El miÃ, 25 de 08 de 2004 a las 18:52, Cedric Blancher escribiÃ: > Le mer 25/08/2004 Ã 18:47, stu a Ãcrit : > > Does anyone know of any Intrusion Presion Systems for iptables / linux. > > Deep packet inspection. > > I need to interigate traffic for specific's, such as worms, viruses, etc. > > See Snort Inline at http://snort-inline.sourceforge.net/. > > All packets are sent to Snort for ruleset based analysis filtering. And it works better if you only send to snort-inline the packets you are going to accept, using the QUEUE target with iptables. -- Jose Maria Lopez Hernandez Director Tecnico de bgSEC jkerouac@xxxxxxxxx bgSEC Seguridad y Consultoria de Sistemas Informaticos http://www.bgsec.com ESPAÃA The only people for me are the mad ones -- the ones who are mad to live, mad to talk, mad to be saved, desirous of everything at the same time, the ones who never yawn or say a commonplace thing, but burn, burn, burn like fabulous yellow Roman candles. -- Jack Kerouac, "On the Road"
