol
Hello All
Since many of standard services can be made to
listen on any port on the server side, and proxies
with custom configuration can be used in cases
otherwise, how effective is a firewall if it blocks
based on standard service ports? Is there a way
in which the application protocols being us
9 matches
Mail list logo
