Re: OT - rule based system for a fire wall

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



El vie, 15 de 10 de 2004 a las 18:16, Ishwar Rattan escribiÃ:
> It is a little off-topic but some one here may
> know something about.
> 
> I have seen an idea being floated:
> 
> - A firewall uses a set of rules to filter packets (a fact)
> 
> - Proposal: possibility of desigaingn a rule based system
>   (call it rule-system) that will insert correct rules in the
>   firewall (sounds ambiguous)
> 

Maybe what your are looking for it's something like guardian
that uses snort to insert the proper rules into iptables when
it detects an attack.

> - Is there such a thing out there? if the propser won't
>   part with any more details, what kind of gusses can be
>   made?
> 
>   1. Rule-system can interact with a user and then insert
>      rules in the firewall -- I think this has already been
>      accomplished??
> 
>   2. Rule-system could look at logged information (firewall
>      logs) and come up with better/new rules?
> 
>   3. Is there any other facet/issue that I am missing here..
> 
> It still bugs me to think of a rule-system that will insert
> rules into another rule based system :-|
> 
> Any feedback will be appreciated.
> 
> -ishwar

-- 
Jose Maria Lopez Hernandez
Director Tecnico de bgSEC
jkerouac@xxxxxxxxx
bgSEC Seguridad y Consultoria de Sistemas Informaticos
http://www.bgsec.com
ESPAÃA

The only people for me are the mad ones -- the ones who are mad to live,
mad to talk, mad to be saved, desirous of everything at the same time,
the ones who never yawn or say a commonplace thing, but burn, burn, burn
like fabulous yellow Roman candles.
                -- Jack Kerouac, "On the Road"




[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux